Overview

overview

10

Static

static

3

2024-03-26...ia.exe

windows7-x64

10

2024-03-26...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-26_c0afd8f22d6cb9c5af0a18e456f96b8b_mafia

  • Size

    6.4MB

  • Sample

    240326-lr4q1aad2z

  • MD5

    c0afd8f22d6cb9c5af0a18e456f96b8b

  • SHA1

    fd5764b4cd69e933e8074f0a695073b2b08b449e

  • SHA256

    19ff75598404b0a90e5ecd06564db852371fb7aa5db54a9eab915ad162930761

  • SHA512

    a2a67a1b6332b468ceeeba0fb3f1a7d8728e1046bf620e935b2e793fb1880ee62f8126d66c4b53d16304f3c7947ca9057ed3ee12234da468adedb89345a008bf

  • SSDEEP

    98304:ruoMZMVLQDmEzFTD+gMa6JSKjqGObf3GNz1/4TwBTYn/mLs4rlBw2DqaWC:ruoMmJDoErhtawBE/mLXrn2V

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-03-26_c0afd8f22d6cb9c5af0a18e456f96b8b_mafia

    • Size

      6.4MB

    • MD5

      c0afd8f22d6cb9c5af0a18e456f96b8b

    • SHA1

      fd5764b4cd69e933e8074f0a695073b2b08b449e

    • SHA256

      19ff75598404b0a90e5ecd06564db852371fb7aa5db54a9eab915ad162930761

    • SHA512

      a2a67a1b6332b468ceeeba0fb3f1a7d8728e1046bf620e935b2e793fb1880ee62f8126d66c4b53d16304f3c7947ca9057ed3ee12234da468adedb89345a008bf

    • SSDEEP

      98304:ruoMZMVLQDmEzFTD+gMa6JSKjqGObf3GNz1/4TwBTYn/mLs4rlBw2DqaWC:ruoMmJDoErhtawBE/mLXrn2V

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks