Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    https://cdn.discordapp.com/attachments/1041172158463868968/1267259846168674345/Bootstrapper.exe?ex=66aebab3&is=66ad6933&hm=9f2db75df2febb1f1adc3853a048b8887115ade3b6e4df31f946a0acf5a7bb09&

  • Sample

    240803-d35hnssaln

Score
8/10
discovery

Malware Config

Targets

    • Target

      https://cdn.discordapp.com/attachments/1041172158463868968/1267259846168674345/Bootstrapper.exe?ex=66aebab3&is=66ad6933&hm=9f2db75df2febb1f1adc3853a048b8887115ade3b6e4df31f946a0acf5a7bb09&

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks