41d07944eff956fc6048946feac8ccdabdc6ac1523d7a78686e7b1cc8078f603

Sharing

Copy URL

Twitter E-mail

General

Target

Bolt AIO.rar
Size

2.9MB
Sample

240223-mkqq8seg4v
MD5

3eed9d13128f996bb0e501b1fb278d63
SHA1

b2c3f725d5b2eafd2a812a94cfc7982a17b09230
SHA256

41d07944eff956fc6048946feac8ccdabdc6ac1523d7a78686e7b1cc8078f603
SHA512

fa4ce1611e2ada68ee5581b338146cc9577f6f45dc5b07a2d9c4ea33759e8cb08d648180beae9882cf92fdd91ba6b7407ce4a16dcdcf6bcd30a9cd691ff3cc75
SSDEEP

49152:NhftJmvZ+layfbOOk6315Bmh0otpImiJNJR2JTnU+A0KQKyE1ZyvXdKickWeLqI:rftch+layyOk63n8h0ocms3R+U+AB1ZE

Score

6^/10

Malware Config

Targets

- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Bolt AIO CRACKED BY [TZCRACKING].exe
- Size
  
  922KB
- MD5
  
  727188832e9d77e87ebd1aaa12105638
- SHA1
  
  0a547ad642b712ab92a189acc776d3758ba163bb
- SHA256
  
  567b8af881787af693a08f8c0849d104ea1427e65c5275e554346a40c44bb219
- SHA512
  
  5cf2ff673614718723f15d7201c6292fe8be0d24cdd9b2bd210c8155049b2e3045ae4e05be9f09deeafb04d3d4e690696750413576cd675a33d2a85484d36dd8
- SSDEEP
  
  24576:GF4fE2pLTyWeFtPtFt6WxWFTxkt6WxWFTxZ:eYLT2rlrj
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Bunifu_UI_v1.52.dll
- Size
  
  219KB
- MD5
  
  5eca94d909f1ba4c5f3e35ac65a49076
- SHA1
  
  3b9cb69510887117844464a2cc711c06f2c3bd19
- SHA256
  
  de0e530d46c803d85b8aeb6d18816f1b09cb3dafefb5e19fdfa15c9f41e0f474
- SHA512
  
  257a33c748dfb617a7e2892310132fd4abf4384fb09c93a8ac3f609fd91353a4f3e326124ecc63b6041ac87cf4fcc17a8bdca312e0c851acd9c7a182247066ea
- SSDEEP
  
  6144:o1uzZh5rYAuBjtnkbxuzZ7Mg3i3hJtm4Fw2hHQHcHKaPUb:Ku1higb4zZR+9mcHX
Score

1^/10
behavioral3 behavioral4
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Discord.Net.Commands.dll
- Size
  
  126KB
- MD5
  
  8a5896e28e8559c71b8be16288c7fe52
- SHA1
  
  bc0a638a94469223a0fa0d2819da3da65f8cb514
- SHA256
  
  22cecbf930719a2131375a69a9749b5e736584f07783586f4c4eee35e90f3fa6
- SHA512
  
  ab03f833e669230f22c0eb4089afdfa3ae5bade4e2584058ce4d15a83243d8c88038a7aff0b081002dac027d00cce62582e57a0ef320ca8b357ae9ccedc090db
- SSDEEP
  
  3072:NiCw/H2RSN6NZU4pnEUtn0nnWDCQv6pYkm9MVHmDS:Nq/GSNwZDGwb9MVHmD
Score

1^/10
behavioral5 behavioral6
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Discord.Net.Core.dll
- Size
  
  168KB
- MD5
  
  bf6715065888d1a9ab096042646565b0
- SHA1
  
  7aa81aa1e066451db5f52a79afc7b755eb69a76a
- SHA256
  
  602c55466310cabd838b98e0f0127ba150a8bdb3545e9717b1e13f00260c31bf
- SHA512
  
  6f1bb3351abbbd76df548687f4623286a381e398fe5a35f5732b69916d44110cef7422223374a4beca130ed673a731cc64710596f23dede3efcd0e8a137b90fb
- SSDEEP
  
  3072:Tyoe1DpzmW2tLHoUm4orVDUCwfsCDlLtSor7LYtGKJytsV94CH6EZ+T18lSU:Tq1cPhSoPYU++
Score

1^/10
behavioral7 behavioral8
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Discord.Net.Rest.dll
- Size
  
  636KB
- MD5
  
  7b8c018987190fabd15af4b665482b8d
- SHA1
  
  dc8c42b5c163fc3f7b32c918f3a62dc2ad9a3afe
- SHA256
  
  7bc3eee34f122be0270b5befb5f39fa63c26df63ba80f5c3b8c70b8696b68b36
- SHA512
  
  5c012108e70793696e00d4072ea6b50f9b754b9462c29ac0cd784fdec23fd7588084d0192fe348f6e03f18468831b07d637fff2f422b5256fcb2ccac2a22f80d
- SSDEEP
  
  6144:yrN7etql5yPXsNTR6qEbd77ax5wyYuOwpyAg4OUQ/F+XIeyChihxYAn9:Il5ylqx4uOP4OU/XH/hihxJ
Score

1^/10
behavioral10 behavioral9
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Discord.Net.WebSocket.dll
- Size
  
  428KB
- MD5
  
  4dbb08e2ddd0a54c46fe14dbe81feb43
- SHA1
  
  c6f8febaa3c3af5fdefd17c4685ec5c17fd40a4f
- SHA256
  
  b99cf063d3bddc300781064ff2197f0f23da44c6c2e2a5a808eae94dda4597e5
- SHA512
  
  72cc639a12fcb75e3a0e0a63b9fed13833214a3c2aa71a034923abbd5181f8a2f0877bf72f4eb79f2da58d0fba14505e0d2348c40a48311b8a3c50ba24e4b573
- SSDEEP
  
  6144:11cBPX966HF/rbyN9uvJSa4k/N8FYdccG41e9opc3jioynoKonoS2EiEjYqoWoi7:11cB/9R1SHcc6dccF1XZOUg8ZmvV
Score

1^/10
behavioral11 behavioral12
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Discord.Net.Webhook.dll
- Size
  
  26KB
- MD5
  
  42cd9c80bd759597cb64b6b61d8dac96
- SHA1
  
  9fe1111b868837e25441d1218f86079f86e6766c
- SHA256
  
  0d83f067a0bec689f9114c84cc23d9ed876071b134e53b03204eb1a02fd8b4c7
- SHA512
  
  513b304e7412f55b62cf554b6e68925ae0513d90dc0cf58329fd0a4c246c700f892728122f27ae6a8be47f607d5a499a50bce14fa1293898ca934d1d5b4207ee
- SSDEEP
  
  384:oGEpx7d1wvyu6CsRoKo0eHbRk4VddPM1/gRnOeTBHLFUH+pg2Qlnz86D61vYnAf7:wjdyy1Vro0ubRPV/QgHtI+pkbD+QnK
Score

1^/10
behavioral13 behavioral14
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/DiscordRPC.dll
- Size
  
  79KB
- MD5
  
  ad463f573775c43a561ade842c41b0e8
- SHA1
  
  e70e10a18a3ae85cd1ca9be66a7bb46d99ccccd3
- SHA256
  
  6a18dfc8bdc6030787b5814c76b8663dbe5b8ca469beb65a2ca9f5731fa1906f
- SHA512
  
  0c790e70150148f4cc516cc9abcdf42a5b28a0785a61cd02ab7d59776df25eaeea287c98522d4b3271cae8bf35f98d91049c6474e81cc2745dc32a808832efe0
- SSDEEP
  
  768:Jp+8VvNVQPCNRRUzpEqrK0V2Yct83YVhEbqoL/wDIijcJRM2S0B+mhx9HS4i6E4m:nVvNGP6U1bwueoRPMVo+mhxVS4i60
Score

1^/10
behavioral15 behavioral16
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/DiscordWebRPC.dll
- Size
  
  21KB
- MD5
  
  7ec043ca53212434b996d32e50e4801b
- SHA1
  
  714fc6b4fc9e9e5c2105300d2108a9236a1f83d1
- SHA256
  
  94e56a6e44f5bfd4296224664370fb7d66c1064bda508b2d75178b26b44b1cea
- SHA512
  
  98357e06df54ce2341055f53350a9d9b44a7b5d7b443624c803c95aaada0410909091e61fbfa81d7ada34bffdeb88415c87bda8691829756c784e163fbf0934c
- SSDEEP
  
  384:+8smliHYvmLB15dyFKKKKKKIBKKKKKKKKKKKKKKKKKKKKKKKKVsNUsXH/46txNEo:+8zoYvmBNySrsXflzN4/C
Score

1^/10
behavioral17 behavioral18
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/FlatUI.dll
- Size
  
  55KB
- MD5
  
  b63f5c816f8799857b9b8f95b6e2a9b0
- SHA1
  
  11840f6df4c32d24f0680ca00febdff899fcd4a1
- SHA256
  
  058c926a8818479b06ab9402f2a6c85eb0f64626c2956102d6699ad413afe2fb
- SHA512
  
  87962db2d06e8c5c487eba689723b61c540efd60b50a5476e2275bf2c0e043e1c131767ee66fdc7db93666c1f52591b043a79f08ae24dcdc012bcceb614d0434
- SSDEEP
  
  1536:ngsnXbl4Ss8W5DToAMncqTP7+9XeGCA2:ngsnXbl4Ss8nAEPy9XeGJ2
Score

1^/10
behavioral19 behavioral20
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Guna.UI.dll
- Size
  
  1.1MB
- MD5
  
  8673eae95d67e5eb19f0eca3111408e8
- SHA1
  
  ad3e1ce93782537ffd3cd9e0bb9d30ae22d40ddb
- SHA256
  
  576d2de2c9ef5bc1ea9bdd73ae8f408004260037c3b72227eed27e995166276d
- SHA512
  
  65c4eadf448a643f45fa9a0d91497bb25af404c41a3a32686d9e99ba4f4e50783d73f5b13d5df505cc62c465be300746d84a2eaa8000531893cd0b19d6436239
- SSDEEP
  
  24576:hUsmpWNSUFmCqJPNsTuJDYYviEcHy1t6Y:hSUQWSF8q
Score

1^/10
behavioral21 behavioral22
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Leaf.xNet.dll
- Size
  
  129KB
- MD5
  
  ea87f37e78fb9af4bf805f6e958f68f4
- SHA1
  
  89662fed195d7b9d65ab7ba8605a3cd953f2b06a
- SHA256
  
  de9aea105f31f3541cbc5c460b0160d0689a2872d80748ca1456e6e223f0a4aa
- SHA512
  
  c56bd03142258c6dcb712d1352d2548a055fbb726ee200949d847cb2d23d9c52442b1435be0df0bf355701a2c1a3c47cd05b96972501f457d2d401501d33d83a
- SSDEEP
  
  3072:gE3OJDHIfFLlL3pPiqhcLS/oZhttaMBM2cid:gHWZxJiqO
Score

1^/10
behavioral23 behavioral24
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Microsoft.Bcl.AsyncInterfaces.dll
- Size
  
  20KB
- MD5
  
  51498932d81573a557bc5006a1b0d762
- SHA1
  
  b69e5dd68c5cca7a7f4cb2d7469f0dfc062d1e11
- SHA256
  
  d50d47b9c5de82d563aff208a600da56564d055cfed97421685e5475230d3e70
- SHA512
  
  c05dd99d948637e0bbbc775c2bf2fd9d1970b2970ba6960c570da148e3ff375e5ad87b4eb8a431b0b2223e482a5f834182d9d319d660b4b1f41af910a724476b
- SSDEEP
  
  384:We/UHMWL60VJI0yydaVemxvqD8aWepaoWMQHRN7WprJXhlB7+Amh5:V/UsKV9K5dG8erOAm/
Score

1^/10
behavioral25 behavioral26
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Newtonsoft.Json.dll
- Size
  
  683KB
- MD5
  
  6815034209687816d8cf401877ec8133
- SHA1
  
  1248142eb45eed3beb0d9a2d3b8bed5fe2569b10
- SHA256
  
  7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814
- SHA512
  
  3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721
- SSDEEP
  
  12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc
Score

1^/10
behavioral27 behavioral28
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/Siticone.UI.dll
- Size
  
  1.3MB
- MD5
  
  750c58af2e56b6addecffcf152520ab8
- SHA1
  
  14995e7f1d12498606d9d209d78d55fe6fd87802
- SHA256
  
  27c56a28cbde094157206da1bfcd7a395111ab97b8a5ff600b11c2175dcefb26
- SHA512
  
  2179790e23f61b3dfea828457f8609279c70b1e071cddc73b1dbda02caa664e0aae2553fc24a4956f9e89c477d66b1a704bde26fa23bc6db26c19e18db00abb5
- SSDEEP
  
  24576:QVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8gb:u8NlaVeuHFb
Score

1^/10
behavioral29 behavioral30
- Target
  
  Bolt AIO CRACKED BY [TZCRACKING]/SuperSocket.ClientEngine.dll
- Size
  
  41KB
- MD5
  
  bbea7769de6a008c3156141c52fdc18e
- SHA1
  
  7d9f90e8da62f9834f532e9a0aba54969c14ec28
- SHA256
  
  9863a8ca0fd55fdf1de8d64cb89d034fc009a58220d45c5f4f83c6cdd0c5cbfd
- SHA512
  
  f7a58cbc5a6bc964d2af1a654a5eaee19bbc818352a9a3547a99952c027dbc67307ccb0987ff1ff6c88850ad322fbea1530bb0172a95636afdf9ff34ab340420
- SSDEEP
  
  768:nDGXmBiIOJv2IIXs4UOPhbY+m/rihAt5A8o4/aBS8XpTt/yO0y:nDGXmBiXanx+zehk/WpB/yO0y
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32