General

  • Target

    56af6fab54928c91d1dbb967ee75cd58

  • Size

    1.8MB

  • Sample

    240112-rk27gsheal

  • MD5

    56af6fab54928c91d1dbb967ee75cd58

  • SHA1

    4a5bb962f4c62e5ea2652dd5babfead0b918210b

  • SHA256

    c73f089c7895de3cfa2c20722ae8dbb7ddbfb061cd4cc4532934996014fe44e4

  • SHA512

    b56946a717c0b84f49d91a28308e8467daed7e13e960e0ef22294044b4ae65ed31ea7126c588e96ae1b6fd2d0b24a252d69e17b07a53d74ce7ca8d01a0a38d54

  • SSDEEP

    49152:ovMW2NU1Hlwu0fJTY8dn4tpwclO0q5VWy7EeNx:o0hNOFwuadn4tpwcMPtQAx

Malware Config

Targets

    • Target

      56af6fab54928c91d1dbb967ee75cd58

    • Size

      1.8MB

    • MD5

      56af6fab54928c91d1dbb967ee75cd58

    • SHA1

      4a5bb962f4c62e5ea2652dd5babfead0b918210b

    • SHA256

      c73f089c7895de3cfa2c20722ae8dbb7ddbfb061cd4cc4532934996014fe44e4

    • SHA512

      b56946a717c0b84f49d91a28308e8467daed7e13e960e0ef22294044b4ae65ed31ea7126c588e96ae1b6fd2d0b24a252d69e17b07a53d74ce7ca8d01a0a38d54

    • SSDEEP

      49152:ovMW2NU1Hlwu0fJTY8dn4tpwclO0q5VWy7EeNx:o0hNOFwuadn4tpwcMPtQAx

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks