General

  • Target

    aa94947472e46900c5db373d034cfb3c2ceb8e694be4ad2ab9d5b1bb712830dd

  • Size

    5.8MB

  • Sample

    240321-24gd8seg41

  • MD5

    b7d070c4c6c558cad26e44e003923fbf

  • SHA1

    4ada5f11221f773ab212a4f0913e40ffadf77f62

  • SHA256

    aa94947472e46900c5db373d034cfb3c2ceb8e694be4ad2ab9d5b1bb712830dd

  • SHA512

    41acfe23de73321f2ebfd26c9a7d4ad17c1ee036c42ecd460d085662ea647c74a00abf81a74895ee6f525d1c8ab313dec84dbeda92b9dac22b671c6a8e22017c

  • SSDEEP

    98304:I4MCyTyc22+IMYcLfqHX88i1JZ7mzyDunRH5jR9eHyKGoFILUw8RovKSQzRMW:x4yP2lMJLfq33i12mxHyo5XSQB

Malware Config

Targets

    • Target

      aa94947472e46900c5db373d034cfb3c2ceb8e694be4ad2ab9d5b1bb712830dd

    • Size

      5.8MB

    • MD5

      b7d070c4c6c558cad26e44e003923fbf

    • SHA1

      4ada5f11221f773ab212a4f0913e40ffadf77f62

    • SHA256

      aa94947472e46900c5db373d034cfb3c2ceb8e694be4ad2ab9d5b1bb712830dd

    • SHA512

      41acfe23de73321f2ebfd26c9a7d4ad17c1ee036c42ecd460d085662ea647c74a00abf81a74895ee6f525d1c8ab313dec84dbeda92b9dac22b671c6a8e22017c

    • SSDEEP

      98304:I4MCyTyc22+IMYcLfqHX88i1JZ7mzyDunRH5jR9eHyKGoFILUw8RovKSQzRMW:x4yP2lMJLfq33i12mxHyo5XSQB

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks