Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

WindowsPro...er.exe

windows7-x64

7

WindowsPro...er.exe

windows10-2004-x64

7

blxstealer.pyc

windows7-x64

3

blxstealer.pyc

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WindowsProcessHandler.exe

  • Size

    23.5MB

  • Sample

    240608-npg6bsbc2t

  • MD5

    1dc2a722e3bb25123922b7322beb3451

  • SHA1

    4b095d5c49b0e2409c1ebc35193ae6f1458939db

  • SHA256

    ac333f7536d107ac4eed6e09e627bf44224333f51a37628eb8e87f5d85df6579

  • SHA512

    42fcddade0848a29b2421b8e048f513edfa69408c1adc691c87c28d966e4cc6709937129b66255a23ea79c755325aa2a3c045401df3d6ebc9f064347cf7e1132

  • SSDEEP

    393216:x6EkQLQ8Ogf8kRP8AxYD/1+TtIiFAuvB5IjWqJ6eclzmnbO6vYXUz+da:QYQdbkaXr1QtIPS3ILJ6ecyi6vj+da

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      WindowsProcessHandler.exe

    • Size

      23.5MB

    • MD5

      1dc2a722e3bb25123922b7322beb3451

    • SHA1

      4b095d5c49b0e2409c1ebc35193ae6f1458939db

    • SHA256

      ac333f7536d107ac4eed6e09e627bf44224333f51a37628eb8e87f5d85df6579

    • SHA512

      42fcddade0848a29b2421b8e048f513edfa69408c1adc691c87c28d966e4cc6709937129b66255a23ea79c755325aa2a3c045401df3d6ebc9f064347cf7e1132

    • SSDEEP

      393216:x6EkQLQ8Ogf8kRP8AxYD/1+TtIiFAuvB5IjWqJ6eclzmnbO6vYXUz+da:QYQdbkaXr1QtIPS3ILJ6ecyi6vj+da

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

    • Target

      blxstealer.pyc

    • Size

      65KB

    • MD5

      51ecf8f5fba0aeb23e48b8add0e49185

    • SHA1

      f6459096cc5256907bc6c1928a658112eb7a4841

    • SHA256

      02bb136818b3521667b447c0e46369324cb92487298654e235900f0eb56cfe30

    • SHA512

      acfedbb6e2a5c8b667af5ae53e4b44ec0267dca1f7d7ac73e3468002993ec4c1091a6c807872d927b840a15c322346609176843f6df6a5a02cc3d0488df85ba1

    • SSDEEP

      768:Mmd+ezrx+gRAwveI+aMXu1qFBoXwZukfyzbUbIknwEziuvfZS4/QmGVOwxAxxF3n:xdjzr7RAwMuHIyzI/ntPZS4/QmGCxbnX

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks