C:\Users\Ashtin\Desktop\WTF\SolaraBootstrapper\SolaraBootstrapper\bin\Release\Bootstrapper.pdb
Static task
static1
Behavioral task
behavioral1
Sample
Bootstrapper.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Bootstrapper.exe
Resource
win10v2004-20240730-en
General
-
Target
Bootstrapper.exe
-
Size
795KB
-
MD5
a7f3293b177a63f6c50b5560e729cbff
-
SHA1
4885073e4881cffc5c5155de720aa65755418fe8
-
SHA256
da17868f107954124c0953fd1cb37ac8ed4e78460905e83d6402b966a77ee7dc
-
SHA512
70b3431b238457a24e66914d0059e7e8e2dc4f79ac49c9a9c510214b8bc1279af6947288442060ac02c3cf3c863c144ef95219006097d2e59183586f7f701438
-
SSDEEP
12288:Hs0xF36Z1LyI6QQsJNOoRQ1jt/Nppxu29CHWzO:xxJ6Z1L5J8oRQ1jt/Nppxv9C2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Bootstrapper.exe
Files
-
Bootstrapper.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 792KB - Virtual size: 792KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ