Introducing BIOLOAD: FIN7 BOOSTWRITE’s Lost Twin
Tags
attack-pattern: Dll Search Order Hijacking - T1574.001 Malware - T1587.001 Malware - T1588.001 Scheduled Task - T1053.005 Server - T1583.004 Server - T1584.004 Dll Search Order Hijacking - T1038 Scheduled Task - T1053
Show in Graph
Common Information
Type Value
UUID b0e42ee5-67a7-4f65-a502-f4c40359141c
Fingerprint 64d81113caac0685
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 26, 2019, midnight
Added to db Feb. 18, 2023, 12:24 a.m.
Last updated Nov. 17, 2024, 5:57 p.m.
Headline Introducing BIOLOAD: FIN7 BOOSTWRITE’s Lost Twin
Title Introducing BIOLOAD: FIN7 BOOSTWRITE’s Lost Twin
Detected Hints/Tags/Attributes 31/1/7
Source URLs
Redirection Url
Details Source https://www.fortinet.com/blog/threat-research/bioload-fin7-boostwrite-lost-twin
Details Source https://www.fortinet.com/blog/threat-research/bioload-fin7-boostwrite-lost-twin.html
URL Provider
Details Provider Source level domain
Details fortinet.com www.fortinet.com
Attributes
Details Type #Events CTI Value
Details File 2 
facefoduninstaller.exe
Details File 3 
winbio.dll
Details sha256 1 
7bdae0dfc37cb5561a89a0b337b180ac6a139250bd5247292f470830bd96dda7
Details sha256 1 
c1c68454e82d79e75fefad33e5acbb496bbc3f5056dfa26aaf1f142cee1af372
Details sha256 1 
77a6fbd4799a8468004f49f5929352336f131ad83c92484b052a2eb120ebaf9a
Details sha256 1 
42d3cf75497a724e9a9323855e0051971816915fc7eb9f0426b5a23115a3bdcb
Details Threat Actor Identifier - FIN 377 
FIN7