General

  • Target

    boost_bot_universe_cracked.rar

  • Size

    36.4MB

  • Sample

    240411-vffdpsbb2v

  • MD5

    cea764e4f198bfbb043a63f00b4d38fb

  • SHA1

    6f70074cba073aaa35ee5cb53d68308c0a948b0e

  • SHA256

    d382e31f6f1f638b39b299fc9bc2fd8ccc206f5e982d10647ef92bd9653cbc99

  • SHA512

    b5f7f062ebcdb6158115ff19c70ac3803d00f44c5e133ef4b1f80ef6b533ab8962ce6a271e5b8b6fb8f8a0e4a282ea0a90671bc2c3c99dc3562eec693719aa41

  • SSDEEP

    786432:v+RvpldENqnLdoryq+cnYVynsDzmQb87peomOfBKpYUrI5yu4d:m7l2QnFbVynsDzmQb80omOfBKpIs

Malware Config

Targets

    • Target

      boost_bot_universe_cracked.rar

    • Size

      36.4MB

    • MD5

      cea764e4f198bfbb043a63f00b4d38fb

    • SHA1

      6f70074cba073aaa35ee5cb53d68308c0a948b0e

    • SHA256

      d382e31f6f1f638b39b299fc9bc2fd8ccc206f5e982d10647ef92bd9653cbc99

    • SHA512

      b5f7f062ebcdb6158115ff19c70ac3803d00f44c5e133ef4b1f80ef6b533ab8962ce6a271e5b8b6fb8f8a0e4a282ea0a90671bc2c3c99dc3562eec693719aa41

    • SSDEEP

      786432:v+RvpldENqnLdoryq+cnYVynsDzmQb87peomOfBKpYUrI5yu4d:m7l2QnFbVynsDzmQb80omOfBKpIs

    Score
    4/10
    • Target

      config.json

    • Size

      539B

    • MD5

      29e245a45aedca89ee36b187571c2769

    • SHA1

      6569db70609fd57c73be3ae5e5a9ebe6c8f4c3f0

    • SHA256

      868652a1847661cbdc6445a04229a392cbe2080779fe7d97f76ca9b865dc4e38

    • SHA512

      0027a0fda4367f009110e8cb27fbd388a4299515fa94e6376d3e9e214dafbd0745126cfc1c5dbc01c2edebd9839dc0da8c91252b3493e16f5e8b6cd69ba03ac1

    Score
    3/10
    • Target

      crack.dll

    • Size

      5.1MB

    • MD5

      4fe43200ba2e7064facb420eb2237adf

    • SHA1

      a604edb51b302a30c6036e08a714f7595e354b37

    • SHA256

      e5cb4c3a1e1e4d4e9d2447a8fdf8100600c7dfad1c62073451e83c3063e97d7a

    • SHA512

      77c17f5aad7cce4318daf6b10557abe52a84e1b62b8fe18b44f8851c67d1a3c345486d7a5ece200a989ad808d8b34efb1190fe745de17a61e700fa8d490b9046

    • SSDEEP

      98304:N0RqAYYCYrHdlaAxL6yzyczjI9fp4NWRdFdAexXfdmjLdGGf:dAJHdzxL6oycXSCQzdAexe

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Target

      data/keys.json

    • Size

      2KB

    • MD5

      9ee21a8a16c9c54c76436773250e2926

    • SHA1

      09ad247cb19fed45097ebd20b53f8d18e0f73005

    • SHA256

      e807588ad9278bd994e3b3394fa8661b57c847989a7367bd4a704dfd9e88b922

    • SHA512

      00a85e60ca53c02894041513f7c2405424d075cecceba850aeb577c30088bced8382213d8d78f541bc0112221be8187aaf63aadaa20a2ceccef3fa4683b491ef

    Score
    3/10
    • Target

      loader.exe

    • Size

      8.4MB

    • MD5

      c29f30435b3b550a2a4c8377b237c542

    • SHA1

      46db35eb372c5e4f093b0da21c881e70eeec042f

    • SHA256

      ca50bfbddc76fce9b7c8294744f8d39f820582c1befff35d6f15d8f2c3b55baa

    • SHA512

      331a2f323395515103126f1fd452e72dcd4f363b5a773e8957c9c9d7b810f45cc344893d6be393d94725b01c420c2f9a32d1c6aa95b5fb1ec273280b2db24164

    • SSDEEP

      196608:CzxzBT4qEGEkQliHbeLILLC3COBRQo59UHiWSzU6m45s/OdfSJgPr:CzX44EkQ07eTjOeUiJ2mdeg

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Target

      main.exe

    • Size

      24.1MB

    • MD5

      db3822657ded0b0cbb3635c0892a2998

    • SHA1

      55388c368e1f1bfbf1453fb47f7615c59cc583ea

    • SHA256

      b2caa42a0122b1ea6a3f360d66d344ff0008eca0ae860e1ff2e74eae265ba8b3

    • SHA512

      deac286fc4ae04ba2b4cd06883e785c2c9125d87bf5cbb6b3a5ee61ec5ea27699a1140fbe3716012426d09ee2862ecd65280f44c10eb6d3c12ce9156d5ceb4f1

    • SSDEEP

      393216:KAuDMU6Vkjq3j1oHa+enrBfZqYqz0odmlU3G2BLrW0JkfQ7a4KegVPMZMMPLqOXC:v20gJa+UxGnT3GCrXeQ7aLVpMPWOprM

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      src/.key

    • Size

      4B

    • MD5

      015f28b9df1bdd36427dd976fb73b29d

    • SHA1

      1da8402449899ec1ba9c34c095dbb79d0585dcd7

    • SHA256

      dc9f28b12dd1818ee42ffc92ecb940386214598837348d30d3c6c0b7b57e34c9

    • SHA512

      6b112115d1128144f9f43a8955d7f4a46ca3bda88ce8c1f0ca03a038db7df8a090ecd8a0811fdec7f2c1f83e25052ff1620c2945eb4c947c7163c5f31689ee9d

    Score
    3/10
    • Target

      src/banners/34eb8bf823310de57d97957ec2bc35dd.png

    • Size

      88KB

    • MD5

      d5b0cb400b2fab48bfa769875160e8c7

    • SHA1

      826d83e84c6788a23dfef5dcf687c87a238c9e26

    • SHA256

      5cbc1bd88691b39ef289714f7d89e4b78e5bc1433355f991af32103bde5e9655

    • SHA512

      5e23cef24542b44231a65697a48cb6ce2dd7a0c47c1494639072b641a54b3068ffde4229e58325129bdb69545e359098d7ca1db2e5c8a378dd78af935e46031c

    • SSDEEP

      1536:SFzvPqhhj8KIOLPLzTOY+CTpEWrLm9ZVqAjw2IcJFdZAR1dbfhImr:SpvPuj8iPLzT3zTxaZ5jw2IcJi71Kmr

    Score
    3/10
    • Target

      src/bio.txt

    • Size

      6B

    • MD5

      9ca5d07de24d421c5c25203767362118

    • SHA1

      00c4ec6bba6cc63980dbc652ced0a5355048d9e8

    • SHA256

      f0647ebc9a49eee8d4c929e2c7c75203efe4f02a52ed8f4f72e9ea03e5713e5a

    • SHA512

      76ae71e7cda2bad9b1a0e1d306e793f2c1ae6073407a63e2dceb2bab9fc926b07afc6bdf8e4c086c10e7beea4b32a8647adfbe09254d03d1337d9ecabd47be36

    Score
    1/10
    • Target

      src/constants.py

    • Size

      1KB

    • MD5

      06af9ea2af675fb3083857bae7c1132b

    • SHA1

      c74794946fb53b60058945900abf7ee8d7571db6

    • SHA256

      4366f91b190dea6c1ea50af42864cd480c1b9303bc48436c7b3194681c4014f9

    • SHA512

      737d40b4e716df9cfc6297a98110fa43e830df344b60a1f67a7ce19a4904523bbdae190fc87116443f3759ad7ca6cc3a88d37102f4857e8bdb8df4213269ff2e

    Score
    3/10
    • Target

      src/disable.py

    • Size

      1013B

    • MD5

      26436de017562443839be5ad9bdcc943

    • SHA1

      45106dd0a3cd0c25ddd942c83748a7b554d03d18

    • SHA256

      281a7b4c722f34eb5e371f1652efab88df05607d4e203d94102174855b4e23bc

    • SHA512

      ece6f5c1c71771557d457aab47923186ecd034854913a8824cc84ab7a6c00b885c172ea6093eb19253b93076563b935538932072269e5a863223c61f38fc5d98

    Score
    3/10
    • Target

      src/imgs/34eb8bf823310de57d97957ec2bc35dd.png

    • Size

      88KB

    • MD5

      d5b0cb400b2fab48bfa769875160e8c7

    • SHA1

      826d83e84c6788a23dfef5dcf687c87a238c9e26

    • SHA256

      5cbc1bd88691b39ef289714f7d89e4b78e5bc1433355f991af32103bde5e9655

    • SHA512

      5e23cef24542b44231a65697a48cb6ce2dd7a0c47c1494639072b641a54b3068ffde4229e58325129bdb69545e359098d7ca1db2e5c8a378dd78af935e46031c

    • SSDEEP

      1536:SFzvPqhhj8KIOLPLzTOY+CTpEWrLm9ZVqAjw2IcJFdZAR1dbfhImr:SpvPuj8iPLzT3zTxaZ5jw2IcJi71Kmr

    Score
    3/10
    • Target

      src/keyauth.py

    • Size

      16KB

    • MD5

      f70fef4825fa3bba488f60853068a1d5

    • SHA1

      d0aa5661636f00d48088d6e645b54c95c83a9a85

    • SHA256

      7c00031f06b7bc76c62b0a6811caa2c7d6a864d2cff067c9947d5f287f675d5d

    • SHA512

      d8f69c390816049b3b25291f0f05c920d1179e13cc4a04ee260cee26244c2f3d8d8dc42f726dd2bc155789e409affaa7a7e3f447f5e0eaf171cd657ee93903c1

    • SSDEEP

      192:jFBwUs6r/+q7nsr2h7wT7bn0Mp/Ob/0faT/rf4/bQDsPt5mV/6xFkdw0Lci4K:pBwUseAZn0Lv

    Score
    3/10
    • Target

      src/ui.py

    • Size

      1KB

    • MD5

      d8212b252051dd66dfa2fae0293bab6a

    • SHA1

      4ffba43dbfdea30cbe3fcf8cbf153dfebc19df99

    • SHA256

      11e901469f9e85bcb5fe6d211c032523a1390d77721226f84e2e8e9327dd7fbd

    • SHA512

      a945e4ed3f6c98ceee5b1b682f13125d8a904c3934b31e0aa1b79184bd415f1e2ed1f89d69ea39685c23e7e58be85d8d6dd6d1f9cb9762b689159a309b75c553

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks