Overview

overview

10

Static

static

1

Boostrappe...4].zip

windows7-x64

10

Boostrappe...4].zip

windows10-2004-x64

1

Resubmissions

08-01-2025 03:40

250108-d79m7asne1 1

08-01-2025 01:46

250108-b7fc8szrem 10

Analysis

  • max time kernel
    95s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-01-2025 01:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BoostrappersReleese[3.4].zip

  • Size

    55.3MB

  • MD5

    37cd755beee8ecd09aab5946f5ad8b37

  • SHA1

    4266d2aa62ab9c9cb2e1ca5b04141ed1422a7d99

  • SHA256

    b7289bbe3d9c335f4ebc009ea8939500f80ff1f74fa85f3e42204fe70d4ceee5

  • SHA512

    f889ed18ff8c0783ce1c74af9ea09852d6a48f09564b6cfa3e5105520391b9ce748cc43693e1dc0e7020d08331471b86056bd53c38d2bc90d4383bb230996b53

  • SSDEEP

    786432:pyof+XchgJ/K0QDCO5dOFold5sG/Rnf8ZnpxcMuh7ThcrKxm6mYk5DhOUW1dKleV:AoqOgtYtLpNinrcf7erKx9H1Z4HMyvw

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\BoostrappersReleese[3.4].zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:4196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads