Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Boost bot ...LT.rar

windows11-21h2-x64

3

BoostBotSe...ll.bat

windows11-21h2-x64

1

BoostBotSell/main.exe

windows11-21h2-x64

7

main.pyc

windows11-21h2-x64

3

BoostBotSe...t__.py

windows11-21h2-x64

3

BoostBotSe...39.pyc

windows11-21h2-x64

3

BoostBotSe...rm.dll

windows11-21h2-x64

1

BoostBotSe...me.txt

windows11-21h2-x64

3

BoostBotSe...ts.txt

windows11-21h2-x64

3

BoostBotSe...s.json

windows11-21h2-x64

3

BoostBotSe...rt.txt

windows11-21h2-x64

3

BoostBotSe...d.json

windows11-21h2-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Boost bot leaked by LT.rar

  • Size

    16.4MB

  • Sample

    240604-km9wsabg36

  • MD5

    21ef1e69b71dc155a733431adc931d22

  • SHA1

    48969bf6461ddd459a8a80ce853ef430fb39cf23

  • SHA256

    33dc853be9571e4fddcb07ab14fb1d1364394b8904eff403a04129a0efc49c81

  • SHA512

    d57ecf799f6b23d64437a7cbfce007b7c14cda47dda22a5e5ac341bd0bf658d2f5f975462039e59934f1212a45c5846df9db8e2378284121822afb3ea4588135

  • SSDEEP

    393216:kj8ZbX6ERnGrk2Du+ilETd9ieVljRzai27nyMilUxgFa81oU1:kSVcrfy7lid97LJaiAR38H1

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      Boost bot leaked by LT.rar

    • Size

      16.4MB

    • MD5

      21ef1e69b71dc155a733431adc931d22

    • SHA1

      48969bf6461ddd459a8a80ce853ef430fb39cf23

    • SHA256

      33dc853be9571e4fddcb07ab14fb1d1364394b8904eff403a04129a0efc49c81

    • SHA512

      d57ecf799f6b23d64437a7cbfce007b7c14cda47dda22a5e5ac341bd0bf658d2f5f975462039e59934f1212a45c5846df9db8e2378284121822afb3ea4588135

    • SSDEEP

      393216:kj8ZbX6ERnGrk2Du+ilETd9ieVljRzai27nyMilUxgFa81oU1:kSVcrfy7lid97LJaiAR38H1

    Score
    3/10
    behavioral1

    • Target

      BoostBotSell/install.bat

    • Size

      135B

    • MD5

      cfdd23d467f70c2b97d86a534f745413

    • SHA1

      fefdbf3124fe53483c305dd14548665014535d99

    • SHA256

      e710bae129a263ef319ae32ca255f87733a5ad5dd3dd190fa52042f207827296

    • SHA512

      9655dc7c2123bb1988abd548c2ff3a3b8744ba756c191e82ce36669a506feb5500295a9a4e71be54565fd4bae3e2a908abbf62ecf088ef4ab687bc946f260427

    Score
    1/10
    behavioral2

    • Target

      BoostBotSell/main.exe

    • Size

      16.4MB

    • MD5

      fbcbebbbe48bd23f5e033ba269de7775

    • SHA1

      f26677336a5cdf9dd0317e0eac1eb96f910aad01

    • SHA256

      853d2a54bdc7acbd21f2f6b513dc0cd5ccff02b2020546a23ab1b5aaa0e84931

    • SHA512

      7bc3ed7c4a6a537108d06c65a75ab7fafe729ad78bf15d195619708d83be17b0d8a41273938923c795ecce35a5caa494055c2088d610c035a463a84f50c87d76

    • SSDEEP

      393216:OhQ1Qtc7CEDmlh2p+ZkJTNsu0/3t4Ugj1W:O8Qa7CEDUQp+Zkk5

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral3

    • Target

      main.pyc

    • Size

      16KB

    • MD5

      cec9bf91a2653768529acd2e126912de

    • SHA1

      3936ed717181f9996236bb52f5ebd67a1bdccdee

    • SHA256

      eacf70a1cd705367ec2d63fc0b2adb5956825fb13a8800aae442e691f96c92ea

    • SHA512

      3a20be069d785f2969023483855ebcd30afadef839a6bcb7c7c8ced908c366b2ea93c569ce52681eec1cb94c3de0f3f136ce231b132328b4acf6ee9ada96e69b

    • SSDEEP

      192:jL0aKC3o7mFyhG8AuZTYQHdFK518GKPSJQpMd0Zv0BAiHzAvzDHepSE2DIgst:Hzy7xh2uVYqE518GKKJ4LA/A0gI

    Score
    3/10
    behavioral4

    • Target

      BoostBotSell/pytransform/__init__.py

    • Size

      13KB

    • MD5

      58eb86eef7db4dd2a4e2ec8f52bd7521

    • SHA1

      858e8e7966a3c1756be1df24c81673b2c5e8e288

    • SHA256

      380c08b75906042d18e73b0d2654eb03043098984caa27ab454548fd93a3aa08

    • SHA512

      f0938d52fb19df5263302abba8ef9af1a4e0e80a40e7415ff82a5ab3c260eec251eeb890d0ececba7044b7d86c3b67da5b6499dce05ec8ddf591d162d29c6aa0

    • SSDEEP

      192:sIRqMEqbHCTMRNpyRW3T+3JbgDIFRuJFX9d1X2wiQvZh7kELPJdhGbc8/SHRl3RJ:sFwfIuXFXZNjlh8c

    Score
    3/10
    behavioral5

    • Target

      BoostBotSell/pytransform/__pycache__/__init__.cpython-39.pyc

    • Size

      11KB

    • MD5

      65964c3ddfb3b18381202d1479e675a5

    • SHA1

      d88d88725592012b6675c08e6ed66c2cc1f7cfcf

    • SHA256

      c7b2417f6734caa7edd20737bcec3578f2cd676bb5ca1a88000604cf528e8433

    • SHA512

      4f5b5a594de0cec38fa29687c6c0d1608a32a5ce67376c89222c06d0e7e28f5d1731dc24d3039300082c0039a4e196de34ea996d1f010e7e01f4e715b7112edc

    • SSDEEP

      192:zQ8jNNSxHry+RJ+mXQWI7Gptxv4yqbSP8HsmL/gHvzrzhzwgK:k8qRD2glRpLv4yq2P8sPzrzo

    Score
    3/10
    behavioral6

    • Target

      BoostBotSell/pytransform/_pytransform.dll

    • Size

      1.1MB

    • MD5

      88e3acb88b6ee62979d833cffe03bc58

    • SHA1

      090300946506a5a4acb44a9d202eaec58b4de271

    • SHA256

      3ffb5a714a87f3f790621a8e94b71e614c24a60097d592d8211c2682caa1d1ed

    • SHA512

      748d4c173678305c79c7c471428cf27ac38408bbb5791e3e33760a533ebb9dbc85d75b6ca3a71a28653621239302c883eef7157cb9f7a05e347bc598a22757d3

    • SSDEEP

      24576:0IGAamncZzdcZ7fUoPPEMz/0n71enodvQa90:EAamncge7zvP9

    Score
    1/10
    behavioral7

    • Target

      BoostBotSell/readme.txt

    • Size

      1KB

    • MD5

      6f78634bad86ad23046ecc5e7cd1eb98

    • SHA1

      55a1cb43abc7cfebac88441013719bc68b62da95

    • SHA256

      ffb1ca7268b86a355ebfd6932a0860cba110f49d4cf4e4d2e157b6cc644954c6

    • SHA512

      fc87748be08df77560238aa7f4b2093b733fa513e562530977a5e76f8e569557e2e346ee3413d6c7339c356b4d63705a884a5e1056412dd9e80af77c9393217f

    Score
    3/10
    behavioral8

    • Target

      BoostBotSell/requirements.txt

    • Size

      50B

    • MD5

      5bbaf88c492e630baefb70a2c0c1d73f

    • SHA1

      14d0582ec810e8d28f01a0f13b4a91c3c3e652fa

    • SHA256

      904df6b144d8aed83fc5972e73b42673f4e983f40f4deb8b58ecb90fbd344f5c

    • SHA512

      f645f68e3249b345b285eab65a5b353bb1ea4c39c12da294b2043367549bcaddb9be01dc5dd2ff9cf1cceaad07b472d6359fbff65952b90c4f396fff155fbb73

    Score
    3/10
    behavioral9

    • Target

      BoostBotSell/settings.json

    • Size

      190B

    • MD5

      c09fcb7c4fabcaa902c202895fa4eca1

    • SHA1

      d96f18434012dd612a97263729789a1c0e7cb537

    • SHA256

      5a3873cd24c0c6a847138ad15289f175e969e2ff405d8c765b67bd93a7f10afc

    • SHA512

      85e663416be537d5059236839d0ef6bfe2d11f3a4330808108021a16205cf77098ff6c202a6338202d64776a413e29c431cd6a57b74cbde9e140016dedee073d

    Score
    3/10
    behavioral10

    • Target

      BoostBotSell/todobeforestart.txt

    • Size

      996B

    • MD5

      64e6136a80dc5f49484bd53b7ad71d0e

    • SHA1

      d667d6457c844dc0dac82a1d07b9398e415f8a35

    • SHA256

      ea47be6555d921c3e52d2e47e9b5c204d0afddff6d621057033dd1c6c776507a

    • SHA512

      cd6ec58b48bb379d23c06e8783f8f4e559984b3dbd519f3f256b7cb60f3fc998066b57c68ec37e18c399ab42d9dbda044d56959a790df7503f426f8939291b03

    Score
    3/10
    behavioral11

    • Target

      BoostBotSell/used.json

    • Size

      2B

    • MD5

      99914b932bd37a50b983c5e7c90ae93b

    • SHA1

      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

    • SHA256

      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

    • SHA512

      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

    Score
    3/10
    behavioral12

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.