Overview

overview

7

Static

static

3

Boost Bot ... ].zip

windows7-x64

1

Boost Bot ... ].zip

windows10-2004-x64

1

Boost Bot.exe

windows7-x64

7

Boost Bot.exe

windows10-2004-x64

7

boosts.json

windows7-x64

3

boosts.json

windows10-2004-x64

3

config.yaml

windows7-x64

3

config.yaml

windows10-2004-x64

3

data/faile...s.json

windows7-x64

3

data/faile...s.json

windows10-2004-x64

3

run.bat

windows7-x64

7

run.bat

windows10-2004-x64

7

setup_guide.md

windows7-x64

3

setup_guide.md

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    01-02-2025 23:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Boost Bot.exe

  • Size

    51.1MB

  • MD5

    ba184db9a540813620391efb86f75156

  • SHA1

    9c4350e428ccd42f355e1a6a0448205268165948

  • SHA256

    17524eb734c8d78c07dc3ddfe6146234aeace53205517bfd01c715a3ca9abfb2

  • SHA512

    cfb6bd95c314cbb3690f45bd620a2e511fd347257eadb7b767be4dc79cfe55ce51dd5a7517da60be85881db1dd5b6fc176d0900e8e412bfcf4bc752059efa3a6

  • SSDEEP

    786432:/vMPYoaShVVaxycwhWTC/25TzkkDEMvcuLpdGoR81Z9EbFRB97XYxgHY9dY:sBaaVaxoCbTtEfGpwo69EJ5I6C

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 60 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Boost Bot.exe
    "C:\Users\Admin\AppData\Local\Temp\Boost Bot.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Users\Admin\AppData\Local\Temp\onefile_1972_133829280051914000\main.exe
      "C:\Users\Admin\AppData\Local\Temp\Boost Bot.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious behavior: EnumeratesProcesses
      PID:2160

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\onefile_1972_133829280051914000\main.exe
    Filesize

    41.4MB

    MD5

    9413b61bd7383c2640d380097f8f2f8e

    SHA1

    5156ac4b1e24a7bf0b7dc21dc63b98d39256f709

    SHA256

    ed69a3a70158667897f575754b44003fccbfb21cad35d15840d95bf66a7f1602

    SHA512

    e5a28f48923ffe63814450322a293a5cb4febad0d833451f7b8b63b42f7613c73fd3b6acb94209816d06377bd8d5181f6af679f8d7e3c423b840ba2e17271742

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\onefile_1972_133829280051914000\python310.dll
    Filesize

    4.3MB

    MD5

    5fdbe140614b71c20d11cabdfe810319

    SHA1

    2b54711b3eb94ddc4c3939d201bed36b23fdc9d9

    SHA256

    f8b2dae29233dfe3a954559740207b3edf46b297ffccaf988d55980bfe92fb7a

    SHA512

    08f193536bae4d3ab081acd25d3e54c5b62b8d28e46e469c1b90d6431de2d6658943afe1d9dd5702d2265694c4967afa1a3c1b10f94d0482bd85a8431bac93bc

    Download Submit

  • memory/1972-121-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-5-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-120-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-4-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-107-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-1-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-111-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-2-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-122-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-0-0x0000000077121000-0x0000000077122000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1972-130-0x0000000140000000-0x0000000143325000-memory.dmp

    Filesize

    51.1MB

    Download

  • memory/1972-3-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-116-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-123-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-124-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-125-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-126-0x0000000140000000-0x0000000143325000-memory.dmp

    Filesize

    51.1MB

    Download

  • memory/1972-127-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-128-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1972-129-0x0000000140000000-0x0000000143325000-memory.dmp

    Filesize

    51.1MB

    Download

  • memory/1972-131-0x00000000770D0000-0x0000000077279000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2160-115-0x0000000140000000-0x0000000142970000-memory.dmp

    Filesize

    41.4MB

    Download