General
-
Target
9de12a0eecc54548338319c106bb77ca5496c1aedc293d22dc994eb61b9dd984
-
Size
35.1MB
-
Sample
240522-bh5ltsfe75
-
MD5
b07dee479dd11163d584db2aa86e9c45
-
SHA1
2394974e832831f0c9a3e38fe3706cf7e2c2fa94
-
SHA256
9de12a0eecc54548338319c106bb77ca5496c1aedc293d22dc994eb61b9dd984
-
SHA512
597268d6a37f9edaf45d10e97b7e23fa5da2f8c2b1af58921474f1b2bc87e79e323870153df34a488761c1475f531d2fa1b4c7fc86723a95c629713a5946a421
-
SSDEEP
786432:Wlw27h2QVu9cCct5rB9rIX9gW6cnzELhEe2x53gp7fq2xX:WlLA+ptO2Cnne2xU7fq2
Behavioral task
behavioral1
Sample
9de12a0eecc54548338319c106bb77ca5496c1aedc293d22dc994eb61b9dd984.msi
Resource
win7-20240419-es
Malware Config
Extracted
https://opensun.monster/1305.bs64
Targets
-
-
Target
9de12a0eecc54548338319c106bb77ca5496c1aedc293d22dc994eb61b9dd984
-
Size
35.1MB
-
MD5
b07dee479dd11163d584db2aa86e9c45
-
SHA1
2394974e832831f0c9a3e38fe3706cf7e2c2fa94
-
SHA256
9de12a0eecc54548338319c106bb77ca5496c1aedc293d22dc994eb61b9dd984
-
SHA512
597268d6a37f9edaf45d10e97b7e23fa5da2f8c2b1af58921474f1b2bc87e79e323870153df34a488761c1475f531d2fa1b4c7fc86723a95c629713a5946a421
-
SSDEEP
786432:Wlw27h2QVu9cCct5rB9rIX9gW6cnzELhEe2x53gp7fq2xX:WlLA+ptO2Cnne2xU7fq2
-
Detects common strings, DLL and API in Banker_BR
Hunting by known PDB files - Trojan Banker LATAM.
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-