banload

Sharing

Copy URL

Twitter E-mail

General

Target

@!#SETUP_FILE_2024_PASSCODE_$.rar
Size

23.5MB
Sample

240428-vlkklscf7s
MD5

7611e93930a3ebfc3144343b30cd9dcd
SHA1

2fcfefd406cfbade85a6e58aa06442bd925aeb5d
SHA256

e8b27d9776228fec69909096f712fcbf90cd8a335394e3791ac3be7cb37b3556
SHA512

93240b34e717a3c93d1ca7bdb25c7bbfc3bb5969c09c6dacc1dcb6b1e92577da311e006442ce1a5d28c99625abafa666a76b33b4f80f9195669d2702dc7d3673
SSDEEP

393216:FK6+W0Ec0JqaRS46jX7k2E1AIvcGdqwHjW0V/exgk+oraBa8m2kPU0t8:86n0EcqS5X7OiIUNwD3eh+fBu2uU0t8

Score

10^/10

Malware Config

Targets

- Target
  
  @!#SETUP_FILE_2024_PASSCODE_$.rar
- Size
  
  23.5MB
- MD5
  
  7611e93930a3ebfc3144343b30cd9dcd
- SHA1
  
  2fcfefd406cfbade85a6e58aa06442bd925aeb5d
- SHA256
  
  e8b27d9776228fec69909096f712fcbf90cd8a335394e3791ac3be7cb37b3556
- SHA512
  
  93240b34e717a3c93d1ca7bdb25c7bbfc3bb5969c09c6dacc1dcb6b1e92577da311e006442ce1a5d28c99625abafa666a76b33b4f80f9195669d2702dc7d3673
- SSDEEP
  
  393216:FK6+W0Ec0JqaRS46jX7k2E1AIvcGdqwHjW0V/exgk+oraBa8m2kPU0t8:86n0EcqS5X7OiIUNwD3eh+fBu2uU0t8
Score

3^/10
behavioral1
- Target
  
  Setup.exe
- Size
  
  8.5MB
- MD5
  
  98169506fec94c2b12ba9930ad704515
- SHA1
  
  bce662a9fb94551f648ba2d7e29659957fd6a428
- SHA256
  
  9b8a5b0a45adf843e24214b46c285e44e73bc6eaf9e2a3b2c14a6d93ae541363
- SHA512
  
  7f4f7ac2326a1a8b7afc72822dae328753578eb0a4ffcec5adb4e4fb0c49703070f71e7411df221ee9f44d6b43a0a94921fe530877c5d5e71640b807e96def30
- SSDEEP
  
  196608:vdoUox8PFOegKz+qE1cnuyHgv3eZaOxqeXY4K:vC0O9m7EWEvbOxqetK
Score

10^/10

banload downloader dropper evasion persistence trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral2
- Target
  
  acdbase.dll
- Size
  
  2.9MB
- MD5
  
  dace23695dcfa0f7309b65366ac75bc0
- SHA1
  
  c5b1bad2dec36852fae90f81f0dbd00518479c01
- SHA256
  
  cf8b85beeff99b13d06ed15c79e555ab74e30dfa1491a36c4332f54ed09887e4
- SHA512
  
  0e1e5fc158fb39c3c3c7733226cb846407cd01ca1c49800fb7668134ebef129ab43030f2768a8b149b5ba9a18b2d1b0f8bf23d1a8de487a482e9268e0b679bbb
- SSDEEP
  
  49152:yQzvI/48LzIpH2aTZ70W6pVLOVicH+4T7snimYvtgbgwvWgfFv5COWaUsz7XapvL:yrIpHGpVL7nimatSgSWhOWaUsz7XapvL
Score

1^/10
behavioral3
- Target
  
  api-ms-win-crt-convert-l1-1-0.dll
- Size
  
  25KB
- MD5
  
  9f812bd3815909e559b15cb13489f294
- SHA1
  
  df751c956f59b4e3c82496d86895adc7cc1a1619
- SHA256
  
  ce6fcc2ddf21720c92bee04f5736a4787acffa970a1b0dbeea39ff5efec52c75
- SHA512
  
  0a360e8b81bf80cb6bdf240d627ddcf71b1a4ca42759de61b2d27fab521a8e6e3afa308cc69caf5a7c8b14d98d3d448f0d400ae1826cbe7d0f0ceafd14682064
- SSDEEP
  
  192:j9cyRWhhWnWGxVA6VWQ4cRWstTmz56CqRqNX01k9z3A8oX9l3zX:2yRWhhWfxdlvC5DNR9zrGnb
Score

1^/10
behavioral4
- Target
  
  api-ms-win-crt-environment-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  1a72e5f24214eb723e03a22ff53f8a22
- SHA1
  
  578d1dbfb22e9ff3b10c095d6a06acaf15469709
- SHA256
  
  fda46141c236a11054d4d3756a36da4412c82dd7877daad86cb65bf53d81ca1a
- SHA512
  
  530e693daecc7c7080b21e39b856c538bb755516aafdb6839a23768f40bcfc38d71b19586e8c8e37bb1c2b7a7c31fcb8e24a2315a8dd90f50fec22f973d86cb4
- SSDEEP
  
  192:CWhhWzWvkJ0f5AbVWQ4mWluxFlZNKd2kQX01k9z3Ad4M6tyOM:CWhhW3aabtF3NNPR9zw4JtyOM
Score

1^/10
behavioral5
- Target
  
  api-ms-win-crt-heap-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  9d136bbecf98a931e6371346059b5626
- SHA1
  
  2466e66bfd88dd66c1c693cbb95ea8a91b9558cd
- SHA256
  
  7617838af1b589f57e4fe9fee1e1412101878e6d3287cdc52a51cd03e3983717
- SHA512
  
  8c720c798d2a06f48b106a0a1ef38be9b4a2aebe2a657c8721278afa9fdbab9da2a672f47b7996ca1ce7517015d361d77963c686e0ae637a98c32fd75e5d0610
- SSDEEP
  
  192:9vh8Y17aFBRUWhhW1WGxVA6VWQ4cRWKksNQlO8X01k9z3AenWcK:RLRWhhWhxdl/KlO8R9zh4
Score

1^/10
behavioral6
- Target
  
  api-ms-win-crt-runtime-l1-1-0.dll
- Size
  
  25KB
- MD5
  
  6b39d005deb6c5ef2c9dd9e013b32252
- SHA1
  
  79a0736454befd88ba8d6bd88794d07712e38a67
- SHA256
  
  b0e50572eb82a46ed499775e95bfde7cb25c498957432c18c20cf930f332efd0
- SHA512
  
  50bc1f669499589a480379d72166dae701914427d51223994d63a0363420ca6fdde07010803270a62451afea9e4ae55206d8a4c00ca4680e7a9120cd33f99a0f
- SSDEEP
  
  192:lmGqX8mPrpJhhf4AN5/Ki9WhhWjmWGxVA6VWQ4cRW1XZ56CqRqNX01k9z3A8oXil:lysyr7LWhhWWxdl0Z5DNR9zrG25
Score

1^/10
behavioral7
- Target
  
  api-ms-win-crt-stdio-l1-1-0.dll
- Size
  
  25KB
- MD5
  
  97f24295c9bd6e1acae0c391e68a64cf
- SHA1
  
  75700dce304c45ec330a9405523f0f22e5dcbb18
- SHA256
  
  189d551fb3cba3dbb9b9c1797e127a52ac486d996f0ac7cba864fe35984a8d28
- SHA512
  
  cac75f623545c41b2597a25c14f2af7eb93e3e768b345d3b0e1928d8fd1f12bec39b18b8277f9550aa6a66d9cfe1bf6c3db93ae1eb2a6c07019d4f210b3e5998
- SSDEEP
  
  192:6uV2OlkuWYFxEpah/WhhWQWGxVA6VWQ4cRWqfyMbNQlO8X01k9z3Aen2yMJ:DV2oFVh/WhhWoxdlH6GKlO8R9zh2yi
Score

1^/10
behavioral8
- Target
  
  api-ms-win-crt-string-l1-1-0.dll
- Size
  
  25KB
- MD5
  
  d282a4fa046d05d40d138cc68c518914
- SHA1
  
  d5012090399f405ffe7d2fed09650e3544528322
- SHA256
  
  8b1471101145343da5f2c5981c515da4dfae783622ed71d40693fe59c3088d7a
- SHA512
  
  718926e728627f67ba60a391339b784accd861a15596f90d7f4e6292709ac3d170bcbca3cbf6267635136cb00b4f93da7dfd219fa0beee0cf8d95ce7090409e4
- SSDEEP
  
  768:mCV5yguNvZ5VQgx3SbwA71IkFlRzoOQ9zrg:h5yguNvZ5VQgx3SbwA71IuRzez
Score

1^/10
behavioral9
- Target
  
  api-ms-win-crt-time-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  6d35a57a6d8d569f870b96e00e7f1f4d
- SHA1
  
  8407bdb3cd5ec15b2ce738b3dbd704aa289ce3e1
- SHA256
  
  f41511e477a164eb9451ca51fb3810437f3b15f21e6f5c6ce0956e84ec823723
- SHA512
  
  4317b86d32ca93e5f0d832819cf1ab8af68e853a19eb07dd1fa4d168a0b2a8eab309194884ed3a613b09fc6d511be872a053f76f00ea443499006cdd226fea8f
- SSDEEP
  
  192:mm3hwD2WhhWq4WGxVA6VWQ4cRWY9y56CqRqNX01k9z3A8oXTlxWBR:HWhhWVxdlG5DNR9zrG/0R
Score

1^/10
behavioral10
- Target
  
  api-ms-win-crt-utility-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  8ed70910380aa0b28317512d72762cc0
- SHA1
  
  0421518370f24f9559f96459d0798d98b81ea732
- SHA256
  
  f15af0db93d9385ff9d8efdc06aacd0729d0dfcb66e91ca0243bb160f2ed89d0
- SHA512
  
  b31ef07eaac310fdd3df3546246e7dc696595b8e92141e3db79a44ddc3358b12129e3829a53c76d0fef214e3f29dba77fa5d556211830a140ea34ff62258d9d7
- SSDEEP
  
  192:Z/fHQduzWhhWqzWvkJ0f5AbVWQ42WIknbx6IVnKaQwP7yX01k9z3AcK:Z/fFWhhWq3aabObx6zaHeR9zTK
Score

1^/10
behavioral11
- Target
  
  epiphragm.psd
- Size
  
  5.6MB
- MD5
  
  a209208bc24096e1e7149f9bfc53ad75
- SHA1
  
  22867235a7695ae404ea83c6a99ce134794fe56f
- SHA256
  
  8e01be665d55bc3b4cd50d4e5d8c8bd537e2213e9f2f8b37d8e1308bae4e7126
- SHA512
  
  b8de8bd8b13cd508ecc5369cf24666f4a3b6fe7cb3357f81f4bf4109065261538d499babd191f97e56031a47d74c8e8e8fd9dba59bcde87adfb8f0a04cacfe51
- SSDEEP
  
  98304:M5q3R6cQ5LSVgM9UKAm5BytVx7B5grzOJT5n0TdlBQqiVsFeziSmM9:N3R625amLytz7Dg0ln0TdlBiVsfSv9
Score

3^/10
behavioral12
- Target
  
  libmmd.dll
- Size
  
  4.0MB
- MD5
  
  43f721959c4abc70bd7a0322db76ec59
- SHA1
  
  5c077409e71048f7022397c432f4f03038e68173
- SHA256
  
  e64ddffd26abd3dbdfa732d779515c5db519107f2c98b81aaa610f1eda373d85
- SHA512
  
  cff1a8666ebca04b70b01b27260b6bacb4fc0352f2dd18ebc4815932317beda0949d51e9692ec79ba7529a1b4e11ee49c40c31a9cef8a73a861568771546ba96
- SSDEEP
  
  98304:fJLi7X0J2iGkPyxtK5k8joEGIbQOpv3VzGQsJQQU:dyqCtKK8UEtb5yQs2F
Score

1^/10
behavioral13
- Target
  
  sulphanilamide.yaml
- Size
  
  77KB
- MD5
  
  68acfc368c5fb4c1523bbe7894e75b9f
- SHA1
  
  1f5895cfab8a22eb55e077f04525dc7fd25c1049
- SHA256
  
  391bcd9c7df6e29fb4262be92ba02aab4019cdb138a3e5c962035db26ffc1f72
- SHA512
  
  7361cd7748d848aa9352fd4749acbe36fba02fe3ac2d8773cbc536011abf97fc90a8a2414c2b57eed90a86c5942201df0e2ef32c5ab3045fd0a1dafdbe896d7f
- SSDEEP
  
  768:A+s/A/Q9sYz7ObmTURWzr9dGA72Cv2dGFWrNPnDqN/acXmA2r+HbvD6h0s7BtlxM:FscXYejO/D8N70BE/7rimRS9OErr
Score

3^/10
behavioral14
- Target
  
  updater.ini
- Size
  
  25KB
- MD5
  
  91e2d2af70ed5e2abdfa2df50fbfaf35
- SHA1
  
  5d444597a4f6a46ea709b970ac8b117015685706
- SHA256
  
  b2c04a568ac068f8bb2214307e5616468e2a53dbfca9f57e2ab90d140bc29e1a
- SHA512
  
  0fdc99d1adb18b39a101b4fb0b214b34534bcc616c142a985be1915825ed70426d2bfbbad3b0e227d4369f3de4ea2cace6f7e99f6e7b083cea3f91dd9d03f61d
- SSDEEP
  
  384:5OzjkFGyyCMy8tS0HN05IPdSbdij7AhVc8l1ZxAzUtJBz07cJbU59FkGNGb5hiXQ:AC38tSY6ouwh8UUtJBz07/8riXiRn
Score

1^/10
behavioral15
- Target
  
  vcruntime140.dll
- Size
  
  116KB
- MD5
  
  699dd61122d91e80abdfcc396ce0ec10
- SHA1
  
  7b23a6562e78e1d4be2a16fc7044bdcea724855e
- SHA256
  
  f843cd00d9aff9a902dd7c98d6137639a10bd84904d81a085c28a3b29f8223c1
- SHA512
  
  2517e52f7f03580afd8f928c767d264033a191e831a78eed454ea35c9514c0f0df127f49a306088d766908af7880f713f5009c31ce6b0b1e4d0b67e49447bfff
- SSDEEP
  
  1536:KqvQFDdwFBHKaPX8YKpWgeQqbekRG7MP4ddbsecbWcmpCGa3QFzFtjXzp:KqvQFDUXqWn7CkRG7YecbWb9a3kDX9
Score

1^/10
behavioral16
- Target
  
  x64/App.xbf
- Size
  
  1KB
- MD5
  
  fc6f983b839f1d0702c0d40f107313fb
- SHA1
  
  f0987f6305ff7b0e8d2b625ef5ad8fb5b0ce4081
- SHA256
  
  358b9f84ed4326fc989fb70f5d6d17e8e268eabb476b9e3ef6270872b00189f3
- SHA512
  
  f7e2b98d9898a99a14bb32d0ad478c0ea4d9713eb4424c0b1525d5e37855ed9f835db678d3ff590eaadf437c408d4a740eb3676adcee822d73a4c0e167b8e6f3
Score

3^/10
behavioral17
- Target
  
  x64/AzureKeyVaultDgssLib.dll
- Size
  
  373KB
- MD5
  
  34ae0787cdfcb920753763251dcf83de
- SHA1
  
  a41d5d58d21300e8418dbd354f46bba425fa9611
- SHA256
  
  3eee708fdcc68fe76ac4cc7adba90201912c63cd815717f91a5eabba1170af0d
- SHA512
  
  c8684bf3441fa5fb6a0e38df6bb9f728502e78f55eb9382ff168adab081440c37277497804fb1246a13e1f625aaa1858e39f62780c5c426edf3d825f9a739bc7
- SSDEEP
  
  6144:UbJLUIAs2A/QRth5FMjvgQKMBTaJq+jqBTSMNGx6:UbJciQRth5FMjvg9MEJMFpGI
Score

1^/10
behavioral18
- Target
  
  x64/BugReporter
- Size
  
  521KB
- MD5
  
  29d33ee7f3fa0ee7f52ae96732c90f48
- SHA1
  
  a781620a7bcff615d4dc64751b30287814200d13
- SHA256
  
  b8b06487ee2c2f2a4ae25d1e7a08a9ce831539a529fe2ed0e8841e5f7c42de90
- SHA512
  
  7b0076d73dc6ed561b8294ed7687f5d0d285b080b2f12bc49623690e32ccd6a2161232860f906aa151f04950587befae49793130f5f6e2ff13453a401862d856
- SSDEEP
  
  12288:pFU4ZwXnyWu9wHXspsSlxuw2xyJGS3mrxWI7n3OqiHThrmotbY7rSrZWZlJmwJIH:pyellxAxyJGS3mrxWI7n3OqiHThrmotD
Score

1^/10
behavioral19
- Target
  
  x64/ComExtractor
- Size
  
  618KB
- MD5
  
  36848dd965ff265d696fff4f2d51935e
- SHA1
  
  68c6390741c490adf2802c84e06a3b90a3c308ea
- SHA256
  
  d66ee1d1e44feb03d7821062ce27e92da0fa78f7e47a451b7b1d4b94860dd309
- SHA512
  
  6c3e9cdce928a78b9ea997954043ff82b2767a29b519116884e616b8aaa48668ccd051ed4607830bd7b59e32671e563939d180e576ae91752f854081b84b35af
- SSDEEP
  
  12288:pRP0qhnnyfYZtOUdSK+jgsVGmzyg4J5EA:fP0DgsVzyJ5EA
Score

1^/10
behavioral20
- Target
  
  x64/Microsoft.Toolkit.Win32.UI.XamlHost.dll
- Size
  
  108KB
- MD5
  
  1f4379d416af34033857bb439057cee0
- SHA1
  
  a779714e9fe715aad9db2218a4b761ab77e873b9
- SHA256
  
  98a87914e37600c7f97a27ca603a6b994dd51ffd390ce5b34e073939d258c2f4
- SHA512
  
  cdaa3d8727e287eeaddfd58e04f292bd8daf7671a2942f99a023f31037cc8b76dce5c0566d6c0664b24403930bdd9396b27af208c313a28010e7eb9f850ba881
- SSDEEP
  
  1536:WPiq7mAYLZ/kEglj55rEzGJT45rhh9esSTrXjnwVijXXyNGF1ZvLzmFiXxnBjYh2:6sxkEDGJk5rYk9Y
Score

1^/10
behavioral21
- Target
  
  x64/Microsoft.UI.Xaml.dll
- Size
  
  6.1MB
- MD5
  
  459d8921e7b6404ab89ab57a1f200166
- SHA1
  
  43d3ba0c4df305ce8967099836f8c08474c67b19
- SHA256
  
  b975c41251d70384635c81ba1bab34506ea4c4094237081bbf9ff4ca7c96a90e
- SHA512
  
  95ef4c283357eef2a0ed53e4ab369f8df0b6f29b609c2d9cc603d1b22ad695c35ed47011cdccc46da5138960a6518d0ad85cb15b4fe4fde9efd00aaa30d9f053
- SSDEEP
  
  196608:0gBQ4NrYqcJugX0trlbHJVI9vTUxL0zmqWYvz+A1QBuNmI7ei1L1:FBQOUqcJugX0trlbHJVI9vTUxL0zmqWi
Score

1^/10
behavioral22
- Target
  
  x64/RepackagerStartPage.xbf
- Size
  
  8KB
- MD5
  
  b77b52b21f44a30643f800322c78f9f9
- SHA1
  
  ebac376fd59c5dcfae5e92d4b6a58498b2667ccc
- SHA256
  
  19643abf5047635e3d9a81f94bbf2b7e0ea6d2631d0beaace56511692acf6e14
- SHA512
  
  024677bebe507ada5e3dfec325c8009de104c4b92e97c91a666c9d94f9307dfdd987e08a23454775689a6ded5446b82775ea30dfe0a2ae39070c819eac496640
- SSDEEP
  
  192:rtEo+PaO5y7QPOqzFdkNGa/DdLFXxhMIdP3ncKMuxLNJTECFq:xR+S4y7QPOqzXkN7/hFXxhMId/ncKMu2
Score

3^/10
behavioral23
- Target
  
  x64/WinUiBootstrapper.dll
- Size
  
  896KB
- MD5
  
  290538fceae682f2cfc3580e01fa7d28
- SHA1
  
  12df9dc416d48f90a5ee5648abd1479dcc5dc327
- SHA256
  
  c0cfd5ecd4fa7c78eee91c4a2e7963e805513a88ad376772108b9b0c54bb8551
- SHA512
  
  089986cfe48fbdc889322796d5b5721b0c5065cfde72516e3fb35024bbe5c3ed098c6b7dc0c459af732f96bc2f67c95435f6d9cbcd8941ac18b83ee54b27321b
- SSDEEP
  
  24576:MpiGSL76HSy+SqfyJFE0yD3VDPItrsRmPrAF6dGUO9T:Mpj2GHSy+SqfyJFE0yD3VDPIhsAPrA4Q
Score

1^/10
behavioral24
- Target
  
  x64/api-ms-win-core-console-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  0909e61c8c9c717976828f65c987e5f9
- SHA1
  
  b5affabb8afda55ebb1f404edab69c6c239affe6
- SHA256
  
  03ffdb036329a25beacf905d62611a13e3dfdda6cbd2d13af830258e8cf40ec0
- SHA512
  
  7f78746e40da64631c08d0e173fbdeb40beed180932b42382d9f3ac0cdb4348d2a5b1c29770bb98f5d4823cfd66ecac2285afbcaf109f82c8b75c7711f10c49d
- SSDEEP
  
  192:+OAWAhWeW4pICSjRof0cVWQ4GW/gYbOEU+9YX01k9z3AWB2c:+jWAhW82xlcdUOQGR9zBB2c
Score

1^/10
behavioral25
- Target
  
  x64/resources.pri
- Size
  
  18.1MB
- MD5
  
  a8f7e2fcf6f25deda490420986e35222
- SHA1
  
  701e82e4cf947561b285c4495257c823822f8d42
- SHA256
  
  c60ee9c423961973a894def6b97b1f27da56d37a8b01bfb6b43bf4ba6b498444
- SHA512
  
  345c6117f56f3262482f5ad290225a447f0e6dd36bdc13a176317827a896c0295e188235098204f92294f6a1a00d714cb6ed97424c2e0068ea5113a4e739eac8
- SSDEEP
  
  49152:P8qSZLqlymyNakfr14+frAEnEHowTHbd74LUjCdp0Lodaa2ndFa9Suz:01gHa
Score

3^/10
behavioral26
- Target
  
  x86/App.xbf
- Size
  
  1KB
- MD5
  
  fc6f983b839f1d0702c0d40f107313fb
- SHA1
  
  f0987f6305ff7b0e8d2b625ef5ad8fb5b0ce4081
- SHA256
  
  358b9f84ed4326fc989fb70f5d6d17e8e268eabb476b9e3ef6270872b00189f3
- SHA512
  
  f7e2b98d9898a99a14bb32d0ad478c0ea4d9713eb4424c0b1525d5e37855ed9f835db678d3ff590eaadf437c408d4a740eb3676adcee822d73a4c0e167b8e6f3
Score

3^/10
behavioral27
- Target
  
  x86/MessagesList.xbf
- Size
  
  5KB
- MD5
  
  5a9832f672525972d22174f116ed093c
- SHA1
  
  df2c9bb51e069b61ce565e32f34a0dc2be3beea1
- SHA256
  
  c5724f6671b6c249de3117ff7c51e10eb9e4e01af9d16174796b1b47956da046
- SHA512
  
  34d3a9e7a57d1c630d22ec31fd44ec33f510dd017441bcc8afde5dcfcaac3933dd624adf2e43412e965222805892b68e6d707db3db84f0254af074c5848e94f2
- SSDEEP
  
  96:qk6Xah8hO8D8Ows2DSGcDVkuKTlv12B19hHfzTN16/1e43ByZyaBoH1UlK2fK2qY:f6XTFqMyLif43QZy6oH1UlK2fK2qK5L/
Score

3^/10
behavioral28
- Target
  
  x86/Repackager.VisualElementsManifest.xml
- Size
  
  252B
- MD5
  
  bcf3b44f1bb63ee4d851e7e447d4122d
- SHA1
  
  22c39f88bca33353ac57c83f8cd144e5a99a4441
- SHA256
  
  1cf413e8a073162dfb9ea5e82230949bb52c66b19e591a5ce18dfa36b4676838
- SHA512
  
  aee62b9c7a5fb494d19f163c27aec1c849ae074e67e8607e8401d26da9b127b55e0a1e05d244764601a065e1daf59635376f876b91215dd545b1457584eb9c41
Score

1^/10
behavioral29
- Target
  
  x86/StartPage.xbf
- Size
  
  15KB
- MD5
  
  c3bc92594ab0223ddf6509529853bfa9
- SHA1
  
  3f25e6c5ac15568a5929cb2009c1774defa1c4c6
- SHA256
  
  59ce1bd2f1e4f35c9752ca54bb0087ccbedd55c7d988f5812fe7fbefc3582694
- SHA512
  
  96067de31bf3f0faea24c04608246ecdaaccd98cf5f5499394c95e1ca7a97f706ce9b5862532345c624febd787af2d3444766007d1f433b4000e96d38c4014dd
- SSDEEP
  
  384:qERHcwgq02ejStqXsVFy7QPOxTNVd6rp6GDGyJKBBOL/tMKCgK/zbUop:HS2ejStqXsVFy7QPOxTNVOvDGyJKBECv
Score

3^/10
behavioral30
- Target
  
  x86/sccm.VisualElementsManifest.xml
- Size
  
  252B
- MD5
  
  fda203e4ddb4bd1e52d8c78af8fd154f
- SHA1
  
  7add61d3e34ba067f16aa1e00c9457b508f6d372
- SHA256
  
  a0d97ec25c0858a28979b7dab0361d3fbd23f914dab9ab93d8500878e0d7f24d
- SHA512
  
  2966c6a8133d169fbb7937a775bc20e300234397d9e42526fd54faa55df141043f4ac650dd4cb0473400497ad5434945502fa3eb9c657f57b51be433e44275f9
Score

1^/10
behavioral31
- Target
  
  x86/updater.ini
- Size
  
  267B
- MD5
  
  6499b6ec03c720c897b9bbe4cada2647
- SHA1
  
  4b85d520ad8aa77c5df4cdc5b4b9669b205ff354
- SHA256
  
  edd1a68585ebac3872b7ab0a085b0a5c92f58f7dc59b926b6c647cc172f69ac4
- SHA512
  
  eda8e07e04ac8b1b300f907a10fe6294d8bcff16d7aecdc3da36be6efd29aeda022a0428f1a31837eea19202bd5e559f3f19c541b4aa22dfce313aed8f1a0d69
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Checks BIOS information in registry

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32