General
-
Target
31de1d1f8b809755775ef7064d6dfd2d8433756c82edae8862c84b4b822c4b1a
-
Size
22.5MB
-
Sample
240524-qaz4psed3w
-
MD5
c2d9c997a03a4d9fe786f484e2a720c8
-
SHA1
727f6b71a79e57008799dd25616af036d58d9e93
-
SHA256
31de1d1f8b809755775ef7064d6dfd2d8433756c82edae8862c84b4b822c4b1a
-
SHA512
a504b4b9278d5daf5b4bbb1b991b8044bb857075bbc6f7f839f7535b04171d18c22fe7c308a51f2dc0e8cf701ecaf7daa18d0e869c7962a51c93bfa26999a96d
-
SSDEEP
393216:rfwpJKaB9QEyLiZWGGpNmUwXTGH8L6O5oBvM18+fQuQY68WR3tgFJHciJ:DR5+ZlxUKTOO5sA8mQiB63iHrJ
Malware Config
Targets
-
-
Target
31de1d1f8b809755775ef7064d6dfd2d8433756c82edae8862c84b4b822c4b1a
-
Size
22.5MB
-
MD5
c2d9c997a03a4d9fe786f484e2a720c8
-
SHA1
727f6b71a79e57008799dd25616af036d58d9e93
-
SHA256
31de1d1f8b809755775ef7064d6dfd2d8433756c82edae8862c84b4b822c4b1a
-
SHA512
a504b4b9278d5daf5b4bbb1b991b8044bb857075bbc6f7f839f7535b04171d18c22fe7c308a51f2dc0e8cf701ecaf7daa18d0e869c7962a51c93bfa26999a96d
-
SSDEEP
393216:rfwpJKaB9QEyLiZWGGpNmUwXTGH8L6O5oBvM18+fQuQY68WR3tgFJHciJ:DR5+ZlxUKTOO5sA8mQiB63iHrJ
Score10/10-
Detects common strings, DLL and API in Banker_BR
Hunting by known PDB files - Trojan Banker LATAM.
-
Hunting by known EXPORT - Trojan Banker LATAM.
Hunting by known EXPORT - Trojan Banker LATAM.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-