8cce373ea6261fc9b467b26e54a8a1170c7e718d0d55d3987dc637c4827b137f | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Bootstrapper.rar

windows11-21h2-x64

7

Sharing

General

Target

Bootstrapper.rar
Size

408KB
Sample

241023-xbazjavaka
MD5

56b7cadbb449ada737bd6a1ba95226e1
SHA1

0de4501bc83a4bd049880f567ed2693cc58e9253
SHA256

8cce373ea6261fc9b467b26e54a8a1170c7e718d0d55d3987dc637c4827b137f
SHA512

33ce8e2388e8a08b3f944e8a076cab84f9157ef3f6f637e49cb7f591ed801a2303a617002b267e5c550076f2e357a4f3df7b6f97ada08a2a0880c4bfc5632f52
SSDEEP

12288:v319qa3M3cqqHAGI70U2wKoyWXMde3aVWD:v3fq0vAGI71LKo7XMde3aVWD

Score

7^/10

discovery vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Bootstrapper.rar

Resource

win11-20241023-en

discovery vmprotect

windows11-21h2-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  Bootstrapper.rar
- Size
  
  408KB
- MD5
  
  56b7cadbb449ada737bd6a1ba95226e1
- SHA1
  
  0de4501bc83a4bd049880f567ed2693cc58e9253
- SHA256
  
  8cce373ea6261fc9b467b26e54a8a1170c7e718d0d55d3987dc637c4827b137f
- SHA512
  
  33ce8e2388e8a08b3f944e8a076cab84f9157ef3f6f637e49cb7f591ed801a2303a617002b267e5c550076f2e357a4f3df7b6f97ada08a2a0880c4bfc5632f52
- SSDEEP
  
  12288:v319qa3M3cqqHAGI70U2wKoyWXMde3aVWD:v3fq0vAGI71LKo7XMde3aVWD
Score

7^/10

discovery vmprotect
- Executes dropped EXE
- Loads dropped DLL
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryvmprotect

© 2018-2024

Terms | Privacy