Analysis

  • max time kernel
    118s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    28-05-2024 12:54

General

  • Target

    Bloxstrap-v2.5.4.exe

  • Size

    7.6MB

  • MD5

    dbb820772caf0003967ef0f269fbdeb1

  • SHA1

    31992bd4977a7dfeba67537a2da6c9ca64bc304c

  • SHA256

    b2ac1e407ed3ecd7c7faa6de929a68fb51145662cf793c40b69eb59295bba6bc

  • SHA512

    e8ac879c7198dffb78bc6ee4ad49b5de40a5a7dbbda53d427d0a034941487d13c8bb2b8d590a1fcdd81cd6abb8f21fdfcd52924eb00c45a42ee06c1e4b3d590f

  • SSDEEP

    98304:XNd5DSd5DxTsed5D2ZT00UuOYoHwfLk3vSmaR0+Mc4AN0edaAHDfysrTl1:X+sdtObAbN0u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.5.4.exe
    "C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.5.4.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win7-x64&apphost_version=6.0.24&gui=true
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2360
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2360 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2872

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f583257966abbd67c223b667d22aba34

    SHA1

    d903ecc0c6a31106e60352c2e3b1457d21192e98

    SHA256

    875e3c35a734d8e70e095814b383d721073ee93bdedf2edd60e531821e3b680f

    SHA512

    88a4fd95ef659a0e0df8e660213c43c2595224202eef2be87bbdf6e44f12250fd2e72880ddde4b6605b89a6e0e4b368385dd13cb2ac888ec6f355abcc6d88d3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6a2945d91dac1ffefb415ae0c4861fe7

    SHA1

    d4a1602dfb6c979c43273a7ffa941688e1a3d098

    SHA256

    570a5e98f6aa9a65c7779b06ada331d4d7752b3881d86e4e637b9657eb3c5bcb

    SHA512

    961163146d014a4c78c0e50eec1afca144b5ea42a6b678729e4dedce9e6f899cc4c280d630a79f6819c7e3e72e8ab1907b50572992f7120e24b6f875c39df3b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cf41be5d7e8812235d3a70e4c71ff0ad

    SHA1

    185e27700dc93152f5bb2638ad855861bb14f58b

    SHA256

    d5583b978e808fe993cf9e20b36e0cdd3f3cab1101d6af2f656639b76b86bb7a

    SHA512

    7a4a11426dcd511248ddeaab61172a3fa0d0b5eeab486db7f9c35f7c3db4281a59761ee2528e71d5cb49b90fd631fe3b0325f1fb8d82b199eaeec803eaab51b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eb28e749b10aecfbf2fd9d2b35311247

    SHA1

    4a06bc49add3091ef8d5557ab103adf41339048f

    SHA256

    1b67dbe816f9da6531a5ed0a5737a44ed0303052e55007eba0605f80b48bf63a

    SHA512

    911f6df898f9c42aa8997d6fa73dfadfd3af7edb71e2bb97dacb51342c7beba9fafa939851a206c3f0eb83f7fe8d8358fdf4a77f7d0d699a10bd86319acb8b58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    da45abb9e0e3dbd1d2e097c805554164

    SHA1

    6769dd161d94699f0bbcda42a39afa437b92d33c

    SHA256

    312948c80978b4f9c5936e796418988eb1f700ed7492fb5c21ceed5b822e4b07

    SHA512

    4597dad7baab277a3397dc26453d0ca428cacb7886dbb2a5ecf26bc8538f419dcb5894d0fc5f61802def479b2bff69b284b9f16fa7a59a6b2962a88f392092e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9e4f0952281325f40c61edad9f419739

    SHA1

    7d2d4f79853efc7c736ebe8e0772e6a107277fd0

    SHA256

    51eaab996d4bf3eecfc0929a9fce6f2a286ebf4912e268a853e2e9f10be60e0a

    SHA512

    7b3bfce24ce817bad2b87e32c7e2e340b8ff0f9079c1b9dc6716b965bc1a72ea933996098a9ec501f14598bceb4c59db83fc8934b52f0db088619a0f5b59ec88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    139a2bed4ac0ab291242471efd333dfa

    SHA1

    2ed44488ef8714e5e4eb36a093d997e5aadffc94

    SHA256

    bc29fbe27a8a96e9c0a0e5062af08d4ae1c6de38d3042b3bd5b9711b736f47a0

    SHA512

    32fe4a19e1298a46a1b2f475293b42d0d43d1f91fd8900d658927a08ad49f0395c68097d2f86949b33a0144b465f5dba1be1064dec130b3a239a6f5a47a23698

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2ff1aa76d7701f992862282249a5d52a

    SHA1

    c0ac5cfd0a7bac7b679e003da8fc0f5148882b1f

    SHA256

    ca4fa9c0d73073923a50475bd63284cb61134349581c09de479af5c7ccc4aca1

    SHA512

    68ec7a223e35bca0c34cec30fbbdfd7f4f51eba6f89cb4aea2ea86739cc685e544502ed0a507683ce51028d806fb7da99cab719d9830ae182ae29c51d94b9a35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2f43a652cc32d06135ed139a5d9ef870

    SHA1

    1be9bf3b1c9ca659e759a28b552461f4b2cb0ec3

    SHA256

    45ae158604bb872880d860f9ee0cd2a91a59f3560376cdcba522d99746fdd318

    SHA512

    7b52eb60b4afbe55b0f208781f279b943a8bc25a7728bce46045c73d3da522bffea1198dae20d34c42957e24e00872adae7948c20636a5c7ce59c412ee7e2842

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    040c3ae8bf7d0d32f5de1dd4889783f2

    SHA1

    00a2814305db9924b81c6c88b0df252ba750b9b8

    SHA256

    c2ddd11fdcf55149138eca5c62c24150c8c519928c0daa6440a353f226496eaf

    SHA512

    37b57a872057af22dc22a5921aab0d9f252ab92f43eed83ee68a8fe6d8b15850efa579b32ad0856e9533e939e916d0099510097b362316876bc2b11ae227eb92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    be8aba056ea0bc932643f336584040dd

    SHA1

    332db484b58985c34c601ab6b428f76606abd2e4

    SHA256

    67f6d112d1895ffb16cf016719ceea500f830e8a8376b608a1c166f5c5ef5cae

    SHA512

    a3fdac859748581c794cb531317aa2b1c475275dde77418bb5c2422c66742c1e83d255b07068d9f2972b28d3f5fb640bacc05b1733c37665df9cefd4ff93592b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ba660df3e2fff901ac3a6307f2b31e20

    SHA1

    d56268a881812a97576e617d403b140368e4dbb7

    SHA256

    a0a88ddb3fccb58522f7e1a84e25bc237f39deec3a32c828cdbc52b139d22b88

    SHA512

    bb12c196512eb44e0326043225e249ddfd3e2fb0bf041358bc97d72b882efac38d9475178596e7a155ba384eb7c1c016742cdc6bfd951f2fb9273d8a8502032e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7e241e07ea536b327ec3fe042ff03c93

    SHA1

    eb3bb8928a9d929d5d93bd78bd1ba33348971e3d

    SHA256

    0dc9c3c762ae1926f037ef04f97169947f69e432bb269671a41fdbea39766668

    SHA512

    f1d3f27d0398bea022bb4de317c2d6290717bc0f298cf37345ee9816f769a5438a6c7ca6b6d0dc817faa2364dfbbbdba9cb2f7689d9a72f52536448942f62f8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    28b61c7ac093131e783e9c402507fdfd

    SHA1

    df53df1b32c6005b0daf54d885a8209cacfee2d4

    SHA256

    c84a28f9f6cce1f0ebf445275fe3a2d7bb0e3d2909157c09797aa86964f5c0a2

    SHA512

    a8dcbdbe5d5302c6c2b87b8e1f41b52d3c0579e1065c98d1748aa02910cc7881c2bca129a2334ab0967cb0d4384a799d0966dfc1792f69bee2fd5a1b99397d61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1d77e8063ae4762987929e3806ae2770

    SHA1

    6c525950263ba58987848594e355eca6d2184cab

    SHA256

    223e352d7329c891ef99f6b2521e897a276aa6c7bdec4ce4d69c286ecd0429fe

    SHA512

    473b2f91ce84d1be2055b8786da81db66203a9681c02ae5a65155377bf87756d815f6c6b5251281d1b057535e63c70b4381dba3e584411387fd8030bf1d8341a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5e40b70825fd551751aeab0160388388

    SHA1

    7c40a2ae4d4cf53d7ba609da404b3e86de41372e

    SHA256

    bc62f12ba52024543337d41d6615a5781f34e59862e0fe86633c7d1eab72f604

    SHA512

    78b7b5461077678b7bdd102fad08f3e13e9da1ab1ba714405558a5f79597a72e299bea6ec0c79ac7e62ac436beb44c81ec1d966a8dab9d776632a140bc193420

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    673e3355421db51eb71f5ca4cfd40f13

    SHA1

    869c3b51333fdbc6c7adf74c6b3abbfe3233f70c

    SHA256

    d24febe448dc4b4f8c40f49f24328c3f684ae4afe274f099da717df32ebb59c9

    SHA512

    6b5cd56eb69bba2c74c000f40130b7bb8695071b8b5f9a27b1f4b0986ff1e17dc7b1c2dc26c60271a95e1f08924f6f290a6d0a1b50f0fe4c2d3d3d2fd3fcd972

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5710feeff42bc46978bacb607136295f

    SHA1

    c66c605655c4fea097e28535c74a86f656afb765

    SHA256

    f2a283d59f3bad83553da94807bf6ee0a7fb7fd225823c20ef69d4430ade8fae

    SHA512

    8c766da995797ca1b73dc2b80cd0e0537906eecbe65eca5d75cd3eece6312b999e925efb4be51841ef6928d3dbfbc5920104ae1bbfcd8f428fec7509b864182c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2feb3859e3167864667add2b145164b7

    SHA1

    bf05c73af4b8a65324cd64f24eac13cfc39c6e63

    SHA256

    bc4593d0784f8e01fafc835c75f79ac68d41c7e327aa3774f53dcc6fe79b2c1b

    SHA512

    7dd56d7d4b190737ec7ecd0f29ae52f21312371d693617bb4ded070ed7855b4ca61cf627c60e7041334660af51c4a3968936384c882581f6547201e01534c4c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3f49b86a41bd47ebb04ba1450e71a242

    SHA1

    086e434abaff7b8cf8e1845032c23b2c05d72541

    SHA256

    ded3f613ec5bc1d2e708f69290708cbb71e5db60169a20620a76a8c7c9a98548

    SHA512

    86f9d4e88ab957b0523ee3fcbf6e04758b051b758fafed242d427b05d6e2cf7e4dc3324105c3e496b46b968203516210512f10ed204e0fd5a335659f27ca9fd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    abbc7d718d777244be68b0da74180350

    SHA1

    9e30ce0e7bdd13c91cb7d001ef49641d4e5eb9e0

    SHA256

    fe05ae84b292e7dee8c8e8bdc118d77a4f3202a6b59ed4429acb4c1bf042d3c1

    SHA512

    ba62c97d51d9d5ddae2605a67be8627301c5eca7fc5ae696884f360995c6be7941a64695a6c2ae9098196954df4b18c84c8017289583b8a4f16c1fa20bcde3ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    32c5b1c4f39e2f23d92a63c28e093fe1

    SHA1

    a4a34716d65b4e3f5cc28e043f482a781cb17072

    SHA256

    ad07902a92d4b8eb69f391c207a2ec33d7c9c4def55ffa8d6497a8fcd7379c8e

    SHA512

    d2418f530c137682e83e4c4e4f63f9d5b335eb41fcc9d5cc8cb310a68782f8d1d4e965029b92e87462efa6a3b9b171611b8c1697d17fe0da70ed971c2a22db51

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d88482e609ebef90a6426a1f5c10afb2

    SHA1

    b87e9484e8840a6c2c326d3009303552ce04d441

    SHA256

    4b38c5a57458b7eeb17f282c6abe3cbc23151096fee468cd115a9191222954fc

    SHA512

    39c735188d9a0302f3a872355f0526289fc42c1f122284263a9101a092bfae22577a86e1fc40a80afa13eb09303810210f94f7228a80fd2a1e4d33ffd04083a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6212f9992899cc4cdd5b5ca8d4d3dad8

    SHA1

    6468a545491654a37a0482cace439479223543c7

    SHA256

    268407fcdfe21c32b8efd4520fd686a8aab84bcd94e96f1f90a248790ee23ce1

    SHA512

    ac3d1e37ab665462a5440950bd0feb71c94b3f10097b4e1e0e04d649684b1e7001348be07f47a9a683d20bc8d3aa71be8a66bf46c4e1717f840ebb212ec039a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cd773843456a848fe79685701daf56c2

    SHA1

    ddbe21f35b303d7d44cbdd538c7af4bfd3475d69

    SHA256

    ba27cac99086c30be22ba5696d7523f4df12b64db592c7be7061e9efc1e9695e

    SHA512

    8cf0cbd8f66ced7099ccdc7aae4321623304a9eca6fbc6154479e13f0311ab38ccb7c78c9d85f0044ef95ba7924b06145ca8c614d36456aa1b2cb2ea4770bf21

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8a0dc179c75787a2e87b54450bfaf70d

    SHA1

    bdd4317fb8af0d16dfce6b0815085d5edd1b8364

    SHA256

    1206f9d5bdb94c4d36ff7cb515de9794e7dd3b03ad6afa22ef7f0d2d3aded89e

    SHA512

    bc9a794a3133ee60418d43e19fa33bfc3b857541da1df533aef092dc12c08b6949933265a59ff08217b265d531df4fead0093870a3e941ea144f60efff18fc56

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5e4f1c227195c3eddb37fa6c43dff5bf

    SHA1

    73c54904a5bec5d34102947f2997b5d833b2073a

    SHA256

    107e086a968b35604e41970f67b0fbfb2720e173f18d3a3d7f31b5a0c2d97481

    SHA512

    5456e57dc4ce0829d7e96657f9f91e8e24e281861f646a401a95d0ea2ee4e8f824b71698aec8a8bd25dfd68950ed27903ca211d790f8d671f672120d853ddb05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6cb8b25b885ad055bc50ddfa6d151cae

    SHA1

    1d0bad8b09de84972a96c97df1b38c6799e226a7

    SHA256

    3d0dd499e2b73e4cbe744a56d18e58d6625f8ac0711ba403368ba73a806b5675

    SHA512

    74754a13d8fa616a44eaf4238eb76f76272b1eab2e69762215685dc4525e09911735050cd6041bdd5c3b48aee665fa7c633ab3dbb7021f6c595404d4f13db608

  • C:\Users\Admin\AppData\Local\Temp\Cab316D.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar327F.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a