General
-
Target
8f236ac211c340f43568e545f40c31b5feed78bdf178f13abe498a1f24557d56
-
Size
2.8MB
-
Sample
220124-fvey6acea9
-
MD5
4cf6cc9fafde5d516be35f73615d3f00
-
SHA1
f4b9c366a50fa20013d70730f9e260534e59a846
-
SHA256
8f236ac211c340f43568e545f40c31b5feed78bdf178f13abe498a1f24557d56
-
SHA512
f9670cbda474606b17302fab11dc5e5fff1ecf1414454f30293a5650e4e4458d6f687e642f4f8b5c154b5619382fd06a043517ffc5d1ffc0d5344fc3b3763a05
Static task
static1
Behavioral task
behavioral1
Sample
8f236ac211c340f43568e545f40c31b5feed78bdf178f13abe498a1f24557d56.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
8f236ac211c340f43568e545f40c31b5feed78bdf178f13abe498a1f24557d56.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
8f236ac211c340f43568e545f40c31b5feed78bdf178f13abe498a1f24557d56
-
Size
2.8MB
-
MD5
4cf6cc9fafde5d516be35f73615d3f00
-
SHA1
f4b9c366a50fa20013d70730f9e260534e59a846
-
SHA256
8f236ac211c340f43568e545f40c31b5feed78bdf178f13abe498a1f24557d56
-
SHA512
f9670cbda474606b17302fab11dc5e5fff1ecf1414454f30293a5650e4e4458d6f687e642f4f8b5c154b5619382fd06a043517ffc5d1ffc0d5344fc3b3763a05
-
Banload
Banload variants download malicious files, then install and execute the files.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-