5bcc21802129eac4b3e126e4160c62f86aa416cae213bc3227000ebe092c850c | Triage

Sharing

General

Target

SaladBootstrapper.zip
Size

137KB
Sample

241120-r796lsxgrg
MD5

ad754dedfc9f3d4a190e3c75cbe27b6c
SHA1

fd2ba50c2d234c0f2ed70913c148a68dd1724ed9
SHA256

5bcc21802129eac4b3e126e4160c62f86aa416cae213bc3227000ebe092c850c
SHA512

1c3bdb37a607a1d2fb74459e2d858e246885ab8e9deb8e290b910b8e6dbcbdabd75cc125e83f09bd98cf7f7995ed02b9aa85c3845bc8a292b2fecfef83dc7131
SSDEEP

3072:zhXfUbf4sTkLaTH9HUyFhG4GCwyNFikPLGKOYNYG/fnGncvGP+xydA8QEXsLk:1vOwsTiaTHTGFfyNIeKSh/fvGVlXt

Score

7^/10

Malware Config

Targets

- Target
  
  SaladBootstrapper.dll
- Size
  
  16KB
- MD5
  
  996c0851737994ac97c83410fab5a927
- SHA1
  
  757260600786b8575ffbdd8e828bdc18e3cbae6e
- SHA256
  
  ea227b534753cbe8f4a2c929724d8a99f333f40aac01af248779f153c4c06f4b
- SHA512
  
  dc61736d7c85211ad9e137ae4f795bbed4dcbca5de454c60b8d903f34ee178a29945a74e8415f93dd0e3ff2dfc3638e631245cb6b55e2f9401cc385a14123db9
- SSDEEP
  
  384:LESExPrzqXrpDinY3EtZFZwCXh+VWuRj/NfCu:LEJV/1vY/TNfCu
Score

1^/10
behavioral1 behavioral2
- Target
  
  SaladBootstrapper.exe
- Size
  
  266KB
- MD5
  
  5f72bda9e8ddcf7a229f6df67978c0ec
- SHA1
  
  1a33bd49d06a0fe19d37a05a59a52f292b66d41b
- SHA256
  
  fd2e1bbfbcf73d92dbc95a7d92af4fe0dfcdfb58ddf2ed15d2bbf70cbfe3608f
- SHA512
  
  5ce5ba3921a25835a4fe297b3ecf82b64ba1ef7e9f5bf7f6af5a29027859eda35944a7939f625a1cc961e00efb2d909e6e3b929971c0bca56c19b4159ddf0373
- SSDEEP
  
  6144:MjK4TDUqgpqWDLZ5H+xuZ04dhA8h/fegB7eiS0vF16PDSd:MZW3bph/N7eiS0vF16PDSd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4