General
-
Target
BootstrapperV1.19.exe
-
Size
972KB
-
Sample
241002-bs432stfre
-
MD5
90fd25ced85fe6db28d21ae7d1f02e2c
-
SHA1
e27eff4cd4d383f5c564cce2bd1aaa2ffe4ec056
-
SHA256
97572bd57b08b59744e4dfe6f93fb96be4002dfe1aa78683771725401776464f
-
SHA512
1c775cf8dfde037eaa98eb14088c70d74923f0f6a83030a71f2f4c1a4453f6154dab7a4aa175e429860badda3e5e0ae226f3c3e8171332f5962bf36f8aa073fa
-
SSDEEP
24576:DIbp4sZotkNjFC/4qxp+k+kPFoHZvPrSMc:cvotkNjg/lhqZvG
Static task
static1
Behavioral task
behavioral1
Sample
BootstrapperV1.19.exe
Resource
win11-20240802-en
Malware Config
Targets
-
-
Target
BootstrapperV1.19.exe
-
Size
972KB
-
MD5
90fd25ced85fe6db28d21ae7d1f02e2c
-
SHA1
e27eff4cd4d383f5c564cce2bd1aaa2ffe4ec056
-
SHA256
97572bd57b08b59744e4dfe6f93fb96be4002dfe1aa78683771725401776464f
-
SHA512
1c775cf8dfde037eaa98eb14088c70d74923f0f6a83030a71f2f4c1a4453f6154dab7a4aa175e429860badda3e5e0ae226f3c3e8171332f5962bf36f8aa073fa
-
SSDEEP
24576:DIbp4sZotkNjFC/4qxp+k+kPFoHZvPrSMc:cvotkNjg/lhqZvG
Score7/10-
Loads dropped DLL
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-