Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Bloxstrap-...64.exe

windows7-x64

1

Bloxstrap-...64.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2023, 17:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bloxstrap-v2.3.0-x64.exe

  • Size

    6.6MB

  • MD5

    77e2e8d436cc140543b0c127b853737c

  • SHA1

    0016079fd0145ffb1368f5ec9747c5848c397a12

  • SHA256

    385f9ac853fcc9d165c8e9d6af751f2b9897da992e239d2f5be0177bafc0dcf8

  • SHA512

    3f65e142bed586783a5075c49714396cb033f360c3a78d4a516eeec66c3220a34cf6facb4b3748512fb82b7efc1da5306d360169686259d4739f8df9f17cde65

  • SSDEEP

    98304:did5DeAd5DaTsed5DfzEkmiLEiOYoHwfLk3vSmaR0+Mc4AN0edaAHDfysrTlb:dhseObAbN0I

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.3.0-x64.exe
    "C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.3.0-x64.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win7-x64&apphost_version=6.0.16&gui=true
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2216
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2816
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2080

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      33c701abc2b94e4380c6af582ea5089f

      SHA1

      e06ac51a9186401a7382c481578723da9118114b

      SHA256

      14dd00e96c56ba6b76fa633c5bf2afa904bf98a541c07fcd354597b52061a84b

      SHA512

      e155511321715658a1c8aa7a1e65437226bd7b6be70b54f76b2e37001910caf028420c65d367a0fcf5430de3ebd7123e0310baa75e0dee28680533d7e0d871ca

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      1b2764a4fb1004ec604a31bbd088d795

      SHA1

      743fd0f6682a7f564412d62bf26fff6be93ab04f

      SHA256

      ce079dfc126e1e0894036c258af97efe059244770b1fe7e8ee104a215b326d23

      SHA512

      32a984e0edd32e5edff901fbc7858e1fbe9a9d5dee6b7fbe7d83680fe838ad1535ebef814dd1af315541f83c81d713382db79f3562bd998af368e705a489ea4d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      411e6f78c1f048bf3f3d8c78e41f8826

      SHA1

      af96dfd85858d60af224a95b0aa2785fdeb5fec1

      SHA256

      dfdf25e6d226085cde3124018fe99e28db504b89b5c1a99c956a8fa1adbf6685

      SHA512

      c4602220225afc00554a29b347cca1b2d34e2f8f32494e86baa7a96b811f63fb35b40ecc9d38c6eadce15b18ff290bda500ff817d4f0f814f195e45e7240ad2b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      368de6e727b2825ff788af9b4193b64f

      SHA1

      e4425eaa7239de172d7d4e5d102e21246f2bf67e

      SHA256

      aa9e932a9149fd2fdb37d55f8daebed327e9e89fad25554edbf6b79f3fdab7a5

      SHA512

      a49c71b4103fa39751a8efe3460ef687f4997b24737aeec623297f9310a53d7c7545ecd48373ef41f8bcd800fb2acf9ff1fbab56b14c412faae2c7cb45cada7f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      269651f461f908815f0dbc6c451b57ce

      SHA1

      7f051bbecd829ec585eae10cfdafb743e62a903b

      SHA256

      e0c429a9a5f766c0d2dfd77cb9d2a505b01dfd29f8c893c14fb0bf33855d9555

      SHA512

      875ebf780f248820018f1e85d5250db3889065d0da979a1e0bd6694078a173351ab817b90a872ca4c8fbe23dcf45eb68973fdc64cba43f3d66343132edbf5267

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      ded11d76c5e14a5fa4dec84da265cc46

      SHA1

      7cb52183d7c8df51f1b69386416716a58cc0d232

      SHA256

      a26d4d1663e5c0304a10dfbb2eb17d7d7e6dea4b57f9b357c4614e499650e490

      SHA512

      512695f3e49209a6269e5261511cb8ef4be331169a5ab633104c7c77bd5caca2aa319c3325209ba10298386cf2bfb597b8318a78028e24a4fe6dcb7a63146bb0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      9bf55d6f1cc0ab4c34d63b891eb704c4

      SHA1

      d62a27d2071c76b55b653912bd3d6d210714c7f2

      SHA256

      3afc64cff2b1f952fb11c09c7190ef2b5a417a67537d404228ebca62cfc983d1

      SHA512

      b3ff1e01a669d1aba2d1678f29f5404f6be6c1153b14f27386b219b3bec79ae2e427a0a5d94a0af0ac92e4295a5f9724216058bed225f0f3924dbe418ecfb763

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      b39e65bb5f7c1efe83b7e8a1782f8c68

      SHA1

      947442b54ba16e2852f15a718d0d16e45f87d5dc

      SHA256

      3d6eabdf68210bfcb08dd867cd5e4c8ea208af44696a46e446732887bef06e0d

      SHA512

      3bf4e3824871f7906109bb180b635da44786f95071148d663bfd51dc3c9b5adef1cb0aba649b06d50078e54ae2f99d45c44990db775d706286513515179d5bd0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      2964dc330aafc93a34b8ac47c34fc4f1

      SHA1

      d551f87bcc684bdefb2afd5e51da8f165f23a69b

      SHA256

      e9ea89460dbabe584420275ddc18d6900c4013dfe43e4591de86fdbe958db8ae

      SHA512

      bf2d8145d9ffd32500bf1691eef026a187ca19e2132fe4bf83f38d7c21bd97450818d153f12e033f8576913dc1d782d1d5144acd7086d3aa1f6b7e9614340e7c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      7c5904a8b5d9b2af864ad40d5b652ecd

      SHA1

      b6b7d07260e49eb5b0848af3d7d503dac04b415d

      SHA256

      05d9233e0676679e105d20b6fd882cac8e6d3be592fb146ffddfc432e9f53e66

      SHA512

      67e8977c1f4d90499df01bf9bea3dc694e07778243d7a2f90797538678b7b7006befdf2adc3ef8e9939f136cc05e197ce6e2d9d1d72545ee3cd7b69c8fee9fc5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      86fa397fad7a560f05fd17c45fc9e280

      SHA1

      90f7661a8fa8ec90ca39493447cd3537c49f14b5

      SHA256

      e671314865c675f0b8e9c22b861ef99c09770e40b7457440d8d9d4fc9e29b364

      SHA512

      9b50d0a709ee13a5492f05ab1fce5ea983b1d65a337cdaccb52f34fbe4fec58354f7d0e7a304740532f37a62cffe5be10f14e3001313bde36379733f456824fd

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      f6887ee6abff9d131ae26088082e7016

      SHA1

      05bc7b76879728b718b2f7a5397f7e573579da10

      SHA256

      36d3e3b41b5871e7734ec76467efd22abcb63c774231bb3b079531bd9f7797fd

      SHA512

      ba34a51259ace960a02bfab7d1b0ee4ec1234863e32bb248b7dd3c2278f353a8898307a65940d96873adce58e49265d1050b969129a3b4931b1cc7c0130bac4d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      512f9c408b09830731a257d5349d4a09

      SHA1

      1cdad505d92dddc6e47f60587c10b25b4e8cc114

      SHA256

      ae9761aeca55d37f79de5d48ee0483039e5cd458838e5f2c33ccf47909fbbf3c

      SHA512

      0c7ed3008ddb6b5afc48201fa3ac20e4c317350edf643358755d8f13ea36460de6076033c4fa9db700bda05e9ea73a364a80dd23817011d0e72471d1a23eef13

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      45bf18d2f39b83922f86b0bb32f2ce03

      SHA1

      ca98b921baddbb85966b59da1408e6562ebd1c39

      SHA256

      73efeeda6848dd1b6bd590cc4faaddefaf9360c20deab1f3a1faf3147ed8d6c9

      SHA512

      198fd7eb3b6d7551ed866dc5e6e4846f465bd2a59a9e35ebf1dfa5f2d5858412a059f0004718b30713dd46f2ba484714b592b08ef31cc8c30cfccb88d6cc098b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      22360ad86f51ef6a0d6192089b69420c

      SHA1

      9ae05b286ed9921900ea17b25047b5008943f091

      SHA256

      a116b3a1abc062dc62e1347b45de2e97dacbb441bebf3b3742117d358afae196

      SHA512

      51c9ee8f57dfa789487acc3abb3fb767d6086953f699e9355a8e83974c47a9e5d9635dc9d2d62f29f035a1a3671a25cf87b8830d028f256342e458c9c169b6c5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      a45ccf5be3aaf35ff9bb99ecacbe7b00

      SHA1

      46ba2ebdabf67a53553925d6d290d47cfe3b9a5d

      SHA256

      1089b692de52d4f152d4d2b7b78563dd6cdaa092d25bfc62a1039ca4fc66374f

      SHA512

      a4f27877d51371b170ab1b8d0f97346d83e3af58dae7ba0d7ace5f6a4b0a67533342b45f6320345d521f05563b7e0b3f64d755503856e1ed09ff082757a61082

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      7a76897c5db7e4cafb7c32b819095f71

      SHA1

      a9c3f28120004f6b11a6fdd2dd96b3e4e81c2573

      SHA256

      ae0a28724554aa5d64aaee7ffbd03913e378cf91b7517af0cb21c930fdb2e6ee

      SHA512

      25dd200385180e98eacbb8cf0d33e80983f8062cb6cdef7e35ee5a1de460ee6a973d269a3751a9ef3661c29ca1ceecba555ae1bf6b861f635ca5b28346c98ac6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      5747de56566d9141b3ccf4c84d0c080d

      SHA1

      d41d321f6d160140435e90abb8b09ffc79ac283c

      SHA256

      08907fbf35b9b4a4bb94377d4f754dea5efe3ec73e0797d7a3a36973ad6a21d7

      SHA512

      14096dd21a98168d874ee539a149aab5e26b7ae07c50effee92d8d8068aa14f4596b151b482f22504abe59e761530683a5435f488e652d85a8154a6504bc4c5e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      67adf553e7b7a389942881326447ad28

      SHA1

      f50642d4ef53a705973be4aae76b9f339ebe35ae

      SHA256

      fa2f0c3ec7ec6edabe27300406f9b4de870cfcc4f5031de4bb2e9f89a2c0f341

      SHA512

      fffa531c5ac11ee29e3a48b1af147de27af1145957db7464d170e049ae88fab98d5ac8bddf0d01dae275fae47dddf7208909197de9bfd328a1c5679311a2e16f

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab98B7.tmp
      Filesize

      62KB

      MD5

      3ac860860707baaf32469fa7cc7c0192

      SHA1

      c33c2acdaba0e6fa41fd2f00f186804722477639

      SHA256

      d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

      SHA512

      d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar9948.tmp
      Filesize

      164KB

      MD5

      4ff65ad929cd9a367680e0e5b1c08166

      SHA1

      c0af0d4396bd1f15c45f39d3b849ba444233b3a2

      SHA256

      c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

      SHA512

      f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

      Download Submit