banload | 624abfe3326934dcba8cddf388563bf84fbaec333dc5f63d276f967c3389cf1b | Triage

Sharing

General

Target

2024-04-27_7ca2da97a3cd730eb3a69ec18ed028a6_magniber
Size

16.8MB
Sample

240427-w3mxqsea65
MD5

7ca2da97a3cd730eb3a69ec18ed028a6
SHA1

f6e6735e02fc088a671637ff0e245a646cfafc4b
SHA256

624abfe3326934dcba8cddf388563bf84fbaec333dc5f63d276f967c3389cf1b
SHA512

53d69867bd10f92bfeb6a979eae1480396571af580942030f082b44ea6ca5a5e6bdee042147caf4810cf3de54f365bebfa0398190d0430279bc376d7f2c0e368
SSDEEP

393216:7J9iakYd4tEWiHGYip94elvinOjc80fk/aO9:7OaJWiH294elA6c802N9

Score

10^/10

banload downloader dropper evasion trojan

Malware Config

Targets

- Target
  
  2024-04-27_7ca2da97a3cd730eb3a69ec18ed028a6_magniber
- Size
  
  16.8MB
- MD5
  
  7ca2da97a3cd730eb3a69ec18ed028a6
- SHA1
  
  f6e6735e02fc088a671637ff0e245a646cfafc4b
- SHA256
  
  624abfe3326934dcba8cddf388563bf84fbaec333dc5f63d276f967c3389cf1b
- SHA512
  
  53d69867bd10f92bfeb6a979eae1480396571af580942030f082b44ea6ca5a5e6bdee042147caf4810cf3de54f365bebfa0398190d0430279bc376d7f2c0e368
- SSDEEP
  
  393216:7J9iakYd4tEWiHGYip94elvinOjc80fk/aO9:7OaJWiH294elA6c802N9
Score

10^/10

banload downloader dropper evasion trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperevasiontrojan

behavioral2

banloaddownloaderdropperevasiontrojan