c2c518b4b0f151045b3b1cba54b7b2a950763977d2db31299b98ad84756a784b | Triage

Submit
Reports

Overview

overview

Static

static

7

BLTools v2...FS.dll

windows7-x64

1

BLTools v2...FS.dll

windows10-2004-x64

1

BLTools v2...O].exe

windows7-x64

7

BLTools v2...O].exe

windows10-2004-x64

BLTools v2...or.exe

windows7-x64

3

BLTools v2...or.exe

windows10-2004-x64

3

BLTools v2...et.dll

windows7-x64

1

BLTools v2...et.dll

windows10-2004-x64

1

BLTools v2...se.dll

windows7-x64

1

BLTools v2...se.dll

windows10-2004-x64

1

BLTools v2...rs.dll

windows7-x64

1

BLTools v2...rs.dll

windows10-2004-x64

1

BLTools v2...pf.dll

windows7-x64

1

BLTools v2...pf.dll

windows10-2004-x64

1

BLTools v2...rs.dll

windows7-x64

1

BLTools v2...rs.dll

windows10-2004-x64

1

BLTools v2...pf.dll

windows7-x64

1

BLTools v2...pf.dll

windows10-2004-x64

1

BLTools v2...nce.js

windows7-x64

3

BLTools v2...nce.js

windows10-2004-x64

BLTools v2...s/t.py

windows7-x64

3

BLTools v2...s/t.py

windows10-2004-x64

3

BLTools v2...uru.js

windows7-x64

3

BLTools v2...uru.js

windows10-2004-x64

3

BLTools v2...osk.js

windows7-x64

3

BLTools v2...osk.js

windows10-2004-x64

3

Analysis

max time kernel
139s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20250129-en
resource tags

arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system
submitted
07/02/2025, 01:03

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

BLTools v2.9 [PRO]/AlphaFS.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

BLTools v2.9 [PRO]/AlphaFS.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

BLTools v2.9 [PRO]/BLTools v2.9 [PRO].exe

Resource

win7-20240708-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral4

Sample

BLTools v2.9 [PRO]/BLTools v2.9 [PRO].exe

Resource

win10v2004-20250129-en

lucastealer credential_access spyware stealer vmprotect

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral5

Sample

BLTools v2.9 [PRO]/CookiesCreator.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

BLTools v2.9 [PRO]/CookiesCreator.exe

Resource

win10v2004-20250129-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

BLTools v2.9 [PRO]/Extreme.Net.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

BLTools v2.9 [PRO]/Extreme.Net.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

BLTools v2.9 [PRO]/License.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

BLTools v2.9 [PRO]/License.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

BLTools v2.9 [PRO]/MaterialDesignColors.dll

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

BLTools v2.9 [PRO]/MaterialDesignColors.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

BLTools v2.9 [PRO]/MaterialDesignThemes.Wpf.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

BLTools v2.9 [PRO]/MaterialDesignThemes.Wpf.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

BLTools v2.9 [PRO]/Microsoft.Xaml.Behaviors.dll

Resource

win7-20241023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

BLTools v2.9 [PRO]/Microsoft.Xaml.Behaviors.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

BLTools v2.9 [PRO]/Ookii.Dialogs.Wpf.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

BLTools v2.9 [PRO]/Ookii.Dialogs.Wpf.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

BLTools v2.9 [PRO]/Projects/Gumroad Balance.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

BLTools v2.9 [PRO]/Projects/Gumroad Balance.js

Resource

win10v2004-20250129-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

BLTools v2.9 [PRO]/Projects/t.py

Resource

win7-20240903-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral22

Sample

BLTools v2.9 [PRO]/Projects/t.py

Resource

win10v2004-20250129-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

BLTools v2.9 [PRO]/Projects/zelenka.guru.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

BLTools v2.9 [PRO]/Projects/zelenka.guru.js

Resource

win10v2004-20250129-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

BLTools v2.9 [PRO]/Projects/zoosk.js

Resource

win7-20241010-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

BLTools v2.9 [PRO]/Projects/zoosk.js

Resource

win10v2004-20250129-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

BLTools v2.9 [PRO]/Projects/zelenka.guru.js
Size

663B
MD5

cc191d2a91e450075137763698b776e5
SHA1

a0b40e06adb9f0b769c655f9a358f9c61a7fbc6a
SHA256

ecd65971d908862ade582539d6baa34981c616964bd1f29bc4aea0e8cb20ef79
SHA512

a6fd13193ca85a4bba127f324de99764246f1f8d8eecd44a20b15389b5fb6fec8bfe21f8b288099dbb7916bc0b6c7086224d5f7a4c201e9ce21c2647b146a0b9

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Processes

C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\BLTools v2.9 [PRO]\Projects\zelenka.guru.js"
1⤵
PID:2844

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy