grandoreiro | a9f9baa69dd0b15747c01aa676052b3de1f173f5da7928b8816a7c8779065358 | Triage

Submit
Reports

Overview

overview

Static

static

1

03202329.a...70.vbs

windows7-x64

Sharing

General

Target

03202329.arcvfile..695876870.vbs
Size

12KB
Sample

230330-dv8v5aag95
MD5

9f370a4d78e168070152cd7a62c93ea0
SHA1

924a0fb8c3cfec12f34ef6f782bcd95734d36f15
SHA256

a9f9baa69dd0b15747c01aa676052b3de1f173f5da7928b8816a7c8779065358
SHA512

34b089925845fb69082b0f00eea3ecf6399cc7d16ca37a3b19616226f05a599d6c1629ec2db5e120f80f11913138bdb53a49a7ec000dbd667e2d0f1fa18e9c39
SSDEEP

384:50SN0S20S20S20S20S20SK1y0S20SCu+JK1Q:50SN0S20S20S20S20S20SAy0S20SCu+v

Score

10^/10

grandoreiro banker persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

03202329.arcvfile..695876870.vbs

Resource

win7-20230220-es

grandoreiro banker persistence trojan

windows7-x64

19 signatures

1200 seconds

Malware Config

Targets

- Target
  
  03202329.arcvfile..695876870.vbs
- Size
  
  12KB
- MD5
  
  9f370a4d78e168070152cd7a62c93ea0
- SHA1
  
  924a0fb8c3cfec12f34ef6f782bcd95734d36f15
- SHA256
  
  a9f9baa69dd0b15747c01aa676052b3de1f173f5da7928b8816a7c8779065358
- SHA512
  
  34b089925845fb69082b0f00eea3ecf6399cc7d16ca37a3b19616226f05a599d6c1629ec2db5e120f80f11913138bdb53a49a7ec000dbd667e2d0f1fa18e9c39
- SSDEEP
  
  384:50SN0S20S20S20S20S20SK1y0S20SCu+JK1Q:50SN0S20S20S20S20S20SAy0S20SCu+v
Score

10^/10

grandoreiro banker persistence trojan
- Detects Grandoreiro payload
- Grandoreiro
  Part of a group of banking trojans, targeting Spanish and Portuguese speaking countries.
  trojan banker grandoreiro
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

grandoreirobankerpersistencetrojan

© 2018-2024

Terms | Privacy