General
-
Target
fe864ca1ed2d02f2ab3e42ec2dfcea0d7fb4d1aece9344612f6f66f739be10dfN.exe
-
Size
2.8MB
-
Sample
241204-v7yz5aylgn
-
MD5
a58f1c1a4a6f0e58a0193e2f4ace7370
-
SHA1
c5696172a9ddbc820ddad28ff28337b42de3efc8
-
SHA256
fe864ca1ed2d02f2ab3e42ec2dfcea0d7fb4d1aece9344612f6f66f739be10df
-
SHA512
7a0d6fb3d862537ad3fc44db93d4f87715f3ae593c96b89a4adb02eef5423cef1630e9ca36f6c7a8f47c0cdebcd75f8093769acd9518d7799c641a642e870663
-
SSDEEP
49152:RVvn8Q5CHCtE4jPTTm4uBLq9gtMyMpy7nEvVWiKjUOlk0O:RF8QUitE4iLqaPWGnEvSO
Static task
static1
Behavioral task
behavioral1
Sample
fe864ca1ed2d02f2ab3e42ec2dfcea0d7fb4d1aece9344612f6f66f739be10dfN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fe864ca1ed2d02f2ab3e42ec2dfcea0d7fb4d1aece9344612f6f66f739be10dfN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
fe864ca1ed2d02f2ab3e42ec2dfcea0d7fb4d1aece9344612f6f66f739be10dfN.exe
-
Size
2.8MB
-
MD5
a58f1c1a4a6f0e58a0193e2f4ace7370
-
SHA1
c5696172a9ddbc820ddad28ff28337b42de3efc8
-
SHA256
fe864ca1ed2d02f2ab3e42ec2dfcea0d7fb4d1aece9344612f6f66f739be10df
-
SHA512
7a0d6fb3d862537ad3fc44db93d4f87715f3ae593c96b89a4adb02eef5423cef1630e9ca36f6c7a8f47c0cdebcd75f8093769acd9518d7799c641a642e870663
-
SSDEEP
49152:RVvn8Q5CHCtE4jPTTm4uBLq9gtMyMpy7nEvVWiKjUOlk0O:RF8QUitE4iLqaPWGnEvSO
-
Banload
Banload variants download malicious files, then install and execute the files.
-
Banload family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Renames multiple (225) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-