General

  • Target

    SetupWordTab.exe

  • Size

    20.3MB

  • Sample

    230912-zv4gasfe8w

  • MD5

    4d3c924ae9dccb7e7d8668b71b87dcaf

  • SHA1

    39005013ba1f0813d210bd735f0f23241f586b2e

  • SHA256

    1ea8e932429c45b870c20539375731e0904d81bbb30cf15a53ddd46415ef53ae

  • SHA512

    ca87c678cf456515f886c30e93e11602f977df3f2421d059f4b1dbcfe871ea3213bdeb76180c188633e721f043f3e41f7d553dab53ef25a5c0be0f9752f8821c

  • SSDEEP

    393216:AwCBGFHo7jAWcRZiZKUQz32n3U5+TRq6iHA0GVUwro84Cpnr2K68L:vCB5AFyyG3UITRqP0VNcqr2K6y

Malware Config

Targets

    • Target

      SetupWordTab.exe

    • Size

      20.3MB

    • MD5

      4d3c924ae9dccb7e7d8668b71b87dcaf

    • SHA1

      39005013ba1f0813d210bd735f0f23241f586b2e

    • SHA256

      1ea8e932429c45b870c20539375731e0904d81bbb30cf15a53ddd46415ef53ae

    • SHA512

      ca87c678cf456515f886c30e93e11602f977df3f2421d059f4b1dbcfe871ea3213bdeb76180c188633e721f043f3e41f7d553dab53ef25a5c0be0f9752f8821c

    • SSDEEP

      393216:AwCBGFHo7jAWcRZiZKUQz32n3U5+TRq6iHA0GVUwro84Cpnr2K68L:vCB5AFyyG3UITRqP0VNcqr2K6y

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks