Analysis

  • max time kernel
    121s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 09:23

General

  • Target

    Bloxstrap-v2.5.4.exe

  • Size

    7.6MB

  • MD5

    dbb820772caf0003967ef0f269fbdeb1

  • SHA1

    31992bd4977a7dfeba67537a2da6c9ca64bc304c

  • SHA256

    b2ac1e407ed3ecd7c7faa6de929a68fb51145662cf793c40b69eb59295bba6bc

  • SHA512

    e8ac879c7198dffb78bc6ee4ad49b5de40a5a7dbbda53d427d0a034941487d13c8bb2b8d590a1fcdd81cd6abb8f21fdfcd52924eb00c45a42ee06c1e4b3d590f

  • SSDEEP

    98304:XNd5DSd5DxTsed5D2ZT00UuOYoHwfLk3vSmaR0+Mc4AN0edaAHDfysrTl1:X+sdtObAbN0u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.5.4.exe
    "C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.5.4.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win7-x64&apphost_version=6.0.24&gui=true
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1700
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1700 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2672

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e0a533a0ff52663f34e3a6ff556d50a1

          SHA1

          d2f49e14826607e08488e631209f2866877d40c9

          SHA256

          08f289bb099d40cb92fba691ccf2ad85764624bb884d8a324e745f74c6279919

          SHA512

          687dfbffa0e7eceade84d4beda6f01d9b5c7452642b301c40e6614f70f11ff5e61e14035372203e6fb0764a3c7913165252ee630afa81e5ae09e04cde0fc5b72

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dcb6cf29acebeebd9f71239a762e7971

          SHA1

          d3466142c989ddb2bbbe7979f9f8b8fddc9f0af2

          SHA256

          7b000d09ac47f5c2c3018c002be94702a9cbaf87059a72f6fd88ef21781aa66a

          SHA512

          dec20ad5c73d4720bd0c6b0584ef0d9402cbd7e0de56a50ce906c5fde6586de4b92aaac8eb7022dc42d52c00bce8ab1d22df4ed393c15adfb14882c30a54c832

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7eceacb603a1543ca1628fa2551609f8

          SHA1

          c1f18431f6785fdc2ea205d632dc4219266dfcd8

          SHA256

          143b826f807964ccccd737143a886e63298fc229b25b8b4faf58ca848254aa84

          SHA512

          adfcb9e2ff99eb96705e18be3e86273f277e8e68c687c1e998ac9686739919cddac62ea2b61a9baed5408f564e18c16f521b8a2454b7fcca7ea916875915f993

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          16d8cace8a2baffe876427b9190630b5

          SHA1

          067aee1444659942a4c27c6fdb306a1b99420c4e

          SHA256

          91a41d158984d0c9727b708a5ecf8aabcff5040285fe815c12732bf55f24e239

          SHA512

          6d0a18de8bb766b28ec43f8c081a421ae68571e9895062ccf1fae821310b3b8b0448a1ac69f0b12969a23e7e49abc29a6598b9eb479eaf1616f2374a24f91d75

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6d1464c8b97a7337841af0dfccfd1ecb

          SHA1

          ebabef0404ebc621673004f743990bee479c1e7e

          SHA256

          898e7a904cc84957703493a9037f97ca6089a969ebaacfcf1fdb775368419cb9

          SHA512

          ef48b7ca1dfc6b978af12f5bc97d5c3e5d6ceb4ba8c55b7b540d1c0b875364ee7769c0d672352808a435e3eda643f4f5eec8eff514ef85580c75430318055daf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          903919a53f19d0378eff10011b680fda

          SHA1

          763e88af05d8e2e2a5fea2b11ac7cfeebcd7e4f7

          SHA256

          cb4c980f6801d747c1a3935d02d3143b35f1be15863014e470041d1a4a0856ac

          SHA512

          7578dd9ac0b52afaac2e18add4581e281368d63a65dca3cd686928e8bb1d690512bb6c34831e832e627169a4bd2b616778f54e46ba748f0939fc1fabe1fff1cb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          06a105e82b3c6ab0f9dbe6453a2a2676

          SHA1

          abdfbfb3c9bbb4a4deb9cb5cc9868e902d58ee60

          SHA256

          3f75234097d34771f345159e8142d2c20119352ff1b4b67e16d86d84d4ba7b3d

          SHA512

          1ffccd736098c3b907220855038da6dd317bcf3f95a172404ffa497ea9e6432b8fbe2bee7f04fa1fd8a90537694683bc5dd20f1d015995a724d24088257ee806

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bcb9961715cf59e4829af172e05a0df4

          SHA1

          78c7e808bc421e3c79aded839afb55328e235bee

          SHA256

          b21e3fb72165239ae0951fa3e94b735e98d725f5c1348f34971482bc408ec492

          SHA512

          4a6c7e83ea7524c68f7a70c8f08b65160bec404fe5a643704e07ba26fffcb52a32a86e0d4766d950a26f1e0d141dc1c404db7d720118cf134aa72c045c9cad15

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          57b402c9a3dc0d3ddef70253413e059a

          SHA1

          e2a3aefbe829c89f4e259d7721d410e90a3e58cf

          SHA256

          d5835c338be11c5ab634c493d81a20f0d20b6930d4b57c07cd9163b7f29b31ec

          SHA512

          3ca17f9bba095fbbff94e6ebd1ea382760420c0dd6f514a7e1c4b1010b46eb3bbf67d70fca9d2aa063655175263bbc1fda2009119f32bfbc7dc87f1b6b612510

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d79da54e34bd1c8a7d4837b7a20b0e0b

          SHA1

          b797121add2d23ef08170b788e5e50fbc92c42e3

          SHA256

          1b454408a48845d864d9c90005d9e406abacea87341e7b4f325028cb6c233ce2

          SHA512

          42824a14e0305095fece0b0ff2d60424ee2602c97328acff809b31ac32cf892ba66d6b7bd3499ea7226461ea384fbe47c7a5c87f3a3537d8bef6273ddeeffb2f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1b540d8679737c0ca8c8a803f312b127

          SHA1

          a661cc39a3f6160e09d911d8ca0c2dd3d0da5423

          SHA256

          4cfc0d16780768978e19f447ae39717d6ffa8133ff0c9a690fcde47dddc58066

          SHA512

          3f1198512707ad7291d86f8f1545f2da78d91790d2d67ead78a0dbf8a991e22b7bd794cd9544078070f094e39697914a35df8aebd0858552d25e9b161691473c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          19d2608415077e5331a9ff3be02dd77d

          SHA1

          d42b383dca7bd3350b9cdd23bf67d869aed322b1

          SHA256

          1b8bc28b86f9351871f79e70345551e752588fd08bfadca25c11a0751aae4791

          SHA512

          ac820d16c4a1e1b26f6d5ab075f11dc08713d8a830f2036c47822df4fffc87ae3578cb79973233ffc7619b558d5a34c4a9b3be246f367728d757cc10d1db8fa7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ec7099d2015ebf3cefd43e0fb01f4292

          SHA1

          e0486b4b3c2e0f95ade175f11fce8fad5ca18ae4

          SHA256

          08a4bd7bcc2d7106196fd66ded0e8a800dacbdf3422588b32e186b27d802bf50

          SHA512

          2be82246af5e670f2b619b875bbe8ea851f3aeee47f18c13770fcc126fa31bd68a3842d57b2f52602382d9f42ed100c3014f3f2435d89737048d1dc66db5b4dd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          232486e6ab8497fab94e88589a302652

          SHA1

          0965821e3c2546749b33cafa875b87895a97ef28

          SHA256

          163aa1a73c8131d4742eb8cd74ee2d227b4511bdaa3473e658b3e69954afd6a4

          SHA512

          54c46720566f0c96802240a3cd0d1ad49d24e8927dfe18abf37695045dc865ab7a7518039fc60058f78be2aabdd31d760d70c4084de18087efaae05bb09501bc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          802abfdaea9fdc9adda86e2e01e2c537

          SHA1

          f007e283b33b0a77881f2af0c4ba1a9d7249d855

          SHA256

          0ffb91e75af5c71758990477a947689275d4e72321e6ec960ac2013fc531efb5

          SHA512

          001c39ca31f02ba9023c6064f002241ba4d0f7b838cc785bd8b9a9e12d054dac3c8eb30c4d954d3bd5e3565d17976ada2e92fd85ed8346e6d8c655782ac9a2d9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ed42733b17f7639c23b3f30e9c70e41c

          SHA1

          5cf207bc8544fdb94c82ba49d1f5bfce1749091f

          SHA256

          a622e6f8693c6a01ebe82436f205859632d04963a35d293699a01ba3ff7e9cca

          SHA512

          b1b75670d2c40ce1b14f0db22b8b2da39d0f19ec81b4e4da1b7d53739e3792e5cb8159f3c5fc6b7094016250e0d7e014f7c33bce3302afbf79fe32f99c997616

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bdc4f034c862d68d2686852382763535

          SHA1

          6182a655b3a3192cc71667eb73b6f47bba4e85a5

          SHA256

          0ace2cf5e5d2e3095539898903bb9b1a7b3aecc45b04733e5ea67a894a4cd3a0

          SHA512

          96ed62d21db49f68ece5c22d5136460a74f28d2683483ddfab6d7bbe38ef8ffb5ca8125623854b8efe49753831df3e19bd0fa217f1c5e815580675643f5bfa67

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cab6ea2f1f98d23f1684662e5b6a3d73

          SHA1

          38cb142a2563358e61e66360ff2ff7664434b260

          SHA256

          2dccf459c4cbc83231042cbab17d2d7ac9970230d31355052ef262abe0b28c7b

          SHA512

          901ef4e0c06c01f3a2ffb1f6289934483f57376606ba03f80699635465bea9bcecf278b6a05acb55eb697b65ac2f8ae500e930314f807cca23e1fcb8d8907631

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e1870d4915b9cf1bab5b2b4706301a64

          SHA1

          cdb960d8f59a4dfdbe058e24217e998ec5487d68

          SHA256

          4e0e4bad44cfe1fb076542a1e2f04e4e1b60c4bb48b620273bd80d4961ed824f

          SHA512

          19852ab7ef2727d489a9f047842f39ed5a60b850200defed1812c7921c72fc46a6cdcc19b72f035b7bfd9d9fefcd9b7683defc0a11bd6955cb57bb6f24ca5a71

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          62d96fc0c607cca20d89a805b34090f3

          SHA1

          6e210045fdee4dc24ef7edabeecc740cbb1ad5dd

          SHA256

          69ee2169b72bc650687223cf7217c934756fd61c55933acf0471b743c9e26152

          SHA512

          525ee81b515e89554de62a4859194bd2cf0fc0c7c18c117531005533cc4e3cb5cbc8012f0a9208b479f732864c08aec92fdd7477a48f9afa8680f57e62b3443e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8fa29dea0267efc7cc742b21b6799f50

          SHA1

          7a7161bb57bccb6091e5bb12bebb6fba56d02106

          SHA256

          1ea075933beb72cd27cdc79dec142bce0fdd07fb0aea6c85e3b9bc0beab06b2f

          SHA512

          2fb7c5db09fce5cd84fa94d848a49832f1e4b849bf9087eeba927104e2929ad146b9cd4724911797543c2536684c8ee5e7b55ba7fefa45e67184b8f68f2ab640

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fab2757fe1d991491614c8fbb98bcc06

          SHA1

          6cb9d934e605ead27f443cdb282e91d144684ced

          SHA256

          3d98b2a7484088f9b9208dc65d077b9231735e173b119d3d714e0ca679585cd0

          SHA512

          22de518f28024e20be53b9edea61df2ea89f2c23b78b4a671bed724de32f478539aaf50ead6074eff43a1b97f5d6a2ecb3ce9c566e10c80704266adbd515ce90

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1a1908fe40ea9a660801eef1b01e1452

          SHA1

          c0ea15b80bacfed79d1b8eeb0d78a31e56819d82

          SHA256

          bf54c442a250a29c67f1e3d601aff002c42e5adaf0307d6be2e13492f26668dc

          SHA512

          a4a6c8b43489cecf6babfbf899ea4918d735955d2f8313aad539482b600edceb0183dd587c9c4204a73b7278ea4ac6a581afd2634c1c6160731026ad4d12f8c4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4a038f1e6ce1944782f0917b24f0574d

          SHA1

          e63ccf63c142210c8650c146abfce2fb78846c73

          SHA256

          f4100887728b982e1783ea0ada69cf960f0d5b444515d1caeedbc493bc7e4ffb

          SHA512

          f71514291f35b4f64e0f430c6e65400ddde84c526d460c25dd0f93ce30b592d60064b02d3f517d08b94f8672f5ccf5d821b09a4d4c7a7c9951a6bd1a6a9bfdf3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b59206e729aded8fc2c19e14947c50cc

          SHA1

          eee4490f2da988b92a1c66c7029fdde9dcf147ac

          SHA256

          559801789d6ea6abc5dc037ce36d43d107dd83cd9483b673dd29dc297aa56c03

          SHA512

          fc329752294cfd33930694d6dfd96392a453852692edfe0d36a9264d6a0828ee76bbd15d6f499cabe270f3ad207a8a32e6fb45ff7709da786d5f79439cec0072

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2a496175711a23ac769555265267f6c6

          SHA1

          826a030c080085ac6c2039a393c76d67ffc935e9

          SHA256

          c7a361caf036e6c6f7c19bb94f088689a9802952e0604b86bf9a9d65a09a2635

          SHA512

          9063b51f135f69698a851614689d0dae6122d73da24f69e6d4adfc1ee6c0d65efd7de3d8ed3abe870c80f09b6f876821a1a72100ee792b21e50ac0faafca3567

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6622d16338f5f20e3e2b6579543f9bec

          SHA1

          529287cf1fbd3fccdaf93699136dcfce6c9700f3

          SHA256

          a58fc37455bacc3406f2cda69b524fe7bb83a61cc029c33163b858a7fb032621

          SHA512

          69364425637654fc4f606678b293ceeeff6adeff363480513a2c7f2211e1347d4e94ecbaa72b2830c4269493d658af25afcd4a9292e0b1b9d1a94601d6c3d4a1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e5f72e225c676b015e2aaa953e151fd4

          SHA1

          4dfc21a6cfcd794a8e58520641a8877ea0d6e0b4

          SHA256

          77827874e5a1069fe4b44edf35ba835576d736b618ec11da8b501f19ecfcb637

          SHA512

          19afde1c969f9b803ae01763e64e9732c42c4910893f8bc12182690f32586914a322af9952f4cd430b035970d44940e3daac4747ecb15fcb1f0027822ee2e319

        • C:\Users\Admin\AppData\Local\Temp\Cab2F8B.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab3067.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar308B.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a