#ParsedReport #CompletenessHigh 28-03-2026 The Certificate Decoding Illusion: How Blank Grabber Stealer Hides Its Loader https://www.splunk.com/en_us/blog/security/blankgrabber-trojan-stealer-analysis-detection.html Report completeness: High Threats: Blankgrabber Xworm_rat Uac_bypass_technique Ngrok_tool Victims: Microsoft windows users, Gaming platforms, Communication platforms, Cryptocurrency wallet users, Browser users Industry: Entertainment, Financial TTPs: Tactics: 5 Technics: 16 IOCs: Domain: 1 File: 29 Command: 2 Hash: 1 Soft: PyInstaller, Windows DNS Query, Telegram, Instagram, Discord, Chromium, Firefox, Windows Defender, Roblox, Steam, have more... Wallets: zcash, exodus_wallet, electrum Crypto: ethereum Algorithms: aes, zip, sha256, aes-gcm, base64, aes-ctr Functions: RemoveDefinitions Languages: python, rust, powershell Platforms: x86 Links: https://github.com/splunk/attack\_data/