4b78c95b9a8e9f7e0934cce997b176f85dcb4a662bf134bdb3ce89f3ae47288b | Triage

Submit
Reports

Overview

overview

7

Static

static

1

Setup - Bloxshade.exe

windows10-2004-x64

7

Sharing

General

Target

Setup - Bloxshade.exe
Size

9.2MB
Sample

240701-f6d61axdpc
MD5

dfbe896ade6ae361efd045187b9ae9f3
SHA1

a5321f14809ddb9d2663685e63d4bfafb00a9f4a
SHA256

4b78c95b9a8e9f7e0934cce997b176f85dcb4a662bf134bdb3ce89f3ae47288b
SHA512

ff66de45f95b3782df9c3471dd7a8cc1701d9e4de5d8a991e1d7503da15d8bae8322b131b7f8fe1455678a40759b17b1ee9f011629b074dca07b588f1817faa3
SSDEEP

98304:soXaczi2BKW2oqTqYhLsj4xTdhblvVXn9SXm90hSJ:soX3bqTnLsj4xbbl9X9sg0hy

Score

7^/10

Static task

static1

Behavioral task

behavioral1

Sample

Setup - Bloxshade.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

22 signatures

600 seconds

Malware Config

Targets

- Target
  
  Setup - Bloxshade.exe
- Size
  
  9.2MB
- MD5
  
  dfbe896ade6ae361efd045187b9ae9f3
- SHA1
  
  a5321f14809ddb9d2663685e63d4bfafb00a9f4a
- SHA256
  
  4b78c95b9a8e9f7e0934cce997b176f85dcb4a662bf134bdb3ce89f3ae47288b
- SHA512
  
  ff66de45f95b3782df9c3471dd7a8cc1701d9e4de5d8a991e1d7503da15d8bae8322b131b7f8fe1455678a40759b17b1ee9f011629b074dca07b588f1817faa3
- SSDEEP
  
  98304:soXaczi2BKW2oqTqYhLsj4xTdhblvVXn9SXm90hSJ:soX3bqTnLsj4xbbl9X9sg0hy
Score

7^/10

evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtCreateThreadExHideFromDebugger
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy