1d54f75b31713396cf394bcc659ec80470eff7a3c90bb66b179e80775286e9c5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

BlitzedV12...12.exe

windows7-x64

7

BlitzedV12...12.exe

windows10-2004-x64

7

BlitzedV12...xe.xml

windows7-x64

3

BlitzedV12...xe.xml

windows10-2004-x64

1

BlitzedV12...OR.dll

windows7-x64

1

BlitzedV12...OR.dll

windows10-2004-x64

1

BlitzedV12...hy.dll

windows7-x64

1

BlitzedV12...hy.dll

windows10-2004-x64

1

BlitzedV12...ed.exe

windows7-x64

BlitzedV12...ed.exe

windows10-2004-x64

BlitzedV12...to.dll

windows7-x64

1

BlitzedV12...to.dll

windows10-2004-x64

1

BlitzedV12...on.dll

windows7-x64

1

BlitzedV12...on.dll

windows10-2004-x64

1

BlitzedV12...le.exe

windows7-x64

3

BlitzedV12...le.exe

windows10-2004-x64

3

Analysis

max time kernel
136s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
14/08/2024, 21:32

Sharing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

BlitzedV12/BlitzedGrabberV12.exe

Resource

win7-20240704-en

agilenet discovery

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

BlitzedV12/BlitzedGrabberV12.exe

Resource

win10v2004-20240802-en

agilenet discovery

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

BlitzedV12/BlitzedGrabberV12.exe.xml

Resource

win7-20240704-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral4

Sample

BlitzedV12/BlitzedGrabberV12.exe.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

BlitzedV12/Resources/APIFOR.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

BlitzedV12/Resources/APIFOR.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

BlitzedV12/Resources/Anarchy.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

BlitzedV12/Resources/Anarchy.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

BlitzedV12/Resources/Blitzed.exe

Resource

win7-20240729-en

stormkitty credential_access discovery evasion persistence privilege_escalation spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral10

Sample

BlitzedV12/Resources/Blitzed.exe

Resource

win10v2004-20240802-en

stormkitty credential_access discovery evasion persistence privilege_escalation spyware stealer

windows10-2004-x64

16 signatures

150 seconds

Behavioral task

behavioral11

Sample

BlitzedV12/Resources/BouncyCastle.Crypto.dll

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

BlitzedV12/Resources/BouncyCastle.Crypto.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

BlitzedV12/Resources/Newtonsoft.Json.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

BlitzedV12/Resources/Newtonsoft.Json.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

BlitzedV12/Resources/UltraEmbeddable.exe

Resource

win7-20240704-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

BlitzedV12/Resources/UltraEmbeddable.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

BlitzedV12/BlitzedGrabberV12.exe.xml
Size

320B
MD5

c6e6fc3cdec0ad213d9330a9b630fd5c
SHA1

ed4278e0e4b9d1b47fbe92ca2f98af62e5d6c027
SHA256

96c2db8d8037a20cc6550c935f9a11da70f84a2bc64a1be1807b06bc1bda2492
SHA512

37ee70ae328547b684db668ce59c9f7eea672184fb1f5ed41341a0fab84bbe0419f0706742832fc6f1ae78e474cd1d3f5f757fc9c44ed0ca557101a733532e0f

Score

1^/10

Malware Config

Signatures

Processes

C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
"C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\BlitzedV12\BlitzedGrabberV12.exe.xml"
1⤵
PID:3880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3880-0-0x00007FFE35090000-0x00007FFE350A0000-memory.dmp

Filesize
64KB

Download
memory/3880-1-0x00007FFE750AD000-0x00007FFE750AE000-memory.dmp

Filesize
4KB

Download
memory/3880-2-0x00007FFE75010000-0x00007FFE75205000-memory.dmp

Filesize
2.0MB

Download
memory/3880-3-0x00007FFE75010000-0x00007FFE75205000-memory.dmp

Filesize
2.0MB

Download

© 2018-2025

Terms | Privacy