Bootstrapperً[.]exe | Triage

Sharing

General

Target

Bootstrapperً.exe
Size

700KB
MD5

9fbde4f5521981df03e5de85c9c25aca
SHA1

9729923db3bacb42f934f5d6c32c08b525c8d518
SHA256

f594a583c319c8d1cae4b409f238470a3b0445a75eccd1e02f43ccd1d93d2b43
SHA512

7ddc44a0a97d5e401ea92a2b9fe0320823c4f7fb76432726525fb2c374cb41eef1767f1889cc9070b40fcd7ca8c0650acf4ed742d63171c6bb4dfd3b37b86a9a
SSDEEP

12288:2kv3/IexeE1t1HW9BpCgjZGOLbvPDV5ZA8q9NwO2TIQLNMM23V6x93+7W5k/iC/s:2k/BwBpCiXv7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Bootstrapperً.exe

Files

Bootstrapperً.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 697KB - Virtual size: 697KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ