Overview

overview

10

Static

static

1

89d05bd339...2f.exe

windows7-x64

10

89d05bd339...2f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    89d05bd33959bd1b52b84b6fb8cddc8e055878fd5060b30aea33185a30c0ae2f

  • Size

    2.9MB

  • Sample

    240709-3wagdstckj

  • MD5

    b3250fec284ea6e259aa4fe31380bce4

  • SHA1

    cd9d85fae533ca228208a4d4c2812024aafe8de3

  • SHA256

    89d05bd33959bd1b52b84b6fb8cddc8e055878fd5060b30aea33185a30c0ae2f

  • SHA512

    6759aa4fcf8d4bd067193cb64de6d771c288ff5d357c483020dddfc28ccba041043a3b0f5eab65609f832313c3d0e4403723b51f6db25e6094a0d8584891c46c

  • SSDEEP

    49152:N+NHIXk2ffO6TUonePQEvmIOXE0sK2mCK+rXDs22UY4gEq16AvuTG9t2er:N+NoXfConMRu16mYzR/YF168uet2i

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      89d05bd33959bd1b52b84b6fb8cddc8e055878fd5060b30aea33185a30c0ae2f

    • Size

      2.9MB

    • MD5

      b3250fec284ea6e259aa4fe31380bce4

    • SHA1

      cd9d85fae533ca228208a4d4c2812024aafe8de3

    • SHA256

      89d05bd33959bd1b52b84b6fb8cddc8e055878fd5060b30aea33185a30c0ae2f

    • SHA512

      6759aa4fcf8d4bd067193cb64de6d771c288ff5d357c483020dddfc28ccba041043a3b0f5eab65609f832313c3d0e4403723b51f6db25e6094a0d8584891c46c

    • SSDEEP

      49152:N+NHIXk2ffO6TUonePQEvmIOXE0sK2mCK+rXDs22UY4gEq16AvuTG9t2er:N+NoXfConMRu16mYzR/YF168uet2i

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks