Overview

overview

10

Static

static

3

grand.exe

windows7-x64

10

grand.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    grand.EXE

  • Size

    5.5MB

  • Sample

    230913-ng26jaea93

  • MD5

    47f7101191190d132a438444ee64a798

  • SHA1

    1b17f49c98c7a0dcf7d40752dacf6b9e99ebe2d3

  • SHA256

    c5195273e6bed87762880598a2a08bdeadab8d84fab3e78b6726c7eadd08ed54

  • SHA512

    6fdd4755a6c6fa157fef65e88dd5d702df7a053fa36f5646a258edb9900c2f34fd4af440ff6d06d8a8ac11fd55273244f346b064a120d172846f09ac3dbd77c3

  • SSDEEP

    98304:vyghDiIufzZIKj5Ahc3x8x/3a1UVG+5T8wNyxZnkkYOW:vJhZuf+W1xGSUVG+x8wQZXY

Score
10/10
grandoreirobankerpersistencetrojan

Malware Config

Targets

    • Target

      grand.EXE

    • Size

      5.5MB

    • MD5

      47f7101191190d132a438444ee64a798

    • SHA1

      1b17f49c98c7a0dcf7d40752dacf6b9e99ebe2d3

    • SHA256

      c5195273e6bed87762880598a2a08bdeadab8d84fab3e78b6726c7eadd08ed54

    • SHA512

      6fdd4755a6c6fa157fef65e88dd5d702df7a053fa36f5646a258edb9900c2f34fd4af440ff6d06d8a8ac11fd55273244f346b064a120d172846f09ac3dbd77c3

    • SSDEEP

      98304:vyghDiIufzZIKj5Ahc3x8x/3a1UVG+5T8wNyxZnkkYOW:vJhZuf+W1xGSUVG+x8wQZXY

    Score
    10/10
    grandoreirobankerpersistencetrojan

    • Detects Grandoreiro payload

    • Grandoreiro

      Part of a group of banking trojans, targeting Spanish and Portuguese speaking countries.

      trojanbankergrandoreiro

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks