Overview

overview

10

Static

static

1

2024-05-17...ia.exe

windows7-x64

10

2024-05-17...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-17_8d08fe4b4b19aa9dead8b9c14a5f1f2b_mafia

  • Size

    2.8MB

  • Sample

    240517-c8631sdg3z

  • MD5

    8d08fe4b4b19aa9dead8b9c14a5f1f2b

  • SHA1

    8afbd0fdcc0323698422635d8ec6a117aeed9654

  • SHA256

    26c15c5769e117198b05b15341589a39d5bcb6f74ae7238c632461dad7e2a980

  • SHA512

    acd0e9eda457b7d37b177859d2dbd62aa7a87762bb3ff3d3e0e94ce95be62f388ba47439f9e73792a0aed00eb5ee5a6ccc123acac2885385b3b5e9eb0b5bea03

  • SSDEEP

    49152:f+NnIHUmauqTCpzUgHztSoe9APObr2mCK+lZOtFXVg3n9uA8Glsit+2:f+NIH7pzUix7cWm2stFXGXkA9iitT

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-05-17_8d08fe4b4b19aa9dead8b9c14a5f1f2b_mafia

    • Size

      2.8MB

    • MD5

      8d08fe4b4b19aa9dead8b9c14a5f1f2b

    • SHA1

      8afbd0fdcc0323698422635d8ec6a117aeed9654

    • SHA256

      26c15c5769e117198b05b15341589a39d5bcb6f74ae7238c632461dad7e2a980

    • SHA512

      acd0e9eda457b7d37b177859d2dbd62aa7a87762bb3ff3d3e0e94ce95be62f388ba47439f9e73792a0aed00eb5ee5a6ccc123acac2885385b3b5e9eb0b5bea03

    • SSDEEP

      49152:f+NnIHUmauqTCpzUgHztSoe9APObr2mCK+lZOtFXVg3n9uA8Glsit+2:f+NIH7pzUix7cWm2stFXGXkA9iitT

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks