Overview

overview

10

Static

static

10

BootstrapperNew.exe

windows7-x64

7

BootstrapperNew.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Solara.rar

  • Size

    82.0MB

  • Sample

    250222-elvgtaxlb1

  • MD5

    9e057fe56316ee16dbeb51d8989764b0

  • SHA1

    eca49a062ec4b4e9807a24cb3e9dfb0997f570f8

  • SHA256

    7713981d45396a28e415b79851133fbe2c812fb14f9f8bae7dc5a59ed363030d

  • SHA512

    2a27ab85cca2bdef6122f867e444a1d89d777e1513a6ca7c2059e92e8266dbc3300912d32b4f2d3db52df3e9d362f870e34f3ecfd0016641ca0e39a2dea26142

  • SSDEEP

    1572864:sr/mYqBnVp4CcUbHb5WuB0GyGxCVggOnMop+hgOLmNvgXCDAWGm:srGvGU30lVggOMop+qOKNv8wx

Score
10/10
pysilondefense_evasionexecutionpersistencepyinstallerupx

Malware Config

Targets

    • Target

      BootstrapperNew.exe

    • Size

      83.4MB

    • MD5

      0f246c20a8cb4a9b00fd27397ef55ba3

    • SHA1

      b566b643252b7430b89c066aca0dfaa9fe1f5a7a

    • SHA256

      a77d2c65860fd91eb491d4949ca5562ddad2618f64ca0efadb47b4ffbf3254f7

    • SHA512

      b3c61c8de8d04c9357b596ef274c70f49e8a4f9675db2af77edc08edcd86bc0c2d1af214321c3ae5b4077187d07d261a6d0e45a1bf2f0c300fde1d3ec878c059

    • SSDEEP

      1572864:nVjlQWC6uqnOkiqOv8im2AqlE76lhCiYweyJulZUdgMzZVcd72:d2MuqnOknOv8i3dnLfpuoTcZ2

    Score
    9/10
    upxdefense_evasionexecutionpersistence

    • Enumerates VirtualBox DLL files

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      defense_evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks