Overview

overview

10

Static

static

3

28a1789195...3b.exe

windows7-x64

10

28a1789195...3b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28a1789195be417e744d4f3cb81dc3b1e23330be91def9c1b5f1619bde2e223b.exe

  • Size

    3.0MB

  • Sample

    241006-p7v1kszane

  • MD5

    fafe5e511d3f03ff20d604be5fe6c295

  • SHA1

    159bc4986b21677430c6fcdc9fb89f4473099fb8

  • SHA256

    28a1789195be417e744d4f3cb81dc3b1e23330be91def9c1b5f1619bde2e223b

  • SHA512

    a2c09a957c2464e2f41efee9f45f3937b6f882a805ff4df77a0b9a131a8d95c4e1aba6480cc2b16c88b1c635b95266fbe928e9bafc3b3cf50f59b54aa1026073

  • SSDEEP

    49152:oVU9z/GWnXTQs1z1ng1HtMyMpy7Q+nnR2SI7CZVzv0Ozc7DHi/w6AN:oVUxGGrngvPWGQsnDI7CZVrgnHi/fs

Score
10/10
banloaddiscoverydownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      28a1789195be417e744d4f3cb81dc3b1e23330be91def9c1b5f1619bde2e223b.exe

    • Size

      3.0MB

    • MD5

      fafe5e511d3f03ff20d604be5fe6c295

    • SHA1

      159bc4986b21677430c6fcdc9fb89f4473099fb8

    • SHA256

      28a1789195be417e744d4f3cb81dc3b1e23330be91def9c1b5f1619bde2e223b

    • SHA512

      a2c09a957c2464e2f41efee9f45f3937b6f882a805ff4df77a0b9a131a8d95c4e1aba6480cc2b16c88b1c635b95266fbe928e9bafc3b3cf50f59b54aa1026073

    • SSDEEP

      49152:oVU9z/GWnXTQs1z1ng1HtMyMpy7Q+nnR2SI7CZVzv0Ozc7DHi/w6AN:oVUxGGrngvPWGQsnDI7CZVrgnHi/fs

    Score
    10/10
    banloaddiscoverydownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks