General
-
Target
2024-08-29_817d12905c68476ac619c7bb649ae1d7_mafia
-
Size
9.5MB
-
Sample
240829-hdadfszerp
-
MD5
817d12905c68476ac619c7bb649ae1d7
-
SHA1
f8633d2239a3c11ba5030d5cee08561241ed4746
-
SHA256
a09da6dcf5a056cdf686fb89d9dc593bedb6bccd9a055c68a99a9ef1c5193d10
-
SHA512
8e77817a34937b9fabd25cdc51759f5c7713e712d1233f92add09a95169c358b21944f387b7f8474121819b250107e06f6eb47c35ba00317a5ec87ca2b38da3a
-
SSDEEP
196608:tpJsv6tWKFdu9C047xfMzlPBMtsyF7/TBP06/VGQLnRqBtL6e:tpJsv6tWKFdu9CvFfMzlPBMtl/TBPdRy
Malware Config
Targets
-
-
Target
2024-08-29_817d12905c68476ac619c7bb649ae1d7_mafia
-
Size
9.5MB
-
MD5
817d12905c68476ac619c7bb649ae1d7
-
SHA1
f8633d2239a3c11ba5030d5cee08561241ed4746
-
SHA256
a09da6dcf5a056cdf686fb89d9dc593bedb6bccd9a055c68a99a9ef1c5193d10
-
SHA512
8e77817a34937b9fabd25cdc51759f5c7713e712d1233f92add09a95169c358b21944f387b7f8474121819b250107e06f6eb47c35ba00317a5ec87ca2b38da3a
-
SSDEEP
196608:tpJsv6tWKFdu9C047xfMzlPBMtsyF7/TBP06/VGQLnRqBtL6e:tpJsv6tWKFdu9CvFfMzlPBMtl/TBPdRy
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-