0694e3fb51d1dca937bf9a823f450ea17df5b7795e91523c140a1473e45ae060 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

B4LLER.exe

windows10-1703-x64

7

bladeblalshit.pyc

windows10-1703-x64

3

Sharing

General

Target

CEXT.zip
Size

68.7MB
Sample

231224-2ew4dsehf7
MD5

bd24dd49fea9f5f87e1a4e94e1eb7d5e
SHA1

4c4eb33b2c73cd54aa8535b389053e726cdece09
SHA256

0694e3fb51d1dca937bf9a823f450ea17df5b7795e91523c140a1473e45ae060
SHA512

3755794b5517857e6c5764aaacf6ba22f8c2e4c2d3d2d34e2f68bd222e984f90f4774940cbe0c32ed5aff3c9fde29c1dd5dab944396b0f3cec65772bdfc53ff3
SSDEEP

1572864:4BJwY2Us98kgTd4Z2JTCGaeZ0YYzbAHWgjQ5luMwvdOpYs9O/:i2Ua8Vd4Z2NCG/NBxFRvdOpYuO/

Score

7^/10

pyinstaller

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

B4LLER.exe

Resource

win10-20231215-en

windows10-1703-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

bladeblalshit.pyc

Resource

win10-20231215-en

windows10-1703-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  B4LLER.exe
- Size
  
  69.2MB
- MD5
  
  f23cb0d5adaacd859d094671ee730696
- SHA1
  
  f3591463bc4a1466342256c569c51cca7f551c1e
- SHA256
  
  f2b3acf743652a70763fbb3cef07ef6d3b44d44bf3e5a4836df73b9609f82a4a
- SHA512
  
  55b668d27c9ccc8f875bd6f6be0d3b371fc286e24fd08405801a186b3214cef20ddaeeebbf34238287ef5588b65adcf738dd6ed3f2fe5c85cfad9c537234d1c7
- SSDEEP
  
  1572864:Hnfr2pBiS1ril7h9rW1LrKiqm2T17nD0ClE71QOI+ksJ:wiSBM7h9QLfqmY1DuI+ksJ
Score

7^/10
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  bladeblalshit.pyc
- Size
  
  15KB
- MD5
  
  9bf82a2aea5679f4c9a49d3ed89bec25
- SHA1
  
  a67eb5daf4378e70e87038078d63a2db8b0c7d7b
- SHA256
  
  ef92705ff2f0103d6c86a98e065fcc1599586eee0e3df1d055d4bf695d43146f
- SHA512
  
  824ded5ec8b41ab74353238d2657f3afdd7280769314af406dd5a1bba4bf87b8b861a717da16a32b3e090619dda68ad837c1280f76cab7a98631aa41f1a66cdd
- SSDEEP
  
  384:DVN5R/vf4VFwRDR1sqEknuJM5H6lA7LDgvJIY8Q8H135TTQn68vmpNIupdLNuI86:DdR/vAVF+R17135PQntdup1Ng1no
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy