Overview

overview

10

Static

static

10

boost tool...on.zip

windows7-x64

7

boost tool...on.zip

windows10-2004-x64

1

boost tool...go.png

windows7-x64

1

boost tool...go.png

windows10-2004-x64

3

boost tool...er.jpg

windows7-x64

1

boost tool...er.jpg

windows10-2004-x64

3

boost tool...ol.exe

windows7-x64

7

boost tool...ol.exe

windows10-2004-x64

8

d��9]&P.pyc

windows7-x64

d��9]&P.pyc

windows10-2004-x64

boost tool...s.json

windows7-x64

3

boost tool...s.json

windows10-2004-x64

3

Resubmissions

08-01-2025 01:36

250108-b1czjazpek 10

08-01-2025 01:34

250108-by5lrsyjav 10

08-01-2025 01:12

250108-bkp9xszjbq 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    boost tool_latest_version.zip

  • Size

    11.6MB

  • Sample

    250108-by5lrsyjav

  • MD5

    ac19e920d27ef1542861668f24e9e177

  • SHA1

    1462dc9e82daae9a381357e71012423dacb14009

  • SHA256

    5124045daee47ac816c8f60b272470558186235eb37e42e999677cfac1e24f57

  • SHA512

    b4f1e8ee8a1d3e810a159b01ae04cc583ad0803b6f9c8b4168cae9214f4d8de891aff1331a62fa9991a1bc2d85c230f9d0bc9b9be32d5d93d65202487946d695

  • SSDEEP

    196608:cwp9yBBrOTZeAYJDVmeRXEhruogeRKsjSszyKQuqEDBZMNtfTtiR8rtr71j:cwpgeTS4eR0NKUSszeuqE9eNtfT8G5R

Score
10/10
blankgrabbercollectioncredential_accessdiscoveryexecutionspywarestealerupx

Malware Config

Targets

    • Target

      boost tool_latest_version.zip

    • Size

      11.6MB

    • MD5

      ac19e920d27ef1542861668f24e9e177

    • SHA1

      1462dc9e82daae9a381357e71012423dacb14009

    • SHA256

      5124045daee47ac816c8f60b272470558186235eb37e42e999677cfac1e24f57

    • SHA512

      b4f1e8ee8a1d3e810a159b01ae04cc583ad0803b6f9c8b4168cae9214f4d8de891aff1331a62fa9991a1bc2d85c230f9d0bc9b9be32d5d93d65202487946d695

    • SSDEEP

      196608:cwp9yBBrOTZeAYJDVmeRXEhruogeRKsjSszyKQuqEDBZMNtfTtiR8rtr71j:cwpgeTS4eR0NKUSszeuqE9eNtfT8G5R

    Score
    7/10
    upx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      boost tool_latest_version/Data/Avatar/logo.png

    • Size

      9KB

    • MD5

      b54a4ff07a043b97b11557ad9d647d37

    • SHA1

      4bdb763c14ca99355886600a103814e1b4a35340

    • SHA256

      68923c41617d1a5f6db9e666c271a09be0ed1f658092b009333f6e2a49ce4eec

    • SHA512

      673402c2b16d5a15315aa69eb75309de06293032250d45ce41a9b11281b9bccfdbff7400b3437780865566d71aa749c24c93416d36b04d91531a657b581dd289

    • SSDEEP

      192:6S3fPuTkObOwJv2HOd9RoVsrpMZmzxiCLhzL:13fWgObTd/Roy6czxiERL

    Score
    3/10
    behavioral3behavioral4

    • Target

      boost tool_latest_version/Data/Banners/banner.png

    • Size

      38KB

    • MD5

      6827a3b69890de54748e8d38f4c64bf3

    • SHA1

      31c352fe4d34fd3465d8a3b0e0085e0ecb3d9eaa

    • SHA256

      ee431aed9d257960b94b9ca5da3f03c02218354b2073f34268e49c93c1f7a993

    • SHA512

      e12d789dbaf8f7084bc579d0291623a24d2c74840366b788a7aeb5ea13e5f570a920024ad40b51b2b74fc7d4bd88d6d1d3bb115cc140fb01842341e79b0eaaaf

    • SSDEEP

      768:WDNqwGY+EnJsm+P25XAFzxJavRpcwokl45QVTHWcegcB:WDNpJ6YQV2v4fk/lQB

    Score
    3/10
    behavioral5behavioral6

    • Target

      boost tool_latest_version/boost tool.exe

    • Size

      11.6MB

    • MD5

      c35c1095c7946e713fb6292bb0d95537

    • SHA1

      26386cea6f7f3ae3d8d49f3709e2944298c079d7

    • SHA256

      ef361d7f6642fab2c249c194c26602cd2aa613d40d299a7bb10a552ef6d9cc4e

    • SHA512

      22521c699182ea4a8cead47131eb444ba1246d7b5ec9a90c3e994d6ea82ccfe870c4c309a09d9348b7851eb13363cb394392f33064b96c89a222238f04b93ba9

    • SSDEEP

      196608:K+YShEv5vi5HuUYBDfWgtlA5RsO5ne0COshoKMuIkhVastRL5Di3uV1DVZ:pYSyw5cSgtS7OOshouIkPftRL54u3Z

    Score
    8/10
    upxcollectioncredential_accessdiscoveryexecutionspywarestealer

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Clipboard Data

      Adversaries may collect data stored in the clipboard from users copying information within or between applications.

      collection

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

      credential_accessstealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

    • Target

      d��9]&P.pyc

    • Size

      1KB

    • MD5

      409e268ebe40744494c04088b1fbc25a

    • SHA1

      fc8e6461ac37a6021408b1f22883d95d56b8467c

    • SHA256

      2cb4850714ac2e359e877c9a5abacc5c5ac7c3f2db3667312df922f1d5d7c69a

    • SHA512

      3c17f948d72b60237f55db6def341e4f3a9bd6011a76d9e6c477a8c3f226b424c7a7720f265130ec3a5df6f7ee0fcfbdc6fcd9feb25dd62f9e240fe18f58ea71

    Score
    1/10
    behavioral10behavioral9

    • Target

      boost tool_latest_version/settings.json

    • Size

      721B

    • MD5

      eef8e8fb0a959106dc6016e13f1f21b6

    • SHA1

      f4451852e4d179d582b886bf1d94c8e9c94a010e

    • SHA256

      d3f0e9547372a34b8a8ebc89d56416ce893d675fdc9232f7eec0b6accaea0ad6

    • SHA512

      df68d615dcfff10cf0c1f732df098b8982479cc6cd39589c780e9d80dd94e60894141f0f607072548e6f2d32b88390db6986f3416c66cd272e4ed3ac5c8c3ef1

    Score
    3/10
    discovery
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks