General
-
Target
OctaneBootstrapper.exe
-
Size
55KB
-
Sample
240808-br4e5axepq
-
MD5
0e554bfcc718c96302f81f4fefd31163
-
SHA1
71d976f98658153267d426aa90eed0803b58cfcd
-
SHA256
cb800cc9a220ac17e8f222b8c33f4afcc92b6d17b5453e19be99705806c32dc2
-
SHA512
6e8840c0ab09673c90a25cabf3af87322b38bbd6bb25d871c0f65d342e60845bedca50c7fdf1f3fc24bb3a41fe15e22cb4ed9101bc6022b5c2b356c3f1abc1fb
-
SSDEEP
768:Pva3Z8Jvd0SVFip0FBtiwyRWh+0HVc6K:Pi3ZKLhtifRFMVcl
Malware Config
Targets
-
-
Target
OctaneBootstrapper.exe
-
Size
55KB
-
MD5
0e554bfcc718c96302f81f4fefd31163
-
SHA1
71d976f98658153267d426aa90eed0803b58cfcd
-
SHA256
cb800cc9a220ac17e8f222b8c33f4afcc92b6d17b5453e19be99705806c32dc2
-
SHA512
6e8840c0ab09673c90a25cabf3af87322b38bbd6bb25d871c0f65d342e60845bedca50c7fdf1f3fc24bb3a41fe15e22cb4ed9101bc6022b5c2b356c3f1abc1fb
-
SSDEEP
768:Pva3Z8Jvd0SVFip0FBtiwyRWh+0HVc6K:Pi3ZKLhtifRFMVcl
Score8/10-
Stops running service(s)
-
Executes dropped EXE
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Legitimate hosting services abused for malware hosting/C2
-