banload | ac7b90d19ef7c8f77021a7f140ce75501f0bb1bde41a18d3ac84b04769adaabe | Triage

Sharing

General

Target

ac7b90d19ef7c8f77021a7f140ce75501f0bb1bde41a18d3ac84b04769adaabe
Size

4.1MB
Sample

240515-2s2k2agb5x
MD5

2b829ad0e1e0031969784cc7c6cbdc5d
SHA1

8f5aced73f37a7d5f57b1024cf9b5e31fe5768d9
SHA256

ac7b90d19ef7c8f77021a7f140ce75501f0bb1bde41a18d3ac84b04769adaabe
SHA512

b815b3c5648fb112128b91052a87db4789e30a6c8ced2a72420ccf74a5596a454d590f762240fd7e479267066348cc553559dd81e795978462dd7a21621497af
SSDEEP

98304:G1Gvxi6aKslp2jqPtQAsBVRZVvoI+j1ISE61AcdE61AcE:G1G53aKj4kJHajbnjnu

Score

10^/10

banload downloader dropper evasion trojan

Malware Config

Targets

- Target
  
  ac7b90d19ef7c8f77021a7f140ce75501f0bb1bde41a18d3ac84b04769adaabe
- Size
  
  4.1MB
- MD5
  
  2b829ad0e1e0031969784cc7c6cbdc5d
- SHA1
  
  8f5aced73f37a7d5f57b1024cf9b5e31fe5768d9
- SHA256
  
  ac7b90d19ef7c8f77021a7f140ce75501f0bb1bde41a18d3ac84b04769adaabe
- SHA512
  
  b815b3c5648fb112128b91052a87db4789e30a6c8ced2a72420ccf74a5596a454d590f762240fd7e479267066348cc553559dd81e795978462dd7a21621497af
- SSDEEP
  
  98304:G1Gvxi6aKslp2jqPtQAsBVRZVvoI+j1ISE61AcdE61AcE:G1G53aKj4kJHajbnjnu
Score

10^/10

banload downloader dropper evasion trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperevasiontrojan

behavioral2

banloaddownloaderdropperevasiontrojan