Overview

overview

10

Static

static

1

2024-08-05...ia.exe

windows7-x64

10

2024-08-05...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-05_b7c62d45df5e06226066bbdd0dcd3092_mafia

  • Size

    2.5MB

  • Sample

    240805-x8qfgszcqg

  • MD5

    b7c62d45df5e06226066bbdd0dcd3092

  • SHA1

    4a7d2d8abe6bd9ae1e2bb84ad206c6abfb8b884f

  • SHA256

    214f3aab13b7cd418dc06e76f83126cd3fdc4cae7faa5329614af6690dbd8f9e

  • SHA512

    8cea06e8e0e7894ed5545c45ace2819c4f439c6c9c34acc660d94876f72afbab4f529f26160956745405f3fc88547628242655f55f086bd2b9f0ebee7f2dd640

  • SSDEEP

    49152:gLKZiynl92hORTSqrYALc8jeJqpjR3joQBimxIBv145dC3:gLa3nQ0YCOUjRDBikIBdaA3

Score
10/10
banloaddiscoverydownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-08-05_b7c62d45df5e06226066bbdd0dcd3092_mafia

    • Size

      2.5MB

    • MD5

      b7c62d45df5e06226066bbdd0dcd3092

    • SHA1

      4a7d2d8abe6bd9ae1e2bb84ad206c6abfb8b884f

    • SHA256

      214f3aab13b7cd418dc06e76f83126cd3fdc4cae7faa5329614af6690dbd8f9e

    • SHA512

      8cea06e8e0e7894ed5545c45ace2819c4f439c6c9c34acc660d94876f72afbab4f529f26160956745405f3fc88547628242655f55f086bd2b9f0ebee7f2dd640

    • SSDEEP

      49152:gLKZiynl92hORTSqrYALc8jeJqpjR3joQBimxIBv145dC3:gLa3nQ0YCOUjRDBikIBdaA3

    Score
    10/10
    banloaddiscoverydownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks