Bootstrapper[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Bootstrapper.exe
Size

1.1MB
MD5

c88741c35209f84e3fca536075a76705
SHA1

0520ed04a56008144aafcb9f4b0abc79d8b6dc07
SHA256

e9e9c9831a82a2408db1af562b7969fede725a4386a290982fa14e50b54790f9
SHA512

8f2d237d26f3c55e1baf97ab4a06360cd08db7c4a279db30e71a094d46c52bdfd19e348272896aea39ad123d85ab9f80809f8c4ccb10b609e523fa259c9d7607
SSDEEP

24576:huhOZEdeCiv5iDo20XA9vpsgcQ41AakOPQhybaqELYJykDSPB3junryh:5ZE0Civ56uKpbcGOPQhaELYJykDmB3j5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Bootstrapper.exe

Files

Bootstrapper.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 40KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 174KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 907KB - Virtual size: 912KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE