banload | 87e6e962aef061c937e312706887ee5fa798358f751603d36b1da203b179a300 | Triage

Sharing

General

Target

2024-04-22_a372cc3b40e5444cf30cf18086e26329_magniber
Size

3.8MB
Sample

240422-dbkn7aef55
MD5

a372cc3b40e5444cf30cf18086e26329
SHA1

5801b003420f6dcabf3e8ccbd91ae83736c9d9fe
SHA256

87e6e962aef061c937e312706887ee5fa798358f751603d36b1da203b179a300
SHA512

eabac344a1850a92a09a9a0538d01dace7a3f5c3672461dbec9bba6610920d01296607bd9cf58f244c7b337bf3145414c6dcd384ad46a52a371bc5f1fbf22b44
SSDEEP

98304:Kzh1pjZmErOuPSDuzO0E0nE/jUt3M7H7qdk:KzhnsEquP56knJ3wH7qdk

Score

10^/10

banload downloader dropper evasion trojan

Malware Config

Targets

- Target
  
  2024-04-22_a372cc3b40e5444cf30cf18086e26329_magniber
- Size
  
  3.8MB
- MD5
  
  a372cc3b40e5444cf30cf18086e26329
- SHA1
  
  5801b003420f6dcabf3e8ccbd91ae83736c9d9fe
- SHA256
  
  87e6e962aef061c937e312706887ee5fa798358f751603d36b1da203b179a300
- SHA512
  
  eabac344a1850a92a09a9a0538d01dace7a3f5c3672461dbec9bba6610920d01296607bd9cf58f244c7b337bf3145414c6dcd384ad46a52a371bc5f1fbf22b44
- SSDEEP
  
  98304:Kzh1pjZmErOuPSDuzO0E0nE/jUt3M7H7qdk:KzhnsEquP56knJ3wH7qdk
Score

10^/10

banload downloader dropper evasion trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperevasiontrojan

behavioral2

banloaddownloaderdropperevasiontrojan