General
-
Target
LunarBoostrapper.exe
-
Size
85.3MB
-
Sample
240523-wxfw8sbe87
-
MD5
8c7421292360dd2cdb61caf15795d5e3
-
SHA1
b453cb7027abf59ae02772f2867e3bc9ebf7ea4d
-
SHA256
39056718c55d244307484d8d8bf5010d3b8fde194d288c7a4de6c63644405268
-
SHA512
76972b36132aeade13a6a1df95a95023c11220e1c348a461f26419115025159015d871475ade333d3aebb7e845f9725bcc653d142a653d47cefda5728ebe7933
-
SSDEEP
1572864:tUbrPU1e4iamkhLDyPl4QiZoBnqf3Gd6xdnj+Y/5szQ7E7lZNCWg9uTdEb4:tUbr4e4iadhLDy943anyo6V/Tk7Cb9k7
Behavioral task
behavioral1
Sample
LunarBoostrapper.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
LunarBoostrapper.exe
-
Size
85.3MB
-
MD5
8c7421292360dd2cdb61caf15795d5e3
-
SHA1
b453cb7027abf59ae02772f2867e3bc9ebf7ea4d
-
SHA256
39056718c55d244307484d8d8bf5010d3b8fde194d288c7a4de6c63644405268
-
SHA512
76972b36132aeade13a6a1df95a95023c11220e1c348a461f26419115025159015d871475ade333d3aebb7e845f9725bcc653d142a653d47cefda5728ebe7933
-
SSDEEP
1572864:tUbrPU1e4iamkhLDyPl4QiZoBnqf3Gd6xdnj+Y/5szQ7E7lZNCWg9uTdEb4:tUbr4e4iadhLDy943anyo6V/Tk7Cb9k7
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-