Blob.boy.rar Now

Creates a scheduled task named BlobBoyUpdate or adds a registry key in HKCU\Software\Microsoft\Windows\CurrentVersion\Run . 4. Static Analysis / Findings Contained Files: Boy.exe : The main executable/loader. blob.dat : Encrypted payload or configuration file.

Use a forensic reader to check for unauthorized password blobs or GMSA account abuse if the infection occurred in an Active Directory environment. Blob.Boy.rar

Add the hash of Boy.exe and the C2 domain to your Organization's EDR/Firewall . Creates a scheduled task named BlobBoyUpdate or adds

Scroll to Top