Overview

overview

10

Static

static

3c5f24c50f...f7.exe

windows7-x64

10

3c5f24c50f...f7.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3c5f24c50fa79992ff6a4c00a6317925f1fce059914c031e5f0642bc572aa2f7

  • Size

    2.7MB

  • Sample

    221125-ye7y4sah46

  • MD5

    f973642b2358732382584ec27bec2d00

  • SHA1

    c27050d9c709e2a5bbe88950f3040462896cc994

  • SHA256

    3c5f24c50fa79992ff6a4c00a6317925f1fce059914c031e5f0642bc572aa2f7

  • SHA512

    c0444354c001e4b13b847c972aa780613f3f83c258f80cdbdc8ad387dd17e753d105ee6646c3a84179a63db5961909799d87126f81025ce88494d2db7e86c98b

  • SSDEEP

    49152:vvgr7S8COnATBbOzeHNMmAtMyMpy76wR9KWnE83S78DN2HTbuXw:vv6gxvHN54PWG6wRgu3Ue2cw

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      3c5f24c50fa79992ff6a4c00a6317925f1fce059914c031e5f0642bc572aa2f7

    • Size

      2.7MB

    • MD5

      f973642b2358732382584ec27bec2d00

    • SHA1

      c27050d9c709e2a5bbe88950f3040462896cc994

    • SHA256

      3c5f24c50fa79992ff6a4c00a6317925f1fce059914c031e5f0642bc572aa2f7

    • SHA512

      c0444354c001e4b13b847c972aa780613f3f83c258f80cdbdc8ad387dd17e753d105ee6646c3a84179a63db5961909799d87126f81025ce88494d2db7e86c98b

    • SSDEEP

      49152:vvgr7S8COnATBbOzeHNMmAtMyMpy76wR9KWnE83S78DN2HTbuXw:vv6gxvHN54PWG6wRgu3Ue2cw

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks