Overview

overview

7

Static

static

3

BootstrapperV1.16.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BootstrapperV1.16.exe

  • Size

    796KB

  • Sample

    240814-rq8w8asakr

  • MD5

    76639ab92661f5c384302899934051ab

  • SHA1

    9b33828f8ad3a686ff02b1a4569b8ae38128caed

  • SHA256

    6bb9ad960bcc9010db1b9918369bdfc4558f19287b5b6562079c610a28320178

  • SHA512

    928e4374c087070f8a6786f9082f05a866751ea877edf9afa23f6941dfc4d6762e1688bbb135788d6286ec324fa117fc60b46fed2f6e3a4ab059465a00f2ebee

  • SSDEEP

    12288:THeLH6iTPSE54sgweI9oaQJj3r+piq+77xOZ+eMm:THeLHdTSEeyoaQJj3Spiq+77xd

Score
7/10
discovery

Malware Config

Targets

    • Target

      BootstrapperV1.16.exe

    • Size

      796KB

    • MD5

      76639ab92661f5c384302899934051ab

    • SHA1

      9b33828f8ad3a686ff02b1a4569b8ae38128caed

    • SHA256

      6bb9ad960bcc9010db1b9918369bdfc4558f19287b5b6562079c610a28320178

    • SHA512

      928e4374c087070f8a6786f9082f05a866751ea877edf9afa23f6941dfc4d6762e1688bbb135788d6286ec324fa117fc60b46fed2f6e3a4ab059465a00f2ebee

    • SSDEEP

      12288:THeLH6iTPSE54sgweI9oaQJj3r+piq+77xOZ+eMm:THeLHdTSEeyoaQJj3Spiq+77xd

    Score
    7/10
    discovery

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks