Overview

overview

10

Static

static

1

2024-08-05...ia.exe

windows7-x64

10

2024-08-05...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-05_c07ad17a2ce868e7013de26741fccb42_mafia

  • Size

    2.7MB

  • Sample

    240805-wketeatdlj

  • MD5

    c07ad17a2ce868e7013de26741fccb42

  • SHA1

    11615b3f51aaf2d6f7eb9e799c90c62b8fa21537

  • SHA256

    ff26a8fe142b16d6dadd42f5a5fe2cad2376ae5fc86813713c0f3105edab260d

  • SHA512

    8da96caa597ddf4f9c27306e282ddc1c0b924a83251754ee6399e1efde9c22cb50fc9dd7bedfda66b14ee9fe8b00fdda1249b058b6571de50a5af74efdfe6257

  • SSDEEP

    49152:5NGQ1VIryPRMjKYTJkYtnEkZTKuLPClR3joQBEE3pfmoY:5NGQ1Vm+ROHnx56lRDBE+pXY

Score
10/10
banloaddiscoverydownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-08-05_c07ad17a2ce868e7013de26741fccb42_mafia

    • Size

      2.7MB

    • MD5

      c07ad17a2ce868e7013de26741fccb42

    • SHA1

      11615b3f51aaf2d6f7eb9e799c90c62b8fa21537

    • SHA256

      ff26a8fe142b16d6dadd42f5a5fe2cad2376ae5fc86813713c0f3105edab260d

    • SHA512

      8da96caa597ddf4f9c27306e282ddc1c0b924a83251754ee6399e1efde9c22cb50fc9dd7bedfda66b14ee9fe8b00fdda1249b058b6571de50a5af74efdfe6257

    • SSDEEP

      49152:5NGQ1VIryPRMjKYTJkYtnEkZTKuLPClR3joQBEE3pfmoY:5NGQ1Vm+ROHnx56lRDBE+pXY

    Score
    10/10
    banloaddiscoverydownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks