Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08/02/2025, 13:16
General
-
Target
BootstrapperNew.exe
-
Size
5.9MB
-
MD5
7f1275dc6e829a3d73375df2850c13b5
-
SHA1
9d1c1720ea2d410113156f54eb682e31b243af57
-
SHA256
73f423af85cc19f7d4a2d8f9b74a5c6b7bea0c44e53d9a2ce959a1cfb83e75e7
-
SHA512
9207bb89b252679faa0adf9b66f975ab8b3e412fb67576c6bc12f8c4139da9a41be84e6b38d17629a89827efb5de4193ba3837002f5df3090f8624133c446ad4
-
SSDEEP
98304:2z+WCSyhi65sn6Wfz7pnxCjJaWlpx1dstaNoSwKHf1c3z5MOueAeFM9hGkrW+cdK:2CmyDDOYjJlpZstQoS9Hf12VKX7bGCWK
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\BootstrapperNew.exe"C:\Users\Admin\AppData\Local\Temp\BootstrapperNew.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\BootstrapperNew.exe"C:\Users\Admin\AppData\Local\Temp\BootstrapperNew.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.4MB
MD5b93eda8cc111a5bde906505224b717c3
SHA15f1ae1ab1a3c4c023ea8138d4b09cbc1cd8e8f9e
SHA256efa27cd726dbf3bf2448476a993dc0d5ffb0264032bf83a72295ab3fc5bcd983
SHA512b20195930967b4dc9f60c15d9ceae4d577b00095f07bd93aa4f292b94a2e5601d605659e95d5168c1c2d85dc87a54d27775f8f20ebcacf56904e4aa30f1affba
-
Filesize
4.4MB