Overview

overview

10

Static

static

3

2024-01-10...ia.exe

windows7-x64

10

2024-01-10...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-10_cd718363be30f8b2a2b307af5319d547_mafia

  • Size

    6.3MB

  • Sample

    240111-gnd9qaaaal

  • MD5

    cd718363be30f8b2a2b307af5319d547

  • SHA1

    5fccd9e67ad69468f4b590805c8c2927442c0539

  • SHA256

    5a7cb798885665397e3f6280b6ebe48d7f19631ce9ac4a534dcb5431cdbb984b

  • SHA512

    93e650bc41a2c9f0433758fb35476178ae804ea9040b0e3b08cac87dd81af9c1ddc76914e2f26e5ce38b106c201478020bc14c3e497b6e4ae4fe26aeddfa172c

  • SSDEEP

    196608:EnTH90AqjJdo8vGq8dc6YPYeheuazoyc2Z:EnTH90AqjJFv58dcpYJuazZ

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-01-10_cd718363be30f8b2a2b307af5319d547_mafia

    • Size

      6.3MB

    • MD5

      cd718363be30f8b2a2b307af5319d547

    • SHA1

      5fccd9e67ad69468f4b590805c8c2927442c0539

    • SHA256

      5a7cb798885665397e3f6280b6ebe48d7f19631ce9ac4a534dcb5431cdbb984b

    • SHA512

      93e650bc41a2c9f0433758fb35476178ae804ea9040b0e3b08cac87dd81af9c1ddc76914e2f26e5ce38b106c201478020bc14c3e497b6e4ae4fe26aeddfa172c

    • SSDEEP

      196608:EnTH90AqjJdo8vGq8dc6YPYeheuazoyc2Z:EnTH90AqjJFv58dcpYJuazZ

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks