Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

bloxstrap-...aml.js

windows7-x64

3

bloxstrap-...aml.js

windows10-2004-x64

3

bloxstrap-...ap.exe

windows7-x64

7

bloxstrap-...ap.exe

windows10-2004-x64

8

bloxstrap-...per.js

windows7-x64

3

bloxstrap-...per.js

windows10-2004-x64

3

bloxstrap-...nEx.js

windows7-x64

3

bloxstrap-...nEx.js

windows10-2004-x64

3

bloxstrap-...eEx.js

windows7-x64

3

bloxstrap-...eEx.js

windows10-2004-x64

3

bloxstrap-...ger.js

windows7-x64

3

bloxstrap-...ger.js

windows10-2004-x64

3

bloxstrap-...ker.js

windows7-x64

3

bloxstrap-...ker.js

windows10-2004-x64

3

bloxstrap-...her.js

windows7-x64

3

bloxstrap-...her.js

windows10-2004-x64

3

bloxstrap-...nce.js

windows7-x64

3

bloxstrap-...nce.js

windows10-2004-x64

3

bloxstrap-...ger.js

windows7-x64

3

bloxstrap-...ger.js

windows10-2004-x64

3

bloxstrap-...ngs.js

windows7-x64

3

bloxstrap-...ngs.js

windows10-2004-x64

3

bloxstrap-...ger.js

windows7-x64

3

bloxstrap-...ger.js

windows10-2004-x64

3

bloxstrap-...est.js

windows7-x64

3

bloxstrap-...est.js

windows10-2004-x64

3

bloxstrap-...est.js

windows7-x64

3

bloxstrap-...est.js

windows10-2004-x64

3

bloxstrap-...er.vbs

windows7-x64

1

bloxstrap-...er.vbs

windows10-2004-x64

1

bloxstrap-...es.vbs

windows7-x64

1

bloxstrap-...es.vbs

windows10-2004-x64

1

Resubmissions

12/12/2024, 06:44 UTC

241212-hht9estmay 10

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    12/12/2024, 06:44 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bloxstrap-main/Bloxstrap/Bloxstrap.exe

  • Size

    7.0MB

  • MD5

    3b7e32ec9089d2899e1700030dd837f1

  • SHA1

    247a69ab65ae550ee928484e984f40417df6d5a9

  • SHA256

    cbf6ba0da350dcfcad1e73dbbd838d129ae72e7f90b9138b241e8f0523144d83

  • SHA512

    67acd0040b9cae6d5bdf121f0a1b1aaccc45c832b60ca9c50bf95c10644d0127a49c9e4982a79eeb3a531457ec1bd043ad887446ab61a929f9f1d035eaaa2899

  • SSDEEP

    98304:01ywDjWM8JEE1r9amaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRGYKJJcGhEIR:0110IeNTfm/pf+xk4dWRGtrbWOjgWym

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bloxstrap-main\Bloxstrap\Bloxstrap.exe
    "C:\Users\Admin\AppData\Local\Temp\bloxstrap-main\Bloxstrap\Bloxstrap.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:848
    • C:\Users\Admin\AppData\Local\Temp\bloxstrap-main\Bloxstrap\Bloxstrap.exe
      "C:\Users\Admin\AppData\Local\Temp\bloxstrap-main\Bloxstrap\Bloxstrap.exe"
      2⤵
      • Loads dropped DLL
      PID:2620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI8482\python311.dll
    Filesize

    1.6MB

    MD5

    bb46b85029b543b70276ad8e4c238799

    SHA1

    123bdcd9eebcac1ec0fd2764a37e5e5476bb0c1c

    SHA256

    72c24e1db1ba4df791720a93ca9502d77c3738eebf8b9092a5d82aa8d80121d0

    SHA512

    5e993617509c1cf434938d6a467eb0494e04580ad242535a04937f7c174d429da70a6e71792fc3de69e103ffc5d9de51d29001a4df528cfffefdaa2cef4eaf31

    Download Submit

  • memory/2620-28-0x000007FEF63D0000-0x000007FEF69B8000-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2620-44-0x000007FEF63D0000-0x000007FEF69B8000-memory.dmp

    Filesize

    5.9MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.