Bootstrapper[.]exe | Triage

Resubmissions

20-11-2024 07:25

241120-h8x31ayjfm 8

20-11-2024 07:21

241120-h66x5atlbw 8

10-11-2024 05:39

241110-gcfcmszpcv 7

08-11-2024 14:16

241108-rk66fateqm 9

03-11-2024 22:20

241103-19b62avnhz 10

03-11-2024 19:28

241103-x6mltasbqf 7

02-11-2024 18:12

241102-wtak2ssamm 7

02-11-2024 16:37

241102-t45stszdrj 7

02-11-2024 08:58

241102-kxfexssqem 10

02-11-2024 07:51

241102-jpyqvs1drm 3

Sharing

General

Target

Bootstrapper.exe
Size

800KB
MD5

2a4dcf20b82896be94eb538260c5fb93
SHA1

21f232c2fd8132f8677e53258562ad98b455e679
SHA256

ebbcb489171abfcfce56554dbaeacd22a15838391cbc7c756db02995129def5a
SHA512

4f1164b2312fb94b7030d6eb6aa9f3502912ffa33505f156443570fc964bfd3bb21ded3cf84092054e07346d2dce83a0907ba33f4ba39ad3fe7a78e836efe288
SSDEEP

12288:t0zVvgDNMoWjTmFzAzBocaKjyWtiR1pptHxQ0z:O5vgHWjTwAlocaKjyyItHDz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
Bootstrapper.exe

Files

Bootstrapper.exe
.exe windows:4 windows x64 arch:x64

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 797KB - Virtual size: 797KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ