General
-
Target
27aac56d3df98439a82ebd528bc6cf4446792f38b7dfb21bd379978d167a3d83
-
Size
3.2MB
-
Sample
221126-eqd1maba67
-
MD5
9d939a0e0267199dfe00ca6b67ce55ef
-
SHA1
25b73d95aeacbddd582f2368925c816c40a6dee0
-
SHA256
27aac56d3df98439a82ebd528bc6cf4446792f38b7dfb21bd379978d167a3d83
-
SHA512
050a623d9e6c8ab814ae89a9e510b1d1962b96d6905d1c3ca5efbebf4c673d843ec05f9f2688d22c45c69f9b914d65ca09fc9122bb597fdecfed69982efac7e3
-
SSDEEP
98304:XXz+eBX1C5Bs75yAsqAq01usThU1Amx6PRJTLuG:nKeV1CcZLF0Y+OmmxYCG
Static task
static1
Behavioral task
behavioral1
Sample
27aac56d3df98439a82ebd528bc6cf4446792f38b7dfb21bd379978d167a3d83.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
27aac56d3df98439a82ebd528bc6cf4446792f38b7dfb21bd379978d167a3d83
-
Size
3.2MB
-
MD5
9d939a0e0267199dfe00ca6b67ce55ef
-
SHA1
25b73d95aeacbddd582f2368925c816c40a6dee0
-
SHA256
27aac56d3df98439a82ebd528bc6cf4446792f38b7dfb21bd379978d167a3d83
-
SHA512
050a623d9e6c8ab814ae89a9e510b1d1962b96d6905d1c3ca5efbebf4c673d843ec05f9f2688d22c45c69f9b914d65ca09fc9122bb597fdecfed69982efac7e3
-
SSDEEP
98304:XXz+eBX1C5Bs75yAsqAq01usThU1Amx6PRJTLuG:nKeV1CcZLF0Y+OmmxYCG
-
Banload
Banload variants download malicious files, then install and execute the files.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-