Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

BlowSXT/Bl...w.html

windows7-x64

3

BlowSXT/Bl...w.html

windows10-2004-x64

3

BlowSXT/misc.vbs

windows7-x64

1

BlowSXT/misc.vbs

windows10-2004-x64

1

BlowSXT/rBot.html

windows7-x64

3

BlowSXT/rBot.html

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 17:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BlowSXT/rBot.html

  • Size

    4KB

  • MD5

    f3c8f58e8012131ecceb985509d53da2

  • SHA1

    480468c38081171a85cb63caa95060bc92c4cba7

  • SHA256

    3838b83b9f36292769cf79939ac8a2a2269cee8c54f33ea93d4a2e976ce5292d

  • SHA512

    1d54d080b9093b3b788810c58b99b5f4480a2e1297ad621eb4c5ffdb311d546d0bcc28604d582ee4896c050e1d7b3bdb005edc7f451494e59fb6dc7cc701f6fa

  • SSDEEP

    96:vODb9J8dCczYozMW1PvH/gob9DH+ZmOrTZL6xg0:vaJ7cUSMWv/t1dOB6xn

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\BlowSXT\rBot.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2460
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2460 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    469e5d89373e9ff5dd4c1e3ae3b24d16

    SHA1

    1d30a68a03b40b83d8c399d98e9e8c76e1d2d7fd

    SHA256

    0bb5e43ef2eb95cd3f7ea2d2f1c7de99c6a8e35582c3361dac310729ae31a8e6

    SHA512

    f31689c1d8582a2db986bb17c5dffe4739cfb9b6780cb3846884bde9240fcbe149a77483d80cac8eb906729b1d958ce24e1f28b2b106c1144fb6601634551f36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3bf81595a301f43892c82cca9c0c4759

    SHA1

    b1ea919d7787b1b8a0f88f908ad951a99da9faf1

    SHA256

    1bf8fbdd0068f29ec1afbc353592e513b6861da473b70e43b005f922bd585162

    SHA512

    846d92e874dfb49a9e8a25282061e66fe0618618f85a1a1f55c5c1f14bb9dd218880a91e1b5238fbfe1561f0a7a42a6a2a9271cffc3550daf23c1af062cc2169

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    527041ad94e40ad169ce3c275ee9db1f

    SHA1

    d890e78950bfc7a4fbdc2aa0f4c47e9430b93640

    SHA256

    4732b95900af1a798534341b1e7451882dc69d6f23803d119750d9577462ab1b

    SHA512

    ff7f674b71a239bcc590c453bad667284daf19b93ff88fb19bbf91f18340a991bb3d001d85741344193af19ff765f7982b02d8a08ccfe0689d2cec9314b2c5c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    df020d3f62bc7282a73347b5ba5eb079

    SHA1

    7f8a07ddcb94ddaa5322e8b3c761d55f87911943

    SHA256

    ac71731149fedb0756fa1887b446eafd12bb8544bc90715ede7ca9e9e8436655

    SHA512

    8ab818b6f361e02d01d45d3470a4fa12bff4ca44bd6d805a13c2d1e9fcb0e727b9fd37d44be9ddaaeb7c446c424480657d902904c9030d22ef23c53c6128bdaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    62121784bdb29de86af83b7e9edf5c3a

    SHA1

    35e7a5fe85e22aa55a99e3d9fcbe22ec14fa3139

    SHA256

    e8e1517e6a60d47b746cd6c3ac90eabb06818028f639f832d4013e9a969515e5

    SHA512

    139ab74378dc50938ea23af292eb6a3f6512a1f3f293331d081ca541810f31d7797cbdab140fc2b4dfa91369bd31f3b09dc4f9022449523ca1eee7b81f0de717

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2adf0df8ad6b824b0e59d1558549a890

    SHA1

    8ab3c270b36bedc6dc1cc4ed16f71981a1b4a813

    SHA256

    bbb5014c7d205905f3d090ec360308e46be5b939b208530cdf7a325eadf19ced

    SHA512

    f0e78a249ef134872aa648d29737bc594c1e9c6bf13b93bfdc97ccf846ac8a86bd7fa4de647479bcfbb44acf6ce5a5443379cbdb7e8408abc1e9920b7455deaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    28a0e537358bcb709dc508767ce4adfc

    SHA1

    04d650ae5f38ee951ecdee15313c286cb324712e

    SHA256

    dd41d9a77d61b4e452f943e1e5c0e6123b998e7d8cdd22d19693ae511378692a

    SHA512

    755c63f8ae6626fa5881a25aaadf60cc473f2f62d7ca8c5a798e6d9f91af360d4ca31fa5dbf4ca46626f17674fbb2312a53c435b78f138429fb41c1187f7bb1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9914ba8c1f9f6e2e97bcc2b5b8e76f9d

    SHA1

    8dfedcb06df80e3e01a3255adea1492fd977682b

    SHA256

    266719018662cc6909a24db635d99f21ed9859867583f2fcbdb0fe646c703838

    SHA512

    9c8ec1dd202b609233ace543ef925248c17abf7d5adc91920f5b8ea4bbff1fdf7fee45e214fa9b4892daf6918db2973726ab74778bbe361da0a733ab51f21232

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    26bf8635b0f13831bd26d7aadedc47be

    SHA1

    58c2350b0caaee16231ae0c665cfcab1d3d7299c

    SHA256

    8eceaace83decb607e6077a8b6d330422ed7000125cba5dbbcf748d8c5ac5342

    SHA512

    92f511acb6ae82edff74f5788d268153999ed66a5563673848edaffb99264e6735d9fee4fe0744d71cb12783775d5fc5ef01b8871735173fcf8b7672bcc587cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8bfca514a338c001202e4e31b4c7f6f5

    SHA1

    0a4363d349bfd04fd608f976064ba3b9c2d0b9af

    SHA256

    2b44337b70cb80fdc490bc38cfde368e1b1454f427f59f483d7e3a2cfd3b1025

    SHA512

    7b2cee5d83b6ceab074b9c6b17ffa60deb1d36b9cc168f8686dee7d59f998470a1f6cbcf0c7f0ef834cf8d379b66e29214ecfca73cd38227880be4176266bc82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4ff0f56410eaf5ed58d46a20c124aa77

    SHA1

    c05ff91c65f61e7040d61d601a4e982b4406d02d

    SHA256

    a8534bd60558a4edbddea7fb71e3e124a13fe93274a650eeb83d95ddc0d162c3

    SHA512

    ca8d332467f3f30bfc8f90ad6a52578b90b8e91719bb94128d48e88bacab22bae14e4c3ba951945f357e6c95e0495b5bd1bce76df2e5426486906c5195bc5817

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab13C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE0B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit