Overview

overview

10

Static

static

1

2024-02-16...ia.exe

windows7-x64

10

2024-02-16...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-16_e38e3b414db641943b22d82706ed308f_mafia

  • Size

    4.6MB

  • Sample

    240216-nw6ghaaf23

  • MD5

    e38e3b414db641943b22d82706ed308f

  • SHA1

    321ef2920605314458abef4cf3b0108d4525e381

  • SHA256

    14a47f23a0273a397e392a8fc13422cef0a60e96cd3e3d2ad619d011ef12cc6b

  • SHA512

    3bab1404029611968934f525ffeeb429aa555330f42de77ba79113cdebdd8e0525342ef1a7002f29ac860e22beafa5e91d24129c52cc6c9e43e04b0277a9b136

  • SSDEEP

    98304:yqWR2siakdBEwRDBTPgg8d8iJtn6w+6H0ZT9toSISISIJ:yqWRya2BEwRVgg8dvHUdi

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-02-16_e38e3b414db641943b22d82706ed308f_mafia

    • Size

      4.6MB

    • MD5

      e38e3b414db641943b22d82706ed308f

    • SHA1

      321ef2920605314458abef4cf3b0108d4525e381

    • SHA256

      14a47f23a0273a397e392a8fc13422cef0a60e96cd3e3d2ad619d011ef12cc6b

    • SHA512

      3bab1404029611968934f525ffeeb429aa555330f42de77ba79113cdebdd8e0525342ef1a7002f29ac860e22beafa5e91d24129c52cc6c9e43e04b0277a9b136

    • SSDEEP

      98304:yqWR2siakdBEwRDBTPgg8d8iJtn6w+6H0ZT9toSISISIJ:yqWRya2BEwRVgg8dvHUdi

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks