Overview

overview

10

Static

static

10

ip_grabber_tool.exe

windows7-x64

7

ip_grabber_tool.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    30/03/2025, 00:01 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ip_grabber_tool.exe

  • Size

    17.6MB

  • MD5

    7e98ebec945f9642f13cdf6f980d1d48

  • SHA1

    f4b3e9e29c92a976f04681f8c66fbed903b85e38

  • SHA256

    1c08f0e46ac63d1443dfbbb1221dbf8c6b367688b0ccd8b07b3d6e024173e843

  • SHA512

    5c8d9f05a74c102d8cf4e57503a9d3b1641b370297901204e7c486f80b9dd0d677b186049f17afc8917b2dee6095cd6c0c32a7ea0d58b2b96da31914c71bc77b

  • SSDEEP

    393216:7qPnLFXlr7gQpDOETgsvfG7grCENjkvEYxmD/L0:OPLFXNEQoEsO/jd5DD

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ip_grabber_tool.exe
    "C:\Users\Admin\AppData\Local\Temp\ip_grabber_tool.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Users\Admin\AppData\Local\Temp\ip_grabber_tool.exe
      "C:\Users\Admin\AppData\Local\Temp\ip_grabber_tool.exe"
      2⤵
      • Loads dropped DLL
      PID:2288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI23122\python310.dll
    Filesize

    1.4MB

    MD5

    69d4f13fbaeee9b551c2d9a4a94d4458

    SHA1

    69540d8dfc0ee299a7ff6585018c7db0662aa629

    SHA256

    801317463bd116e603878c7c106093ba7db2bece11e691793e93065223fc7046

    SHA512

    8e632f141daf44bc470f8ee677c6f0fdcbcacbfce1472d928576bf7b9f91d6b76639d18e386d5e1c97e538a8fe19dd2d22ea47ae1acf138a0925e3c6dd156378

    Download Submit

  • memory/2288-113-0x000007FEF63E0000-0x000007FEF684E000-memory.dmp

    Filesize

    4.4MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.