General
-
Target
AimBolt.exe
-
Size
761KB
-
Sample
240626-ty494svgrk
-
MD5
f4207c97ef68f04fdfb837133fe06fe4
-
SHA1
910f4cdf8987936ce76b4314b53e634fb517a182
-
SHA256
2bd9aaefd640dd2ff0afcc994ebf0b66f7b5ebb05fd38d78ef04815e901b4994
-
SHA512
e0fe67bf6434397ceb89ea10746165526c852ec6ea5d6c92e74d1c34e0ca94a9e1d6ba30dcf36a29ed6b4ff835fac5e1b314469e4078a12e4e319e4661a491e4
-
SSDEEP
12288:a3aVvTuaH8x4D9NDj9JIEMrBaolQIYgsPyQGl50qrx80nFJlLA13AKVe1gWwjU:aKVvTNHTLj99qT4gsF8msJlc1QKVdjU
Static task
static1
Behavioral task
behavioral1
Sample
AimBolt.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
AimBolt.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
AimBolt.exe
-
Size
761KB
-
MD5
f4207c97ef68f04fdfb837133fe06fe4
-
SHA1
910f4cdf8987936ce76b4314b53e634fb517a182
-
SHA256
2bd9aaefd640dd2ff0afcc994ebf0b66f7b5ebb05fd38d78ef04815e901b4994
-
SHA512
e0fe67bf6434397ceb89ea10746165526c852ec6ea5d6c92e74d1c34e0ca94a9e1d6ba30dcf36a29ed6b4ff835fac5e1b314469e4078a12e4e319e4661a491e4
-
SSDEEP
12288:a3aVvTuaH8x4D9NDj9JIEMrBaolQIYgsPyQGl50qrx80nFJlLA13AKVe1gWwjU:aKVvTNHTLj99qT4gsF8msJlc1QKVdjU
Score7/10-
Deletes itself
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-