banload | 80cf65a80c75a5a31c280588d292888aebfe6a98a60a4a54d57b7f91562369ca | Triage

Sharing

General

Target

80cf65a80c75a5a31c280588d292888aebfe6a98a60a4a54d57b7f91562369ca
Size

6.1MB
Sample

241004-tr9k9ayare
MD5

2a76bc075546653076bff642720a7d93
SHA1

f84697fec682679b12291e8f00f47a92869e7a9a
SHA256

80cf65a80c75a5a31c280588d292888aebfe6a98a60a4a54d57b7f91562369ca
SHA512

156e5d65b66d23d0de617872c3ab1175c9be604c40be778e335e88b957d93ac7bbdfef2cdd55eae2a00cc926029298e53936f0612f4d8987ec90d0eaa29a38bd
SSDEEP

98304:TQbRA+IWO7uVWuDnu0VXcEKQfsUpvzx+2pgmnxyt/m:MA+i69DfB1KQfLpvzgmnxO/m

Score

10^/10

banload downloader dropper persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  80cf65a80c75a5a31c280588d292888aebfe6a98a60a4a54d57b7f91562369ca
- Size
  
  6.1MB
- MD5
  
  2a76bc075546653076bff642720a7d93
- SHA1
  
  f84697fec682679b12291e8f00f47a92869e7a9a
- SHA256
  
  80cf65a80c75a5a31c280588d292888aebfe6a98a60a4a54d57b7f91562369ca
- SHA512
  
  156e5d65b66d23d0de617872c3ab1175c9be604c40be778e335e88b957d93ac7bbdfef2cdd55eae2a00cc926029298e53936f0612f4d8987ec90d0eaa29a38bd
- SSDEEP
  
  98304:TQbRA+IWO7uVWuDnu0VXcEKQfsUpvzx+2pgmnxyt/m:MA+i69DfB1KQfLpvzgmnxO/m
Score

10^/10

banload downloader dropper persistence privilege_escalation trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperpersistenceprivilege_escalationtrojan

behavioral2

banloaddownloaderdropperpersistenceprivilege_escalationtrojan