Overview

overview

10

Static

static

1

e5936e7fcb...4f.exe

windows7-x64

10

e5936e7fcb...4f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e5936e7fcbfc65fdd89d15f767792e86e347df8f0102fff19456a2b344b7334f

  • Size

    2.2MB

  • Sample

    240727-frf22syfrk

  • MD5

    77b2ca092d42a1057be765f0963b280c

  • SHA1

    809de147ef849a6690da7cb4a9af8d2bf8f2820b

  • SHA256

    e5936e7fcbfc65fdd89d15f767792e86e347df8f0102fff19456a2b344b7334f

  • SHA512

    a814670afb5c5f32e2fffba1aa3a0083408446301835d11aa01a75545a05d6e4521e64a61820eabc7829e245651b8ad84ca98767ab846b2186c95b3e014a2ff4

  • SSDEEP

    24576:WgMEMOczkzcoFtg3Vakc2hGWvETCTAjPC/SqfZzdaYJRTZQIqmIMyg9VTkpb76uk:AEvcetZavETIA7FkUYJStMyMpy7SN

Score
10/10
banloaddiscoverydownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      e5936e7fcbfc65fdd89d15f767792e86e347df8f0102fff19456a2b344b7334f

    • Size

      2.2MB

    • MD5

      77b2ca092d42a1057be765f0963b280c

    • SHA1

      809de147ef849a6690da7cb4a9af8d2bf8f2820b

    • SHA256

      e5936e7fcbfc65fdd89d15f767792e86e347df8f0102fff19456a2b344b7334f

    • SHA512

      a814670afb5c5f32e2fffba1aa3a0083408446301835d11aa01a75545a05d6e4521e64a61820eabc7829e245651b8ad84ca98767ab846b2186c95b3e014a2ff4

    • SSDEEP

      24576:WgMEMOczkzcoFtg3Vakc2hGWvETCTAjPC/SqfZzdaYJRTZQIqmIMyg9VTkpb76uk:AEvcetZavETIA7FkUYJStMyMpy7SN

    Score
    10/10
    banloaddiscoverydownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks