banload | 962f0c75e9c5423edcb792fd548f03103e50149161c5da4db1e8b1a431e03586 | Triage

Sharing

General

Target

2024-02-11_55a03cc7c30736a358b4512ea2e3bc7f_magniber
Size

19.2MB
Sample

240211-lsqwjaeh3v
MD5

55a03cc7c30736a358b4512ea2e3bc7f
SHA1

fd5cdb6cd0ed1592dbb5fce54e3dc0c3ea346f62
SHA256

962f0c75e9c5423edcb792fd548f03103e50149161c5da4db1e8b1a431e03586
SHA512

19ea9a11c4dd21b2ba8efb827bbd2b625c533e3f82a46edc24eba8bb99dcad3c98c99ba2adfcd1f2796dfc231b4c23239793f654a3fede15ba8214e09b03d7cc
SSDEEP

393216:sncbNdGexhowCwBmR5IJGIJm1XMoTwgomYy26NI5:vbNdGegvwBm/IrYc5m

Score

10^/10

banload downloader dropper evasion trojan

Malware Config

Targets

- Target
  
  2024-02-11_55a03cc7c30736a358b4512ea2e3bc7f_magniber
- Size
  
  19.2MB
- MD5
  
  55a03cc7c30736a358b4512ea2e3bc7f
- SHA1
  
  fd5cdb6cd0ed1592dbb5fce54e3dc0c3ea346f62
- SHA256
  
  962f0c75e9c5423edcb792fd548f03103e50149161c5da4db1e8b1a431e03586
- SHA512
  
  19ea9a11c4dd21b2ba8efb827bbd2b625c533e3f82a46edc24eba8bb99dcad3c98c99ba2adfcd1f2796dfc231b4c23239793f654a3fede15ba8214e09b03d7cc
- SSDEEP
  
  393216:sncbNdGexhowCwBmR5IJGIJm1XMoTwgomYy26NI5:vbNdGegvwBm/IrYc5m
Score

10^/10

banload downloader dropper evasion trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperevasiontrojan

behavioral2

banloaddownloaderdropperevasiontrojan