General
-
Target
01a888677b3451748982fca9cfc80d45b5f9ea851312aac42bb68f517ad32c94N
-
Size
5.6MB
-
Sample
241002-vatzxawhpm
-
MD5
6b6eda5ab864b833886cd9513feada10
-
SHA1
9a95ea5a99db5147214687d0b20fe61a8cd898a7
-
SHA256
01a888677b3451748982fca9cfc80d45b5f9ea851312aac42bb68f517ad32c94
-
SHA512
8923b24c9e7f21fdb2f374a1dd0c03ce57c986e88a1b57a71e86be69526495e6096c37509658918312ac7474f6815e36caddfae3686caaaac7bd13f2cdf71d51
-
SSDEEP
98304:5mqJyrRC7XrIPWGnRFaR59cIZ/cSvojydv6:5m31CbUPBnGVZ/nJdS
Static task
static1
Behavioral task
behavioral1
Sample
01a888677b3451748982fca9cfc80d45b5f9ea851312aac42bb68f517ad32c94N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
01a888677b3451748982fca9cfc80d45b5f9ea851312aac42bb68f517ad32c94N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
01a888677b3451748982fca9cfc80d45b5f9ea851312aac42bb68f517ad32c94N
-
Size
5.6MB
-
MD5
6b6eda5ab864b833886cd9513feada10
-
SHA1
9a95ea5a99db5147214687d0b20fe61a8cd898a7
-
SHA256
01a888677b3451748982fca9cfc80d45b5f9ea851312aac42bb68f517ad32c94
-
SHA512
8923b24c9e7f21fdb2f374a1dd0c03ce57c986e88a1b57a71e86be69526495e6096c37509658918312ac7474f6815e36caddfae3686caaaac7bd13f2cdf71d51
-
SSDEEP
98304:5mqJyrRC7XrIPWGnRFaR59cIZ/cSvojydv6:5m31CbUPBnGVZ/nJdS
-
Banload
Banload variants download malicious files, then install and execute the files.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-