Derp.ca
← All malware

405f203d6b57466b368567ad4ea960137923af9fa5048a47238b1327012c52a6

Live Scan Result: Tria.ge
Score
10/10

Threat Level

Known Bad

Malware Families
BlankgrabberXworm

Last Seen Mar 1, 2026

TrojanRatStealerSpywareCollectionCredential AccessDefense EvasionDiscoveryExecutionPersistencePrivilege EscalationPyinstallerThemidaUpx

MITRE Behavior Map

Execution (TA0002)

  • Scheduled Task (T1053.005)
  • PowerShell (T1059.001)

Persistence (TA0003)

  • Scheduled Task (T1053.005)
  • Netsh Helper DLL (T1546.007)
  • Registry Run Keys / Startup Folder (T1547.001)

Privilege Escalation (TA0004)

  • Scheduled Task (T1053.005)
  • Netsh Helper DLL (T1546.007)
  • Registry Run Keys / Startup Folder (T1547.001)

Defense Evasion (TA0005)

  • Command Obfuscation (T1027.010)
  • Modify Registry (T1112)
  • Virtualization/Sandbox Evasion (T1497)
  • Disable or Modify Tools (T1562.001)
  • Hidden Files and Directories (T1564.001)
  • Hidden Window (T1564.003)

Credential Access (TA0006)

  • Credentials In Files (T1552.001)
  • Credentials from Web Browsers (T1555.003)

Discovery (TA0007)

  • Query Registry (T1012)
  • Wi-Fi Discovery (T1016.002)
  • Process Discovery (T1057)
  • System Information Discovery (T1082)
  • Peripheral Device Discovery (T1120)
  • System Time Discovery (T1124)
  • Browser Information Discovery (T1217)
  • Virtualization/Sandbox Evasion (T1497)
  • System Language Discovery (T1614.001)

Collection (TA0009)

  • Data from Local System (T1005)
  • Clipboard Data (T1115)

Hostnames

2
  1. 1.smartcorporation.theworkpc.com
  2. 2.windowsupdate.loseyourip.com