Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Bloxstrap-v2.7.0.exe

windows7-x64

3

Bloxstrap-v2.7.0.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    34s
  • max time network
    36s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 12:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bloxstrap-v2.7.0.exe

  • Size

    10.1MB

  • MD5

    2c752edef5b0aa0962a3e01c4c82a2fa

  • SHA1

    9c3afd1c63f2b0dbdc2dc487709471222d2cb81e

  • SHA256

    891846bf656253ca1cdd28584a28681e9604e2a03d74cd6b99313e3bff11daf8

  • SHA512

    04d25fe7d40c8c320ffc545a038ad6ea458df6a8a552b0e0393b369a03b9bf273c72f30169bd54e8eb10757c04bdddf3859c601c1eb9e1a12fe4d15658906dfe

  • SSDEEP

    98304:TYd5DQd5Dk9Tsed5DogTrBKvGWD3nIOYoHwfLk3vSmaR0+Mc4AN0edaAHDfysrT4:Tasx3vG6IObAbN0T

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • System Time Discovery 1 TTPs 1 IoCs

    Adversary may gather the system time and/or time zone settings from a local or remote system.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.7.0.exe
    "C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.7.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1920
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win7-x64&apphost_version=6.0.31&gui=true
      2⤵
      • System Time Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2556
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2556 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2108
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2556 CREDAT:537618 /prefetch:2
        3⤵
          PID:2328

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      abc9d051e54c395e9a003bee4cc20abc

      SHA1

      79fa5a6f531995d5d2238b43f6580a24e37ba9f8

      SHA256

      fe87859198105837e53fb5bf589f15b9d2fe60a1b0e2c1a782630af200c15346

      SHA512

      1a98afa535279b3de7fc93d8725eecb970528e37440f08dc35fd94f719ed2b919c2e5d4029e22fded60ea2529b33646a7ecf84930dafcb112d7080b13c42c667

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      825b737beefe01dc1d95c69ef104f6a9

      SHA1

      1cc1e1511d90133fb8c04e77a5ca5163ac5a5ba4

      SHA256

      7cefeb40a60d43d5de7169067639e1fae65cb708de030e125001017ad3a1be0d

      SHA512

      f797b8c1524d4ba2ca237a1f443318b15a8312b4f465c61235807679c454dff4e79171156c03ddd67b9d55ef56401a690825bf8ae1cdf050e1da24f70a5c39c5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      b01d10898c4878013ec5c9fdaabc80d8

      SHA1

      1971f944168b010c821f6007a815895e1993f712

      SHA256

      a5a65679eb6703db0d167e4be52056e6c96d8106ea2dbd83afa3ce46bdb01286

      SHA512

      e1b08912da69492810fdef168eeb28ab0d4946ea00bb9f7a7deed806cc45bd04fc4487d48b3239ab125bc05b35b812fe93f69510a201713f286cb708a72103d0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      99363bdb68f7ed84ec4bec118d3f5527

      SHA1

      3a73aea2a024eb71e122f1a157dd95261389a055

      SHA256

      b48ba53cd2f4e18977beb171d1c6d8b93e32e19f5f3553e35f4c071a2cbbf568

      SHA512

      f415d571a7b695ecf5904870104986e8ae24e45cd5c32839f82178d617b98d97ab9213cc4c8884ea559b2e11ad212620b05084b22eaf59b992903c4f509a2929

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      64a3e43c41aebfb545730f3decdf988d

      SHA1

      c2d33205aaf7184e7cc968ffd29f6f180dcbe9f7

      SHA256

      ad6e3a8f08be02492b2b61b28f13648d01ac877c3744ddad13c63824729a3409

      SHA512

      9e828a04fb38c492048c9f9184a06d5c936f82f6effbb896a4301f54a00ac077158209d6195a880f5930d6b5111bed83c7e95d4d71bdf853f3b55b58898ece6d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      8c3beb80e7f49f3fe9b895248e4ba613

      SHA1

      5882ab5af826c41d1efb925117de990fd5918b51

      SHA256

      ec5560278beb05126554e77234b778ae4b26f1ce3de3d15de65fb0a2ce7cbae1

      SHA512

      f6c379be001b31f4fad4fbde84f64da7969be7a26c2b559fc83d41ceb5b7fe43cb1e8171b9f60c2effef34bc371e743672ce0fa80fa9804f42a955c4a756c0db

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      01b1e33324b17544f0f11ad589c175b9

      SHA1

      d13bf99811f92e2faa529fd9e30fa7b2facd1aa0

      SHA256

      324821e7812941a3422aa6b70dffd7a17966dbdc39c9b5ab1ffbe3c98ed27056

      SHA512

      b0dd0675843087ac051be68493e5feaae9101c0dbb5bceffd1bdef2e33feb0d53e9d8ba4ec8e558d9f71b4194ad9811e4855f8034e1b5004695ea855483c084c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      1bd8b3c96bd851b3b12dab0b26549a7f

      SHA1

      e395d58b144a5fb2af7cf4237261713e64dd11a0

      SHA256

      757313a19d3f3b6d774cff1b7388a84dca80d0ae4b317833a7e5d554b81145c4

      SHA512

      6695f0479e94791b1a974da5a1f3724e5d96f004865bd7295d924963b26296981a31c7a46301e66823992235c52f30dc2b58e76a18183c8cb05869f21b421b4c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f1eceb883737798f2facde1a9c3c6a01

      SHA1

      ed28cd6e73960b8aeb01b33a5799080cd1bd8659

      SHA256

      5ec2972e877d55ad6e39c7a10f61d673cb9cda957b143c7131676d1400c7fe88

      SHA512

      6ed5ea866362bb82b3f84b9f6dcc4de04e9c9521af2122a0ab98c569c94c0335c7d12f45c240c841bfba3a6f6fdbe9d934756b102497466fb2166cbf9b7558a6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      7d4351759c18a6caf558059b9c5bf5a5

      SHA1

      3449b4c6b216f60fa66a5ec7afb3aaebbc20204b

      SHA256

      fb012350de815e13d4394db1ca85ca987951fd2e7a91cc697aae120927d7f7dc

      SHA512

      afe180437637f661915c5312eb97db9b944c7bd018cc5d79e78e2c6303586efe9370d5b112117daa11a5538dba4e2a4668d3e5043a0d108dfbd4c67968c3dffd

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      43d67f847682a36e97072cc953012aad

      SHA1

      9b326cd4bdc7e85f333f203603d0eb9517d2c104

      SHA256

      98c5dd01894e8eef575e0d3a2014dafe33919f7dc3c343a650eb2707c2ff128d

      SHA512

      4d0fe5f79e5e0a02858c2ecdd23019ff64a161f38fb46a609c26c3af17579ccb232f7bb5ea646871a594e548847b9e4aa8c85b1324f7390f8e4e92358850639b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      19df286d0ddab9c2058af3701ad6bae1

      SHA1

      8e1624e6858c541704ee8c016edc26dd6d4d9e7d

      SHA256

      d81db3aa8dee23a2e054ca297eff31750e383180bdfeb2abe0af7ae43e8ae43f

      SHA512

      a623d11165fb69b58df00aaa1075a4fb6e03cc98cf56f6a5fdb35171d75a9a91a2de2fe449b8009c3335b121e56c938d5571d3fcd5f60ac67e500d9763077cd8

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      afd4f62a02db08d248db278f1b274534

      SHA1

      d8adb66a6a8587ea2e19c693f714262e65a3ed2d

      SHA256

      8bbd029171e973715038c506e2f547fc6c5069ddb085f987ba6b0aa237f630d1

      SHA512

      29702397d46bd4f641a37115caae046e97747b1639cc317e9500da18dc27073deca0a915fd8e7c3e340e4bb116a0208dfa431058d1ccee03c4716b2b15ac8b1c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      4d8306986ff6c1a59698a4abdca8ca37

      SHA1

      5c2a96c7f18c945b176543c6bb6bfd7eb6c7a888

      SHA256

      d7db8aabfd5a3ea2568b7600c3d8c52778b82fbc301d21a1e5086a0201d8ea4b

      SHA512

      3b2c33b7781f52d734d14e95c397b36aee181078aee3288fcc56c8113c9886a7e208910c652aebcc5f70cedbeff94d5b9a4249ab4047b620f2380abdae564f79

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      2b0e241c632cfa9354a5ba4bb70b2d1d

      SHA1

      5f6bbb3083e601125059f9409234b497b9b6e76d

      SHA256

      53703e4772ae58876a860cdf8497d395f8475b5520468497686c0669b1e3aace

      SHA512

      e89166ed1e062d38b177f3d1a0b09a92f6e2d7b41d56172181bcb77965e112415e9f5207c0e6fd289e34eea8a143f824afdc0bfee7aa9f0d441850e9ed6b8514

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      27c840fc7d85434cbd6be6dd34d5862b

      SHA1

      21e27fbc54ea41484257c45e7979e742b12371a4

      SHA256

      9f5932a93f06cd0cadb6a28dfcbfc92f78cb780dcaec4d93fdb1b568210bb9b0

      SHA512

      953da54c9133209a11d1ac659df1b34d14a17b71d547ae89da45b67153e85c002b27e3060bedff4ec2efb742b152116cdd39f943ac6671e6aec6a79e53e3d8f6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      104d50d507d1f0eefdb531413b8b9b56

      SHA1

      9af36c6d325433469cba460bcee5c65129c75afa

      SHA256

      5d79c4da129d5b97f369f28ab5b051bebbe28a7e019f689ab3cfa203b3d7b8fc

      SHA512

      14fa51d58cde84e74d6e324de8e315d2d9d118ee837b0a314ac9181ff1742cc9f9c59ca78024fbdc5f06bc8433aa309992d14e4546fab8205ae5e7cda0411b07

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      7c219367a560a047aab7e5145c1f9a4f

      SHA1

      c555c35d75ed1b962d29876004f79e6a6c776382

      SHA256

      61af30ec598cd72d99e57ecacc11223e15418e14ef2ad6873a3529716f5ce54e

      SHA512

      64a40c679c5204ab12045031492c3127497ab8a4103efd2d5b4ce8ffe293177e54990e5e6fbcd11bd8401e80246de9915c0d38c1216605e7d2ea2628f62154cb

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      d3ec904533b65cc2a15d1be091755102

      SHA1

      b5d2818766b6bb28b581be80f1c53bab11d5aa58

      SHA256

      8c9e17625517af4800f0f610f0b1877ee48374c2c3569f625464b0d490fa7a45

      SHA512

      9662c9479b3abc621586a74be47fc477c682d9d0714e75ea3dae93dff0d4dd2fffa3cf297d64a8b2bba62b4f692fc986787ece033b42130ec2461b54027f1046

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabAC48.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarACF7.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit