General
-
Target
020e1fb674fb198702e16ede5a47bc7c05d9bd435bdc4d0e2ec121cb53daa3f6
-
Size
4.1MB
-
Sample
220523-t7dthsadfr
-
MD5
5b277bb0f8ff910dcc3dd8ac45e95f42
-
SHA1
464690589218f1085cf669a2b4193ac88e931047
-
SHA256
020e1fb674fb198702e16ede5a47bc7c05d9bd435bdc4d0e2ec121cb53daa3f6
-
SHA512
e14897408966464fb3695af62ffcb6745502938bd4f6cdf3937c43bd0c4449c01cc4767b235d4c2c1c9f6f14c3aa7ec8f8dbbdb7e360fae2670016271b75336d
Static task
static1
Behavioral task
behavioral1
Sample
020e1fb674fb198702e16ede5a47bc7c05d9bd435bdc4d0e2ec121cb53daa3f6.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
020e1fb674fb198702e16ede5a47bc7c05d9bd435bdc4d0e2ec121cb53daa3f6.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
020e1fb674fb198702e16ede5a47bc7c05d9bd435bdc4d0e2ec121cb53daa3f6
-
Size
4.1MB
-
MD5
5b277bb0f8ff910dcc3dd8ac45e95f42
-
SHA1
464690589218f1085cf669a2b4193ac88e931047
-
SHA256
020e1fb674fb198702e16ede5a47bc7c05d9bd435bdc4d0e2ec121cb53daa3f6
-
SHA512
e14897408966464fb3695af62ffcb6745502938bd4f6cdf3937c43bd0c4449c01cc4767b235d4c2c1c9f6f14c3aa7ec8f8dbbdb7e360fae2670016271b75336d
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-