loaderbot | e7203487206d08114e6ea9ab902cdf243b747d56748327b990810d886e81ca10 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

e7203487206d08114e6ea9ab902cdf243b747d56748327b990810d886e81ca10
Size

349KB
Sample

220112-2tqvxsedgk
MD5

3bd195609e3ea80526f15094a22b7ae2
SHA1

a18774362808d5b322f776e7eea55f7e1ce98d45
SHA256

e7203487206d08114e6ea9ab902cdf243b747d56748327b990810d886e81ca10
SHA512

169dc49e5077a4cf89db6cecacabf5dcf98bae5e5cd9a331ff219bc8e61ce8c727afac73359dad359772d3abe17f59082161de6c76ace9d85f9080da7df64c5a

Score

10^/10

loaderbot loader miner persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

e7203487206d08114e6ea9ab902cdf243b747d56748327b990810d886e81ca10.exe

Resource

win10-en-20211208

loaderbot loader miner persistence upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  e7203487206d08114e6ea9ab902cdf243b747d56748327b990810d886e81ca10
- Size
  
  349KB
- MD5
  
  3bd195609e3ea80526f15094a22b7ae2
- SHA1
  
  a18774362808d5b322f776e7eea55f7e1ce98d45
- SHA256
  
  e7203487206d08114e6ea9ab902cdf243b747d56748327b990810d886e81ca10
- SHA512
  
  169dc49e5077a4cf89db6cecacabf5dcf98bae5e5cd9a331ff219bc8e61ce8c727afac73359dad359772d3abe17f59082161de6c76ace9d85f9080da7df64c5a
Score

10^/10

loaderbot loader miner persistence upx
- LoaderBot
  LoaderBot is a loader written in .NET downloading and executing miners.
  loader miner loaderbot
- LoaderBot executable
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops startup file
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

loaderbotloaderminerpersistenceupx

© 2018-2025

Terms | Privacy