Overview

overview

10

Static

static

1

2024-05-12...ia.exe

windows7-x64

10

2024-05-12...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-12_85ba39600315e784d159e278d0d9088e_mafia

  • Size

    2.9MB

  • Sample

    240512-nskevsgc69

  • MD5

    85ba39600315e784d159e278d0d9088e

  • SHA1

    4c5a7ec25c5de383a11ac963ce17c0b438e370d3

  • SHA256

    a624ed5d8480d4a462ada28966364e8d3f58bca95a31827773aa3c79bb27ef65

  • SHA512

    d3ce015755019ccfb5993fe6b947b39c86f36a846bf1b599bb2e4d1f2525b9fbca98ded3701e40834bdc5b486686c5d452f8d06d0973193b8855fe31c670ce3c

  • SSDEEP

    49152:BArprNIIL2oT8we5x8qWNLrdrAoWH2mCK+/9z+KL0jhGGNKNA/QXHboxXXzs:BArFNywe52VphPmw5lHP0tXzs

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-05-12_85ba39600315e784d159e278d0d9088e_mafia

    • Size

      2.9MB

    • MD5

      85ba39600315e784d159e278d0d9088e

    • SHA1

      4c5a7ec25c5de383a11ac963ce17c0b438e370d3

    • SHA256

      a624ed5d8480d4a462ada28966364e8d3f58bca95a31827773aa3c79bb27ef65

    • SHA512

      d3ce015755019ccfb5993fe6b947b39c86f36a846bf1b599bb2e4d1f2525b9fbca98ded3701e40834bdc5b486686c5d452f8d06d0973193b8855fe31c670ce3c

    • SSDEEP

      49152:BArprNIIL2oT8we5x8qWNLrdrAoWH2mCK+/9z+KL0jhGGNKNA/QXHboxXXzs:BArFNywe52VphPmw5lHP0tXzs

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks