Overview

overview

9

Static

static

3

Bootstrapperً.exe

windows7-x64

9

Bootstrapperً.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Bootstrapperً.exe

  • Size

    491KB

  • Sample

    240906-1gcl4aygnj

  • MD5

    b1864472c90dae6af45e99838123da99

  • SHA1

    19b00ad08e7f4829f6c608db13e4aeef2536a0ff

  • SHA256

    f71a73a686fb904e7fec84ec994e3acdde5e6f70a59ee7ea62c2a3965284b2d8

  • SHA512

    a18e5fff97ad8d8f10baac7c28eb23613d9021643a38a4f29c6452e6c373d6db57e7aa58bf9660536277bb5e1be86e739df3d5e9c02371987b6d251b55196651

  • SSDEEP

    12288:tTMof2hbjwJf9n6TohMPs20ybuhJqbdh4ZKt:/u1jqln670dbqpmkt

Score
9/10
credential_accessdiscoveryspywarestealer

Malware Config

Targets

    • Target

      Bootstrapperً.exe

    • Size

      491KB

    • MD5

      b1864472c90dae6af45e99838123da99

    • SHA1

      19b00ad08e7f4829f6c608db13e4aeef2536a0ff

    • SHA256

      f71a73a686fb904e7fec84ec994e3acdde5e6f70a59ee7ea62c2a3965284b2d8

    • SHA512

      a18e5fff97ad8d8f10baac7c28eb23613d9021643a38a4f29c6452e6c373d6db57e7aa58bf9660536277bb5e1be86e739df3d5e9c02371987b6d251b55196651

    • SSDEEP

      12288:tTMof2hbjwJf9n6TohMPs20ybuhJqbdh4ZKt:/u1jqln670dbqpmkt

    Score
    9/10
    credential_accessdiscoveryspywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks