c9d04a3a87fee318ba65f837f40bd2dd2428f25e78bf271207f8b2b02aaa8a06 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Bootstrapper (1).exe

windows11-21h2-x64

8

Sharing

General

Target

Bootstrapper (1).exe
Size

796KB
Sample

240807-l1mtvazfla
MD5

653c07b9b5f1b22c84f72c03b0083d18
SHA1

54c25b876736011d016dc0ea06a1533365555cc4
SHA256

c9d04a3a87fee318ba65f837f40bd2dd2428f25e78bf271207f8b2b02aaa8a06
SHA512

b605773fc4fa244f354bb8f51621225e6482751d19bddf747f03f624581bc7ae896ca0e40be91b667aea7a7978a291497a362f9bd65449682e1948938af684f8
SSDEEP

12288:wuHbakEAdS7SdsgtNaFoGQ4jEr+xpS1nmkFmZ2ojKU:/HbTHSINooGQ4jESxpS1nmkkK

Score

8^/10

defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Bootstrapper (1).exe

Resource

win11-20240802-en

defense_evasion discovery

windows11-21h2-x64

16 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Bootstrapper (1).exe
- Size
  
  796KB
- MD5
  
  653c07b9b5f1b22c84f72c03b0083d18
- SHA1
  
  54c25b876736011d016dc0ea06a1533365555cc4
- SHA256
  
  c9d04a3a87fee318ba65f837f40bd2dd2428f25e78bf271207f8b2b02aaa8a06
- SHA512
  
  b605773fc4fa244f354bb8f51621225e6482751d19bddf747f03f624581bc7ae896ca0e40be91b667aea7a7978a291497a362f9bd65449682e1948938af684f8
- SSDEEP
  
  12288:wuHbakEAdS7SdsgtNaFoGQ4jEr+xpS1nmkFmZ2ojKU:/HbTHSINooGQ4jESxpS1nmkkK
Score

8^/10

defense_evasion discovery
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy