MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e7f5353766d8d7034bc6d0d074e471b00cdc6bc2c8e0c7620a6dfc3cf3588572. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


BlankGrabber


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e7f5353766d8d7034bc6d0d074e471b00cdc6bc2c8e0c7620a6dfc3cf3588572
SHA3-384 hash: 686eb7ecc499d0ecdec3a44805bc4beade24e50d3bfa56bd226e778b1bd97a0e33602b9a8f328f96b7c1ba2bfcb1bc5e
SHA1 hash: decadf0d07331c3cb221663e84b8a6d541414a96
MD5 hash: 40b75d93d5cd7f886edf0731a8ef4974
humanhash: lion-tennis-white-xray
File name:aes.pyc_Decompiled.py
Download: download sample
Signature BlankGrabber
Create hunting rule
File size:28'989 bytes
First seen:2024-07-26 12:59:51 UTC
Last seen:Never
File type:
MIME type:text/x-script.python
ssdeep 768:O4pEhkq0LUvpxRsoL8j6mbWkXvaaDvVMDLoxCv7SJOygAyjCL:O4pekq0Gdsow/bWkfaUMgAOJDnL
TLSH T1C3D22AE5196B4DE5A383C4EB10C5E813AB39B527071C975977FDB7C4AF8A82842E6CC0
Reporter v9lu
Tags:BlankGrabber py


Avatar
v9lu
Decompiled aes.py (BlankGrabber-modified version of the original pyaes library file aes.py, with the AESModeOfOperationGCM method added)

Intelligence

File Origin
# of uploads :
1
# of downloads :
89
Origin country :
FR FR
Vendor Threat Intelligence
Verdict:
Clean
Score:
70%
Link:
https://cyber-fortress.com/docs/result/index.php?id=66a4da033ee5253b89e5cfad
Tags:
n/a
Verdict:
Unknown
Threat level:
  10/10
Confidence:
100%
Tags:
masquerade
Link:
https://www.filescan.io/uploads/66a39ddc3ba51bb345a3c0ad/reports/d9303514-aa03-46f5-b6e0-a3befde12a7b/overview
Result
Verdict:
MALICIOUS
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/e7f5353766d8d7034bc6d0d074e471b00cdc6bc2c8e0c7620a6dfc3cf3588572
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/e7f5353766d8d7034bc6d0d074e471b00cdc6bc2c8e0c7620a6dfc3cf3588572/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=472tkn3g3dlqgs6g2dihjzdrwagny26czdqmoyqknx6dz42yqvza._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/e7f5353766d8d7034bc6d0d074e471b00cdc6bc2c8e0c7620a6dfc3cf3588572

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

BlankGrabber

Executable exe 8249867be0345b8a6f352b87af61431511adef44df909d6089e83de45b842c0e

BlankGrabber

zip 648da2ae8bf6e14f281b3ec4bf036e3d422209bae12aaeafde83a6dab40e8874

BlankGrabber

e7f5353766d8d7034bc6d0d074e471b00cdc6bc2c8e0c7620a6dfc3cf3588572

(this sample)

BlankGrabber

192161662f04d3a37b55c2725140dba34f9ad72d11ac16edf17380ec524d0b2a

BlankGrabber

8cb26dfe675a52c1d8b3d5c0e14a69fcdcf9e09ade8df10b7df95cb127ce3e0f

BlankGrabber

78b67eb9acd376b86346214c7101abeecddacb9eebfa4b241c04ee0e0bc24c53

  
Dropped by
SHA256 648da2ae8bf6e14f281b3ec4bf036e3d422209bae12aaeafde83a6dab40e8874
  
Dropping
SHA256 78b67eb9acd376b86346214c7101abeecddacb9eebfa4b241c04ee0e0bc24c53
  
Dropping
MD5 c7b1d8fb6a7b8ac88cb5e253d0b1059c
  
Dropped by
MD5 057574422540bb970ea6f4c0ac7733e1

Comments