Resubmissions

02-08-2024 15:57

240802-tdy8csvera 7

02-08-2024 15:50

240802-s9y2ssvdqg 3

General

  • Target

    Bootstrapper.exe

  • Size

    795KB

  • Sample

    240802-tdy8csvera

  • MD5

    365971e549352a15e150b60294ec2e57

  • SHA1

    2932242b427e81b1b4ac8c11fb17793eae0939f7

  • SHA256

    faad2bc8e61b75e595a80ff2b6d150ff8b27187a8ba426cc1e5e38e193ab6d42

  • SHA512

    f7ba1353e880213a6bdf5bd1dfdfd42a0acf4066a540a502e8df8fec8eac7fb80b75aa52e68eca98be3f7701da48eb90758e5b94d72013d3dff05e0aaf27e938

  • SSDEEP

    12288:GYa9sBhIBdCdbX1USoeQDj/VNpA+dZIznBpGTEy:Pa98hIBdjSoeQDj/VNpZdZIznBpg

Score
7/10

Malware Config

Targets

    • Target

      Bootstrapper.exe

    • Size

      795KB

    • MD5

      365971e549352a15e150b60294ec2e57

    • SHA1

      2932242b427e81b1b4ac8c11fb17793eae0939f7

    • SHA256

      faad2bc8e61b75e595a80ff2b6d150ff8b27187a8ba426cc1e5e38e193ab6d42

    • SHA512

      f7ba1353e880213a6bdf5bd1dfdfd42a0acf4066a540a502e8df8fec8eac7fb80b75aa52e68eca98be3f7701da48eb90758e5b94d72013d3dff05e0aaf27e938

    • SSDEEP

      12288:GYa9sBhIBdCdbX1USoeQDj/VNpA+dZIznBpGTEy:Pa98hIBdjSoeQDj/VNpZdZIznBpg

    Score
    7/10
    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks