General
-
Target
Bootstrapper.exe
-
Size
55KB
-
Sample
231204-2f14qsgb85
-
MD5
f83cad71e17f33f9982f7d6abad5a00c
-
SHA1
f97a63401711f760ff3a16c53f044580e69686b5
-
SHA256
ba40f680d70bb6d8e9687c773586f01dd8c21a55e8a50f1c84dcbb0281aa0334
-
SHA512
3294c99d2d441e41fa6c0cc213bfa572638b2908dd5de65b87b41d9acecc1eb9c6b8f4ddc4f8c1a439c1f86ae8f9bfbf291057504b2cf82bf996083e66020dda
-
SSDEEP
768:06AJcT9GzAs3p87Q63q74/tn8exlzuPaRELMWbqkNA6LLiUfCZanIt:Scsu8kz8hrPbqZ1t
Static task
static1
Behavioral task
behavioral1
Sample
Bootstrapper.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
Bootstrapper.exe
Resource
win10v2004-20231127-en
Malware Config
Targets
-
-
Target
Bootstrapper.exe
-
Size
55KB
-
MD5
f83cad71e17f33f9982f7d6abad5a00c
-
SHA1
f97a63401711f760ff3a16c53f044580e69686b5
-
SHA256
ba40f680d70bb6d8e9687c773586f01dd8c21a55e8a50f1c84dcbb0281aa0334
-
SHA512
3294c99d2d441e41fa6c0cc213bfa572638b2908dd5de65b87b41d9acecc1eb9c6b8f4ddc4f8c1a439c1f86ae8f9bfbf291057504b2cf82bf996083e66020dda
-
SSDEEP
768:06AJcT9GzAs3p87Q63q74/tn8exlzuPaRELMWbqkNA6LLiUfCZanIt:Scsu8kz8hrPbqZ1t
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-