General
-
Target
c425f189beca29673ce641512c9c6ee273f466cead0245467012f647987565d5
-
Size
3.0MB
-
Sample
241201-djz4vavlfy
-
MD5
853e7e9d71c79cd7f5bb9b612d794c34
-
SHA1
223bc4139dc8f00ef85fd9785c1c79935673c803
-
SHA256
c425f189beca29673ce641512c9c6ee273f466cead0245467012f647987565d5
-
SHA512
430df80f5d7e662593acd1c32fc99ee8d4f6172af2f42844665d9bfe6eb2327145091b74b0d17100c73dcd7644593ccd5a9a8cbfdf4d710d327b2ae5331b59d6
-
SSDEEP
49152:RVvn8Q5CHCtE4jPTTm4uBLq9gtMyMpy7nEvV8u/kUHHkLZ9:RF8QUitE4iLqaPWGnEvS9Ei
Malware Config
Targets
-
-
Target
c425f189beca29673ce641512c9c6ee273f466cead0245467012f647987565d5
-
Size
3.0MB
-
MD5
853e7e9d71c79cd7f5bb9b612d794c34
-
SHA1
223bc4139dc8f00ef85fd9785c1c79935673c803
-
SHA256
c425f189beca29673ce641512c9c6ee273f466cead0245467012f647987565d5
-
SHA512
430df80f5d7e662593acd1c32fc99ee8d4f6172af2f42844665d9bfe6eb2327145091b74b0d17100c73dcd7644593ccd5a9a8cbfdf4d710d327b2ae5331b59d6
-
SSDEEP
49152:RVvn8Q5CHCtE4jPTTm4uBLq9gtMyMpy7nEvV8u/kUHHkLZ9:RF8QUitE4iLqaPWGnEvS9Ei
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Banload family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Renames multiple (226) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-