Bootstraper[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Bootstraper.exe
Size

796KB
MD5

c2e0ee07d6d31357c62a232d287cfcea
SHA1

04f89b2ab62b29ace88747855025ea3d2087935d
SHA256

5c8efbac8af8f2c8f61b33f9e703e174d4e6cfdc26c2796adce9cf75b3c07524
SHA512

9a0e244b0f6b5a58e1594ea056d35c1022aa44e95de9ab897fa452a720ca7d4a177c50f2ae24b67034657613ff77387f7926849d5be439c0077b70b7eaa3bef3
SSDEEP

1536:8raCPZCCOKnsCgyqI4kwCz6M2G6YmqZWOCPbynsCgyqI4kwCz6M2G6YmqZZL:8raCPZCFCyYwC+M2FEqCyYwC+M2FE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Bootstraper.exe

Files

Bootstraper.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\danie\source\repos\debug\debug\obj\Debug\debug.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ