blankgrabber | 5e8c2408b4f28f275bf3fad412eeb877e5d430e4d9e9e2086b3eaaed1be2c6b5 | Triage

Submit
Reports

Overview

overview

Static

static

Releasev0....ro.exe

windows7-x64

7

Releasev0....ro.exe

windows10-2004-x64

8

Sharing

General

Target

Releasev0.21.0Macro.exe
Size

6.7MB
Sample

250209-m2jz1syjgs
MD5

97ecf1c42bdd41b552efab84abec311f
SHA1

d3c3761fc58c8661b1dd388bb48a10fff3e32bbc
SHA256

5e8c2408b4f28f275bf3fad412eeb877e5d430e4d9e9e2086b3eaaed1be2c6b5
SHA512

f359634c7bd2a73a1890e256bfd08b830d7eed25a45207af98ca208a975ba833dfbb7ddaaeb49fd1890ac8d64b6d886e0171f78a2c1a95326facb51b5a96ec08
SSDEEP

196608:7NrAELeywI6DOYbwtZVZibPpG2QdetVg6naEku0:xdC5BbeYbhG2QdOVnaER0

Score

10^/10

blankgrabber discovery execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Releasev0.21.0Macro.exe

Resource

win7-20241010-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

Releasev0.21.0Macro.exe

Resource

win10v2004-20250207-en

discovery execution upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Releasev0.21.0Macro.exe
- Size
  
  6.7MB
- MD5
  
  97ecf1c42bdd41b552efab84abec311f
- SHA1
  
  d3c3761fc58c8661b1dd388bb48a10fff3e32bbc
- SHA256
  
  5e8c2408b4f28f275bf3fad412eeb877e5d430e4d9e9e2086b3eaaed1be2c6b5
- SHA512
  
  f359634c7bd2a73a1890e256bfd08b830d7eed25a45207af98ca208a975ba833dfbb7ddaaeb49fd1890ac8d64b6d886e0171f78a2c1a95326facb51b5a96ec08
- SSDEEP
  
  196608:7NrAELeywI6DOYbwtZVZibPpG2QdetVg6naEku0:xdC5BbeYbhG2QdOVnaER0
Score

8^/10

upx discovery execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryexecutionupx

© 2018-2025

Terms | Privacy