Behavioral task
behavioral1
Sample
HomeDesk.msi
Resource
win7-20240215-es
12 signatures
150 seconds
Behavioral task
behavioral2
Sample
HomeDesk.msi
Resource
win10v2004-20240226-es
14 signatures
150 seconds
General
-
Target
MICROSOFT .NET FRAMEWORK -6650a74272b9a.zip
-
Size
18.7MB
-
MD5
39da5e31e1293ad6b35629f7be9e5bda
-
SHA1
da7d4babaedbbaf00b355884130311a0514b936d
-
SHA256
10af3efd0851093bbfc56aa03ba7d2bc28c500f2ebdea01292d591d377c459de
-
SHA512
f4b27a535612b94ef1dec704bba8df7943868183d17b0ae8fbd1e57a910fa4e5f58ed327a7e9eeeb83c8be48663309076b16e8932946ad236a55f50513a6b061
-
SSDEEP
393216:9goxXKKLxgcSbW3AqmXjmOUsd8LzqrP/fBfd9yzO4kZwgcgBvA:9kP7a3hxOBd82XBeKagcgpA
Score
10/10
Malware Config
Signatures
-
Detects common strings, DLL and API in Banker_BR 1 IoCs
Hunting by known PDB files - Trojan Banker LATAM.
Processes:
resource yara_rule static1/unpack001/HomeDesk.msi Detect_MSI_LATAM_Banker_From_LatAm
Files
-
MICROSOFT .NET FRAMEWORK -6650a74272b9a.zip.zip
-
HomeDesk.msi.msi