banload | 193fe6fe03594e96b3dc3c998e6f717a28149f038e02ce8d2a12c8c54c13f343 | Triage

Sharing

General

Target

193fe6fe03594e96b3dc3c998e6f717a28149f038e02ce8d2a12c8c54c13f343
Size

2.1MB
Sample

241231-mrdp9awqbt
MD5

5b42d7290c30242ba84510440d7998e3
SHA1

5ac4e2f7dd26b78d4ab197e475ad483ab67b8422
SHA256

193fe6fe03594e96b3dc3c998e6f717a28149f038e02ce8d2a12c8c54c13f343
SHA512

ae09e170d7089aa516a723c221f058318ac8950bc7439d74da272fb61a44cf268ffcbc87ee41a44a49fba7eef506e308d32e89bf4e4ab64148955023a7450a39
SSDEEP

49152:fpbRm4GPK/Mh2mTsGKgQApfseq+5oVDn99c1/0VXBMg/yxA+:B1GS/1grFqouDnu0VXV/yx7

Score

10^/10

banload downloader dropper persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  193fe6fe03594e96b3dc3c998e6f717a28149f038e02ce8d2a12c8c54c13f343
- Size
  
  2.1MB
- MD5
  
  5b42d7290c30242ba84510440d7998e3
- SHA1
  
  5ac4e2f7dd26b78d4ab197e475ad483ab67b8422
- SHA256
  
  193fe6fe03594e96b3dc3c998e6f717a28149f038e02ce8d2a12c8c54c13f343
- SHA512
  
  ae09e170d7089aa516a723c221f058318ac8950bc7439d74da272fb61a44cf268ffcbc87ee41a44a49fba7eef506e308d32e89bf4e4ab64148955023a7450a39
- SSDEEP
  
  49152:fpbRm4GPK/Mh2mTsGKgQApfseq+5oVDn99c1/0VXBMg/yxA+:B1GS/1grFqouDnu0VXV/yx7
Score

10^/10

banload downloader dropper persistence privilege_escalation trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Banload family
  banload
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperpersistenceprivilege_escalationtrojan

behavioral2

banloaddownloaderdropperpersistenceprivilege_escalationtrojan