Overview

overview

7

Static

static

10

BootStrapper.exe

windows7-x64

7

BootStrapper.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BootStrapper.exe

  • Size

    2.0MB

  • Sample

    240921-l2dybswfkh

  • MD5

    17bc687b26192e0c310bb0fb1ed8026a

  • SHA1

    5b8f50ae707736779a2ddcd6f21408c7dfa81ff9

  • SHA256

    2a40ac0a968a450daff2a498d6115e6fb0ee3ca1a48487e0d901a2c211028e6e

  • SHA512

    e0f975f5381437f052e7b7c7d76d2a066f29cea4ba788224f8547bc1ca75d4f1b359f7474f48d2a6f98924049ac80d39a9c54fed92e80d18bbed365111109974

  • SSDEEP

    49152:QS0YwAhwj1tQGWtc5qqOxSnf+JtZZq7qhd8RsA7:4YwjWqqqOwQtZZq7qhk

Score
10/10
meduzadiscoveryspywarestealer

Malware Config

Targets

    • Target

      BootStrapper.exe

    • Size

      2.0MB

    • MD5

      17bc687b26192e0c310bb0fb1ed8026a

    • SHA1

      5b8f50ae707736779a2ddcd6f21408c7dfa81ff9

    • SHA256

      2a40ac0a968a450daff2a498d6115e6fb0ee3ca1a48487e0d901a2c211028e6e

    • SHA512

      e0f975f5381437f052e7b7c7d76d2a066f29cea4ba788224f8547bc1ca75d4f1b359f7474f48d2a6f98924049ac80d39a9c54fed92e80d18bbed365111109974

    • SSDEEP

      49152:QS0YwAhwj1tQGWtc5qqOxSnf+JtZZq7qhd8RsA7:4YwjWqqqOwQtZZq7qhk

    Score
    7/10
    discoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks