General
-
Target
MICROSOFT .NET FRAMEWORK -6650a74272b9a.zip
-
Size
18.7MB
-
Sample
240524-r27hjahg93
-
MD5
39da5e31e1293ad6b35629f7be9e5bda
-
SHA1
da7d4babaedbbaf00b355884130311a0514b936d
-
SHA256
10af3efd0851093bbfc56aa03ba7d2bc28c500f2ebdea01292d591d377c459de
-
SHA512
f4b27a535612b94ef1dec704bba8df7943868183d17b0ae8fbd1e57a910fa4e5f58ed327a7e9eeeb83c8be48663309076b16e8932946ad236a55f50513a6b061
-
SSDEEP
393216:9goxXKKLxgcSbW3AqmXjmOUsd8LzqrP/fBfd9yzO4kZwgcgBvA:9kP7a3hxOBd82XBeKagcgpA
Behavioral task
behavioral1
Sample
HomeDesk.msi
Resource
win7-20240215-es
Behavioral task
behavioral2
Sample
HomeDesk.msi
Resource
win10v2004-20240226-es
Malware Config
Targets
-
-
Target
HomeDesk.msi
-
Size
19.5MB
-
MD5
a6c23b2846b76a423eef4a5cf25e834f
-
SHA1
bef30ddb5e74e5078847b1f9dfef573f82f63c26
-
SHA256
d3416342f6a3b32604b783995845df8e24e3e98cffaac755d2292d20504a839f
-
SHA512
d648fad3216f1b1ba2d9b9124054a4766e48cd3c0e57252af11f679eebe1f308b86e7558b5f82c48b0287d5049515504fe379b242d540d835a6f8d080f2556cf
-
SSDEEP
393216:dvEwpJKaB9QEyLiZWGGpNmOQ+Ji5FEFhJfnRx96dOuMNIKMgTl:doR5+ZlxODJiONncg6KMgJ
Score10/10-
Detects common strings, DLL and API in Banker_BR
Hunting by known PDB files - Trojan Banker LATAM.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-