BoostBotUpdate[.]rar | Triage

Sharing

General

Target

BoostBotUpdate.rar
Size

6.3MB
MD5

2cf91fe1e4e34aa798d4b5afa31120fe
SHA1

6ef3fc38dcf14a372210156f524a9b7daa73af06
SHA256

8cafd9d265860a18ee28248850d5567852b1dbe1b429fa65e24525bb06ac0618
SHA512

ac8aeac3199b4949568ccba52b7cc27237898a1d927b186b9f1dd57a0ef0ee3140f9d20567b0cd3c80aed5a6383d4e39234b649aa14aec5d865ad94ed1cc544e
SSDEEP

98304:1tRhmMdWWMh9rviSwL6TY4sZu+U8sow+j0Dh0fH8RNuQPhBTsFUJRrYgc+6trk5p:6D1riDmT3sZbnspgOiatPvY6dYgsZ/Ux

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Boost Bot/BoostBot.exe

Files

BoostBotUpdate.rar
.rar
Boost Bot/BoostBot.exe
.exe windows:0 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

;::::; ;::::; :; ;:::::' :; ;:::::; ;. ,:::::' ; OOO\ ::::::; ; OOOOO\ ;:::::; ; OOOOOOOO ,;::::::; ;'

Sections

Realign
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Realign
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Boost Bot/assets/config.toml