General
-
Target
816e5da039753afeaca2c427a59912698b5962c43404532d6346933ae83280f8N.exe
-
Size
110KB
-
Sample
241231-x7ebtsvqc1
-
MD5
ba5adf14c4396af9076bb34dd00aaec0
-
SHA1
3ca95676bcbc556238df914ae647e33c9cc745a8
-
SHA256
816e5da039753afeaca2c427a59912698b5962c43404532d6346933ae83280f8
-
SHA512
ae09488164cadb72b4bc30de6e92767de8b57320aa8c639f082fa3e3aeeb0981fb442708621dc0cddb1705efc30c6dee6a6ea3c627305ad5b4d21f29f10ddaf0
-
SSDEEP
1536:BLXB65939tY6HBg4sXJ1UviBhkohVKJjFhaLeT99+eLnV7UviBhkohVKJjFhvOcV:BLk395hYXJ1UvUWXsP2npUvUWX81s
Malware Config
Targets
-
-
Target
816e5da039753afeaca2c427a59912698b5962c43404532d6346933ae83280f8N.exe
-
Size
110KB
-
MD5
ba5adf14c4396af9076bb34dd00aaec0
-
SHA1
3ca95676bcbc556238df914ae647e33c9cc745a8
-
SHA256
816e5da039753afeaca2c427a59912698b5962c43404532d6346933ae83280f8
-
SHA512
ae09488164cadb72b4bc30de6e92767de8b57320aa8c639f082fa3e3aeeb0981fb442708621dc0cddb1705efc30c6dee6a6ea3c627305ad5b4d21f29f10ddaf0
-
SSDEEP
1536:BLXB65939tY6HBg4sXJ1UviBhkohVKJjFhaLeT99+eLnV7UviBhkohVKJjFhvOcV:BLk395hYXJ1UvUWXsP2npUvUWX81s
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Banload family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Downloads MZ/PE file
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1