banload | 6638d51ef7b2b2dd01d194c54c0b3a200b4f377ca732a32635efb2b94dd1b118 | Triage

Sharing

General

Target

2024-06-02_a280787ea0ab08e855b027406c8e095f_magniber
Size

5.1MB
Sample

240602-nnr9xabf4x
MD5

a280787ea0ab08e855b027406c8e095f
SHA1

e77c7073747661cedec1ca51f3dae6a51037ffb5
SHA256

6638d51ef7b2b2dd01d194c54c0b3a200b4f377ca732a32635efb2b94dd1b118
SHA512

14836d08355e9e820a0169bbb02e0d49289a638cffb216e45d3876efdf4ba907794e4fe03d0c96a709180d6172edf12eba3abd8842deb9402a34d3cf39c2cbbe
SSDEEP

98304:0MU0LIwN9Dy9wPH4kEWM2BvXKfD2Gn7e3bn4BjoT:0MU0zN9DyCwkEaBvaf1ks0

Score

10^/10

banload downloader dropper evasion trojan

Malware Config

Targets

- Target
  
  2024-06-02_a280787ea0ab08e855b027406c8e095f_magniber
- Size
  
  5.1MB
- MD5
  
  a280787ea0ab08e855b027406c8e095f
- SHA1
  
  e77c7073747661cedec1ca51f3dae6a51037ffb5
- SHA256
  
  6638d51ef7b2b2dd01d194c54c0b3a200b4f377ca732a32635efb2b94dd1b118
- SHA512
  
  14836d08355e9e820a0169bbb02e0d49289a638cffb216e45d3876efdf4ba907794e4fe03d0c96a709180d6172edf12eba3abd8842deb9402a34d3cf39c2cbbe
- SSDEEP
  
  98304:0MU0LIwN9Dy9wPH4kEWM2BvXKfD2Gn7e3bn4BjoT:0MU0zN9DyCwkEaBvaf1ks0
Score

10^/10

banload downloader dropper evasion trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperevasiontrojan

behavioral2

banloaddownloaderdropperevasiontrojan