General
-
Target
a85eb7fbf3dd9221dd2751e7b1370b6b10f221b95151017f611b5c3305e96e58
-
Size
5.9MB
-
Sample
241205-bvcrks1mfv
-
MD5
f710c7bbfc7e94a9bfaa6d51c3a8db3b
-
SHA1
fc0e4189d4684a00ac66835837f1656cb30e98c7
-
SHA256
a85eb7fbf3dd9221dd2751e7b1370b6b10f221b95151017f611b5c3305e96e58
-
SHA512
d7e2306c7d9d3f1364def21310504fec13a40704f000fb5ccca885ea508a99ad442270db7d35184cad5565cad419047fee7ee0a298637a49f76d9df62b236513
-
SSDEEP
98304:RF8QUitE4iLqaPWGnEvEF8QUitE4iLqaPWGnEvC:RFQWEPnPBnE8FQWEPnPBnE6
Malware Config
Targets
-
-
Target
a85eb7fbf3dd9221dd2751e7b1370b6b10f221b95151017f611b5c3305e96e58
-
Size
5.9MB
-
MD5
f710c7bbfc7e94a9bfaa6d51c3a8db3b
-
SHA1
fc0e4189d4684a00ac66835837f1656cb30e98c7
-
SHA256
a85eb7fbf3dd9221dd2751e7b1370b6b10f221b95151017f611b5c3305e96e58
-
SHA512
d7e2306c7d9d3f1364def21310504fec13a40704f000fb5ccca885ea508a99ad442270db7d35184cad5565cad419047fee7ee0a298637a49f76d9df62b236513
-
SSDEEP
98304:RF8QUitE4iLqaPWGnEvEF8QUitE4iLqaPWGnEvC:RFQWEPnPBnE8FQWEPnPBnE6
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Banload family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Renames multiple (198) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-