banload | d596262efab34d7f5a682e38ef17b92eb719b14e5f95215ba781d73ea57889e2 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

2024-06-03...er.exe

windows7-x64

2024-06-03...er.exe

windows10-2004-x64

Sharing

General

Target

2024-06-03_e44f55a2d7aadbe34e7b10729f9cffb6_mafia_magniber
Size

6.1MB
Sample

240603-n6rq4adg3v
MD5

e44f55a2d7aadbe34e7b10729f9cffb6
SHA1

b8b26b6f74df9b668e06fdd2eb43b7ac455bda77
SHA256

d596262efab34d7f5a682e38ef17b92eb719b14e5f95215ba781d73ea57889e2
SHA512

e0e16b687fd83ab7de6c5f6cc96fbc88edc75faecd2686565573b48a650f9176320491c48ccc60ee4655278f6e6ae24a17565e3ef223a0f776db946662b794d8
SSDEEP

98304:38Guubg9FJTeTdqHSzRmz1bOL+PnXcw799bYO8mMcuNFLOAkGkzdnEVomFHKnP:38GYfJT7PnswZF8vcuNFLOyomFHKnP

Score

10^/10

banload downloader dropper evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-06-03_e44f55a2d7aadbe34e7b10729f9cffb6_mafia_magniber.exe

Resource

win7-20240221-en

banload downloader dropper evasion trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-06-03_e44f55a2d7aadbe34e7b10729f9cffb6_mafia_magniber.exe

Resource

win10v2004-20240426-en

banload downloader dropper evasion trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-06-03_e44f55a2d7aadbe34e7b10729f9cffb6_mafia_magniber
- Size
  
  6.1MB
- MD5
  
  e44f55a2d7aadbe34e7b10729f9cffb6
- SHA1
  
  b8b26b6f74df9b668e06fdd2eb43b7ac455bda77
- SHA256
  
  d596262efab34d7f5a682e38ef17b92eb719b14e5f95215ba781d73ea57889e2
- SHA512
  
  e0e16b687fd83ab7de6c5f6cc96fbc88edc75faecd2686565573b48a650f9176320491c48ccc60ee4655278f6e6ae24a17565e3ef223a0f776db946662b794d8
- SSDEEP
  
  98304:38Guubg9FJTeTdqHSzRmz1bOL+PnXcw799bYO8mMcuNFLOAkGkzdnEVomFHKnP:38GYfJT7PnswZF8vcuNFLOyomFHKnP
Score

10^/10

banload downloader dropper evasion trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperevasiontrojan

behavioral2

banloaddownloaderdropperevasiontrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.