Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Bloxstrap-v2.7.0.exe

windows7-x64

3

Bloxstrap-v2.7.0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 16:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bloxstrap-v2.7.0.exe

  • Size

    10.1MB

  • MD5

    2c752edef5b0aa0962a3e01c4c82a2fa

  • SHA1

    9c3afd1c63f2b0dbdc2dc487709471222d2cb81e

  • SHA256

    891846bf656253ca1cdd28584a28681e9604e2a03d74cd6b99313e3bff11daf8

  • SHA512

    04d25fe7d40c8c320ffc545a038ad6ea458df6a8a552b0e0393b369a03b9bf273c72f30169bd54e8eb10757c04bdddf3859c601c1eb9e1a12fe4d15658906dfe

  • SSDEEP

    98304:TYd5DQd5Dk9Tsed5DogTrBKvGWD3nIOYoHwfLk3vSmaR0+Mc4AN0edaAHDfysrT4:Tasx3vG6IObAbN0T

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • System Time Discovery 1 TTPs 1 IoCs

    Adversary may gather the system time and/or time zone settings from a local or remote system.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.7.0.exe
    "C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.7.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win7-x64&apphost_version=6.0.31&gui=true
      2⤵
      • System Time Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2532
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2532 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1976
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2532 CREDAT:603142 /prefetch:2
        3⤵
          PID:1536

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      c359f4011f7fa2f5498164db323e7956

      SHA1

      046ecc25de35f9caa9d2db69e1d861ebec3af4ec

      SHA256

      e48980d15d383189d3769d84a6fcfb04316b6f84a2f9da0f818fd0fbbf086cc1

      SHA512

      536dd3ce4ae038e1b504cd66d702e5247b8259884976b83852a95f0f31f0841850503d91deeafa4cf27386ef463ded1cc9cfc64f1959d1ca3ecec48b92052912

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      9412bf17077de7c34a038cefe32f15e7

      SHA1

      b0f6602e22340060dd864bf3cfb0fbdca1f33bb7

      SHA256

      fb96c75a5517a9fbad83a2f3eb8b8f3418ce19dc2d3d49c4f877a2a824b53360

      SHA512

      813cf7def2d68dc805318d59ffeb192866e9ba58409b3081e8c5e2b56070d359eab5f8fa91e5e4be04ecfd68336c9a17a2e434e63449e8d3d7619969e21a1c58

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f1a7278edce2ee9784354b3fb1e69ce0

      SHA1

      090bb4230a6cc5cc30f91afabb96ffe44062b7b1

      SHA256

      01791ac347e8bbbb0a37f22c72a1d9199ea4d2d9f3d6289165a448806c673634

      SHA512

      f521c545d3db555146f1cd40c2ddb6b862ecd5a1a4e28da3f61a21a7fa052980f74dcaf80b274200865e5ee93cbd282141f132a471069442f85fe314325cb686

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      42b929cd4b7c61832c9d90f0fcaa3691

      SHA1

      7d74b283ef5f5025b99ab6f2ddadef2d50c8fa65

      SHA256

      27907a74fccf80af14b49d6c102b68922a3a745dc32e0a6857e9670eabfad428

      SHA512

      ea28fc67358fb25111d7d8d8d25378eb63ea99c21e4e58fe93072744ea15fae96c6875d7cd520e58deb6b8552293c5d8349dea510e6f056b04eecf85f4c4adf4

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      4a1d80305ca55de2ec10852bc23c8658

      SHA1

      f5fa544b9b721bda17a0e546cc3efcbfa0737b03

      SHA256

      72f70f1abe738bf8a9c6e4c1e65859da55e599fc629a78d3d2df7bf9c678babf

      SHA512

      11034c2f2a999bc8843ea7e4513126d7c3616a74c04ece7386fd6dc53e9bc6e0ba9833b2b83b007de16e29ded213d2d3f2386ea8cb4f75f8b9eb0029f62c0465

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      34c9f3bbe3d254d4541f8624632f7f1e

      SHA1

      be0dd064fd96c107b0e88152721a2be43c38b339

      SHA256

      31087ab98b4911ec4d54162ac16c0743295fae2c1dfae0671bb25ee8a8460d7e

      SHA512

      9c99f5820f7e26b466c0b04b532f66522b45cbc048d138d1e54f16d60470c859785aea44fa45f2a77433431e1cfa43dfd3896b6ba6437f8a04926300e71b896a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      d2a7e2d77749d88ef0004c84d84b2cd6

      SHA1

      c6f5925e6511292ee55a1db897cafe45c1a68de5

      SHA256

      87b49817e4b6e81c33857692da75a2969ba8695822e113cbb7de27f4aaacb970

      SHA512

      486bf0c89fe1f8b6f127e3746b8b86b985d5f2fef03bd1c9eea78bcce38ff269c43205dbb3deaf529753879b6f696d329a73a040e14cb99dd3deff2684b028c9

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      21fc07a00cf77ac0ec16ef07897a9d67

      SHA1

      b4f8eb4170b25ef8b1fb252b0d054ef1235f8958

      SHA256

      a660bbca26b693f750b69ed17185a88a33192bd9714f29ac93153312268a2710

      SHA512

      59d604b44f033e9c6aace4676ef4a46ac26744fad2019f1ff633d858edc784e83e11e70be05374105adf0a41e5c29029c183f05b2b9670593aecd5394a42c74a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      414d88485e2efed09206207cd1fd2bb4

      SHA1

      add3fc4879cfaaedc99da772ceb0242b5bc80e13

      SHA256

      1b69b6c62125013d0829a322426494888e36ddbfbbe0f92ce8df03c3234cc0ac

      SHA512

      6812486a468b5ed67a948a2642d4f23823bb60422509c7bcf444ac8f4936f6ba14889f51efc7451f07a96c6f88567df49733f90b7c508be2382428c297793b9b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      4aa09e2b8b9d1e73746a2b3813969fc8

      SHA1

      3e28a6232fea74928560d01d581478f21a617600

      SHA256

      ea37681b966ac9c1fba11d72500b365e5a00730fea3714c0ca5c8c4c4271d2fa

      SHA512

      dc0eace091eccde6f602c531b48572a7cd59245daec4bc4aea60590e047c972142b84a356c134318d8d89b7a716ccc29e58e8908a75e58102e7760cdd0dbb7ee

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      0a0279a8570c5017b437a24c664a0c8b

      SHA1

      72da5ad7eb7f16a5397c74c81ce7aa94b7d3f7bd

      SHA256

      257f7ef0d5f1c83f64f08544ddcb688a86cf9e600cca4c720f98685bf92b72da

      SHA512

      0e258c8d078c4ebf858a52a6d2014f57233826a588ff0b145247631688ac06ca0a0e762f12fbc3ec8be2a83c1188ec8632b8c00c2023f7ff0a20c0fb2f691c5a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      fcfbace8de602755ad1e30f86309df2d

      SHA1

      43803be1bfd7a9646e4a1444ef4c8febeb1aee96

      SHA256

      a2353b362bda8f9a2613795eddcc3d210ac2980e714157714469b4aa76eed320

      SHA512

      458e610747573ed336184e17c69fbfe421a4ce855ecb8962e5ab3fe517ddcf84fcd9d348389230800eed31aaa9e91738075ba3e90f9538424ff7402b1b44e495

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      d87c6abd9ddec8c4fa6cfdb9f93a5290

      SHA1

      d77dc5201991ef1133d2ebd41690c087f70071b4

      SHA256

      2bac00fe4dbc8d0b33353417c974620a036dd645f6b957e1bb32f91c3d3ddf24

      SHA512

      ee7506f9cbcd3c14243c4a16241f193443df6c58cab4e5e34e1e81a0106a4db3b604dc8a393842fa491920f2aa31bc45fbd398373635a5129299fbd05f7fac2d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      5cee4425a2d1d98473dc4aa68a630d57

      SHA1

      c3cd01e3944b8ee8ee47bcb75bda8490a4e9c28a

      SHA256

      9717a246dd06307576c0499239e901df501e93787744aed668c0c959c488947f

      SHA512

      357c35327630a4e46d86729f50a1ddf2bd60f3d81932b5d69deb7d7cb7d022aad0d7f204a5112dd1acba331669b87dfcca8d7594a7071ba5649084ea987e6613

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      d28b5bfb0976b0f369c20711062ce8a6

      SHA1

      f8dcfab0701d58fe78ccc449ab7132352644dbe1

      SHA256

      90e4f391271a1fe4418223ba2c1d5636d78cb0b0d12409e58a2fc8fbbc6c3a3a

      SHA512

      5fd43d70b5d978dc929ed7faed9a417ddb711bcdf47ba74ad94c55dcd01f3a5433c4da094bc7966d4ef765f353d5241cd0167fe66a9609a1f6fbe1f051fa1211

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      987971f89cf5f9d80e47b5f4f554af6d

      SHA1

      cfa2763c0e0cd4e47209ba1d6d553c205d7e2135

      SHA256

      328bc0f88ffd0297fe416ae1ab790fab96e607800b64ed978ac0e851c0e27e4a

      SHA512

      b3a65292e144e56486168c1806800227089374f2657bf18b696aa1752a12f99f41ad956efd7e8092efd3b16cfd7901b4bcc11979bd5f5e6a46fb4d7358ae8a0b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f4cc40d3426852521924359d473f8e2a

      SHA1

      1c0cd8f93b46b8ba3eb419322790facdcb36c0d1

      SHA256

      aed99b90885065640bc6c6c00b42442493bb88dc0c870e304e008df1be5150b6

      SHA512

      e05521f66f74b854a9ec819718b582e5488c7ae40235a22f63d44609fef9e757fa7c32191ef43de77c2a00baa871122ba687313fa75d03e70b9daa9df3e46870

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      8e411c2333d8efb43f149b09d5ecca7b

      SHA1

      064637f0d5084f1ad0c97e74e5cd4bc4c196e211

      SHA256

      b8455eef7a7f954573705615df227fb60423f5a525aa197d7d3f8f0a49fc0f70

      SHA512

      4cc42ee0de10c27b39693be9525fca6acf3b5b623b57156a036f1b70ab83a4190d4ebc7da17d71461e5407f895608deebdb949c6673d141efad926528889a694

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      0e15e4fac3f5a7bb398baa10ee82c6fa

      SHA1

      768daab4e8ce659b785e385269199cbb2a041376

      SHA256

      3c0607f1e10b9c8b85fdb7727915ad889632dc7f57018548e7d3f4ddc53af29e

      SHA512

      a365189bb5c6918547fe325d82f21d773744b63a6c5dc98e988aa2cc3e06747819bb07af0124cac9070ea168ccbecc60f266dc8661250f689e3773dc0fad8408

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabFEBB.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarFF4B.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit