Overview
overview
7Static
static
3Boost bot ...LT.rar
windows11-21h2-x64
3BoostBotSe...ll.bat
windows11-21h2-x64
1BoostBotSell/main.exe
windows11-21h2-x64
7main.pyc
windows11-21h2-x64
3BoostBotSe...t__.py
windows11-21h2-x64
3BoostBotSe...39.pyc
windows11-21h2-x64
3BoostBotSe...rm.dll
windows11-21h2-x64
1BoostBotSe...me.txt
windows11-21h2-x64
3BoostBotSe...ts.txt
windows11-21h2-x64
3BoostBotSe...s.json
windows11-21h2-x64
3BoostBotSe...rt.txt
windows11-21h2-x64
3BoostBotSe...d.json
windows11-21h2-x64
3General
-
Target
Boost bot leaked by LT.rar
-
Size
16.4MB
-
Sample
240604-kkja2sbf46
-
MD5
21ef1e69b71dc155a733431adc931d22
-
SHA1
48969bf6461ddd459a8a80ce853ef430fb39cf23
-
SHA256
33dc853be9571e4fddcb07ab14fb1d1364394b8904eff403a04129a0efc49c81
-
SHA512
d57ecf799f6b23d64437a7cbfce007b7c14cda47dda22a5e5ac341bd0bf658d2f5f975462039e59934f1212a45c5846df9db8e2378284121822afb3ea4588135
-
SSDEEP
393216:kj8ZbX6ERnGrk2Du+ilETd9ieVljRzai27nyMilUxgFa81oU1:kSVcrfy7lid97LJaiAR38H1
Behavioral task
behavioral1
Sample
Boost bot leaked by LT.rar
Resource
win11-20240508-en
Behavioral task
behavioral2
Sample
BoostBotSell/install.bat
Resource
win11-20240426-en
Behavioral task
behavioral3
Sample
BoostBotSell/main.exe
Resource
win11-20240426-en
Behavioral task
behavioral4
Sample
main.pyc
Resource
win11-20240508-en
Behavioral task
behavioral5
Sample
BoostBotSell/pytransform/__init__.py
Resource
win11-20240426-en
Behavioral task
behavioral6
Sample
BoostBotSell/pytransform/__pycache__/__init__.cpython-39.pyc
Resource
win11-20240426-en
Behavioral task
behavioral7
Sample
BoostBotSell/pytransform/_pytransform.dll
Resource
win11-20240426-en
Behavioral task
behavioral8
Sample
BoostBotSell/readme.txt
Resource
win11-20240508-en
Behavioral task
behavioral9
Sample
BoostBotSell/requirements.txt
Resource
win11-20240508-en
Behavioral task
behavioral10
Sample
BoostBotSell/settings.json
Resource
win11-20240508-en
Behavioral task
behavioral11
Sample
BoostBotSell/todobeforestart.txt
Resource
win11-20240419-en
Behavioral task
behavioral12
Sample
BoostBotSell/used.json
Resource
win11-20240426-en
Malware Config
Targets
-
-
Target
Boost bot leaked by LT.rar
-
Size
16.4MB
-
MD5
21ef1e69b71dc155a733431adc931d22
-
SHA1
48969bf6461ddd459a8a80ce853ef430fb39cf23
-
SHA256
33dc853be9571e4fddcb07ab14fb1d1364394b8904eff403a04129a0efc49c81
-
SHA512
d57ecf799f6b23d64437a7cbfce007b7c14cda47dda22a5e5ac341bd0bf658d2f5f975462039e59934f1212a45c5846df9db8e2378284121822afb3ea4588135
-
SSDEEP
393216:kj8ZbX6ERnGrk2Du+ilETd9ieVljRzai27nyMilUxgFa81oU1:kSVcrfy7lid97LJaiAR38H1
Score3/10 -
-
-
Target
BoostBotSell/install.bat
-
Size
135B
-
MD5
cfdd23d467f70c2b97d86a534f745413
-
SHA1
fefdbf3124fe53483c305dd14548665014535d99
-
SHA256
e710bae129a263ef319ae32ca255f87733a5ad5dd3dd190fa52042f207827296
-
SHA512
9655dc7c2123bb1988abd548c2ff3a3b8744ba756c191e82ce36669a506feb5500295a9a4e71be54565fd4bae3e2a908abbf62ecf088ef4ab687bc946f260427
Score1/10 -
-
-
Target
BoostBotSell/main.exe
-
Size
16.4MB
-
MD5
fbcbebbbe48bd23f5e033ba269de7775
-
SHA1
f26677336a5cdf9dd0317e0eac1eb96f910aad01
-
SHA256
853d2a54bdc7acbd21f2f6b513dc0cd5ccff02b2020546a23ab1b5aaa0e84931
-
SHA512
7bc3ed7c4a6a537108d06c65a75ab7fafe729ad78bf15d195619708d83be17b0d8a41273938923c795ecce35a5caa494055c2088d610c035a463a84f50c87d76
-
SSDEEP
393216:OhQ1Qtc7CEDmlh2p+ZkJTNsu0/3t4Ugj1W:O8Qa7CEDUQp+Zkk5
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
main.pyc
-
Size
16KB
-
MD5
cec9bf91a2653768529acd2e126912de
-
SHA1
3936ed717181f9996236bb52f5ebd67a1bdccdee
-
SHA256
eacf70a1cd705367ec2d63fc0b2adb5956825fb13a8800aae442e691f96c92ea
-
SHA512
3a20be069d785f2969023483855ebcd30afadef839a6bcb7c7c8ced908c366b2ea93c569ce52681eec1cb94c3de0f3f136ce231b132328b4acf6ee9ada96e69b
-
SSDEEP
192:jL0aKC3o7mFyhG8AuZTYQHdFK518GKPSJQpMd0Zv0BAiHzAvzDHepSE2DIgst:Hzy7xh2uVYqE518GKKJ4LA/A0gI
Score3/10 -
-
-
Target
BoostBotSell/pytransform/__init__.py
-
Size
13KB
-
MD5
58eb86eef7db4dd2a4e2ec8f52bd7521
-
SHA1
858e8e7966a3c1756be1df24c81673b2c5e8e288
-
SHA256
380c08b75906042d18e73b0d2654eb03043098984caa27ab454548fd93a3aa08
-
SHA512
f0938d52fb19df5263302abba8ef9af1a4e0e80a40e7415ff82a5ab3c260eec251eeb890d0ececba7044b7d86c3b67da5b6499dce05ec8ddf591d162d29c6aa0
-
SSDEEP
192:sIRqMEqbHCTMRNpyRW3T+3JbgDIFRuJFX9d1X2wiQvZh7kELPJdhGbc8/SHRl3RJ:sFwfIuXFXZNjlh8c
Score3/10 -
-
-
Target
BoostBotSell/pytransform/__pycache__/__init__.cpython-39.pyc
-
Size
11KB
-
MD5
65964c3ddfb3b18381202d1479e675a5
-
SHA1
d88d88725592012b6675c08e6ed66c2cc1f7cfcf
-
SHA256
c7b2417f6734caa7edd20737bcec3578f2cd676bb5ca1a88000604cf528e8433
-
SHA512
4f5b5a594de0cec38fa29687c6c0d1608a32a5ce67376c89222c06d0e7e28f5d1731dc24d3039300082c0039a4e196de34ea996d1f010e7e01f4e715b7112edc
-
SSDEEP
192:zQ8jNNSxHry+RJ+mXQWI7Gptxv4yqbSP8HsmL/gHvzrzhzwgK:k8qRD2glRpLv4yq2P8sPzrzo
Score3/10 -
-
-
Target
BoostBotSell/pytransform/_pytransform.dll
-
Size
1.1MB
-
MD5
88e3acb88b6ee62979d833cffe03bc58
-
SHA1
090300946506a5a4acb44a9d202eaec58b4de271
-
SHA256
3ffb5a714a87f3f790621a8e94b71e614c24a60097d592d8211c2682caa1d1ed
-
SHA512
748d4c173678305c79c7c471428cf27ac38408bbb5791e3e33760a533ebb9dbc85d75b6ca3a71a28653621239302c883eef7157cb9f7a05e347bc598a22757d3
-
SSDEEP
24576:0IGAamncZzdcZ7fUoPPEMz/0n71enodvQa90:EAamncge7zvP9
Score1/10 -
-
-
Target
BoostBotSell/readme.txt
-
Size
1KB
-
MD5
6f78634bad86ad23046ecc5e7cd1eb98
-
SHA1
55a1cb43abc7cfebac88441013719bc68b62da95
-
SHA256
ffb1ca7268b86a355ebfd6932a0860cba110f49d4cf4e4d2e157b6cc644954c6
-
SHA512
fc87748be08df77560238aa7f4b2093b733fa513e562530977a5e76f8e569557e2e346ee3413d6c7339c356b4d63705a884a5e1056412dd9e80af77c9393217f
Score3/10 -
-
-
Target
BoostBotSell/requirements.txt
-
Size
50B
-
MD5
5bbaf88c492e630baefb70a2c0c1d73f
-
SHA1
14d0582ec810e8d28f01a0f13b4a91c3c3e652fa
-
SHA256
904df6b144d8aed83fc5972e73b42673f4e983f40f4deb8b58ecb90fbd344f5c
-
SHA512
f645f68e3249b345b285eab65a5b353bb1ea4c39c12da294b2043367549bcaddb9be01dc5dd2ff9cf1cceaad07b472d6359fbff65952b90c4f396fff155fbb73
Score3/10 -
-
-
Target
BoostBotSell/settings.json
-
Size
190B
-
MD5
c09fcb7c4fabcaa902c202895fa4eca1
-
SHA1
d96f18434012dd612a97263729789a1c0e7cb537
-
SHA256
5a3873cd24c0c6a847138ad15289f175e969e2ff405d8c765b67bd93a7f10afc
-
SHA512
85e663416be537d5059236839d0ef6bfe2d11f3a4330808108021a16205cf77098ff6c202a6338202d64776a413e29c431cd6a57b74cbde9e140016dedee073d
Score3/10 -
-
-
Target
BoostBotSell/todobeforestart.txt
-
Size
996B
-
MD5
64e6136a80dc5f49484bd53b7ad71d0e
-
SHA1
d667d6457c844dc0dac82a1d07b9398e415f8a35
-
SHA256
ea47be6555d921c3e52d2e47e9b5c204d0afddff6d621057033dd1c6c776507a
-
SHA512
cd6ec58b48bb379d23c06e8783f8f4e559984b3dbd519f3f256b7cb60f3fc998066b57c68ec37e18c399ab42d9dbda044d56959a790df7503f426f8939291b03
Score3/10 -
-
-
Target
BoostBotSell/used.json
-
Size
2B
-
MD5
99914b932bd37a50b983c5e7c90ae93b
-
SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
-
SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
-
SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
Score3/10 -