banload | 0413a75f6e4893962f14623db89b9fca9c0f818398f79672260060bdce47ef5e | Triage

Sharing

General

Target

JaffaCakes118_21a2e687d56920ca9d644f7d40a979c7
Size

5.6MB
Sample

250223-w7erxswls9
MD5

21a2e687d56920ca9d644f7d40a979c7
SHA1

cf33dce23fb37c1a697ce861eca034d4ff3028e4
SHA256

0413a75f6e4893962f14623db89b9fca9c0f818398f79672260060bdce47ef5e
SHA512

36d3da49924e956016cba8e26fa8f4c5b22fc45bc48ef7405db976a955a3c8f00b78e7a5762927559d6847e3ac1014ef68bb803099d14bce731a37c3deac6fc2
SSDEEP

98304:pkA8fSZwFzbOOj2tQ50a7F9zFc80ctQ+lB+oGGx28p2+:eA86Xnhy9IctJB+Mzv

Score

10^/10

banload discovery downloader dropper trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_21a2e687d56920ca9d644f7d40a979c7
- Size
  
  5.6MB
- MD5
  
  21a2e687d56920ca9d644f7d40a979c7
- SHA1
  
  cf33dce23fb37c1a697ce861eca034d4ff3028e4
- SHA256
  
  0413a75f6e4893962f14623db89b9fca9c0f818398f79672260060bdce47ef5e
- SHA512
  
  36d3da49924e956016cba8e26fa8f4c5b22fc45bc48ef7405db976a955a3c8f00b78e7a5762927559d6847e3ac1014ef68bb803099d14bce731a37c3deac6fc2
- SSDEEP
  
  98304:pkA8fSZwFzbOOj2tQ50a7F9zFc80ctQ+lB+oGGx28p2+:eA86Xnhy9IctJB+Mzv
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9384f4007c492d4fa040924f31c00166
- SHA1
  
  aba37faef30d7c445584c688a0b5638f5db31c7b
- SHA256
  
  60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
- SHA512
  
  68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
- SSDEEP
  
  48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  a4173b381625f9f12aadb4e1cdaefdb8
- SHA1
  
  cf1680c2bc970d5675adbf5e89292a97e6724713
- SHA256
  
  7755ff2707ca19344d489a5acec02d9e310425fa6e100d2f13025761676b875b
- SHA512
  
  fcac79d42862da6bdd3ecad9d887a975cdff2301a8322f321be58f754a26b27077b452faa4751bbd09cd3371b4afce65255fbbb443e2c93dd2cba0ba652f4a82
- SSDEEP
  
  96:2fiqP7bO2qHkAC40KhvSE+6nrxtMn0iGd88qRLqtJ1tbRhElfRx2:siqP7OHX1Q4xtcf8qo/ttgfRx2
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  7579ade7ae1747a31960a228ce02e666
- SHA1
  
  8ec8571a296737e819dcf86353a43fcf8ec63351
- SHA256
  
  564c80dec62d76c53497c40094db360ff8a36e0dc1bda8383d0f9583138997f5
- SHA512
  
  a88bc56e938374c333b0e33cb72951635b5d5a98b9cb2d6785073cbcad23bf4c0f9f69d3b7e87b46c76eb03ced9bb786844ce87656a9e3df4ca24acf43d7a05b
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsisdk.dll
- Size
  
  28KB
- MD5
  
  deb4db1ff057906c96e6f949e5862508
- SHA1
  
  495c8703a43826df4ac8de20efbbeebcd5263c13
- SHA256
  
  fc7ab6a88fe725de19804931655f6c61d4072495ebb1ddb73ddfac0dca7d0d1e
- SHA512
  
  b37348d57d774b66afd192c0d2cb95c261ea4b75874190fd4809249cfea5500eaa0d9ad09af2afe83904b29539796440663d6e916362acf9c21894809ea32d46
- SSDEEP
  
  384:Snw9iuDIPi/ij7m+1I+rqZTYmZLb/BLbyrDzbgVIdHk0iVqeyf/zBx+HUTRv:Sw1DSi/ija+1IHZzOzbgV+E0teyjG0
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  AdsScheduler.exe
- Size
  
  2.8MB
- MD5
  
  21c3a507dc75c31811fa8156d06eb5cf
- SHA1
  
  f4cdd9b3c60f1ff75d9ee9d8a7e674182e0de518
- SHA256
  
  7b262a6fe0fe424d6e522efb6cb3a2dfe576cb6e984707164e053f2cdc990bb1
- SHA512
  
  11b54ec6dac12334ea91957a5fad9454928e46fddfef22024f4269ad0e86e48d7e276741623abd6f1bbad84503948cbecbc12ba3e67d62f2344bcdc896db81a4
- SSDEEP
  
  49152:8Zm5DHi5TSZ0gsmyAWSQFJv/xcxuNBvVG9fsue61HnyGMEMr8zUnY:8Zm187PS2IxuNBvVUFJH1Cr08Y
Score

1^/10
behavioral15 behavioral16
- Target
  
  Base.exe
- Size
  
  2.1MB
- MD5
  
  a8047e04ac05a799af9e555e60f30f35
- SHA1
  
  b0e7c2b8f0cb0dc576a1f54d82c31f4311e3c3e0
- SHA256
  
  7c2d568ce2d9d0de14ed9623f01d2346218dd917edb9c58b9e044238104b668f
- SHA512
  
  43ed42b1ff266fa8bc591519aed7d72dbbe7543b807858834092e7175991ead5a976fd42ebee8a91fd62a1061acd76f2f58d7b10c6ccf22ae767dea5e6fc4203
- SSDEEP
  
  24576:qwc4IHNdRmoFXbrKmgB76DhxlrIYSRzBLSw8ELSV5zjatQoEe00ykzcubKHnXzU:c587m/+RzlSw8g8zjaWexvh2A
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  PlaylistGeneratorPro.exe
- Size
  
  3.2MB
- MD5
  
  f9fd3035e88efea757ca653b360ec2fe
- SHA1
  
  da1647e0287281ec190fab7805b4f72efef782c6
- SHA256
  
  f95705a5f3e2c572db21e58f4b516a6030d95c4b358c20a36b1c15a215e12c80
- SHA512
  
  70d4b5c2344ef0143a36cde824d44c1b0ea1f111c1877812765d0a2baa9f7178d0a307256a02de6f877b5c78c203bddbd5a805e6eb14d6c99d18943fc131a22a
- SSDEEP
  
  49152:5Gvr1ImETNsn4+0AWSQFxFvV8gd5duBPfl3dkzT6UFTVANx:5GvudPS2xFP5yPfCFqj
Score

10^/10

banload discovery downloader dropper trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Banload family
  banload
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral19 behavioral20
- Target
  
  ReportViewer.exe
- Size
  
  4.1MB
- MD5
  
  6261af4dcc4a4a2c053ec77362018117
- SHA1
  
  64350618e7c06eefd66da4ea087d1b6c4c2385d3
- SHA256
  
  2598d6a65378547bbcce8651785e96c7dc35b4bd37626ee8a90a5ea7193a5160
- SHA512
  
  95d2f01a98b316839232fd6f9a92e85481eb6de6a690a0ebd8a085353ba0037371bbfa2a5d041afdd6bd9e3e0769776f3b7d767e2070bbc67276c1b5a046dea0
- SSDEEP
  
  49152:wqoslNB/9wRGPeujF7bX2UdoUuoZISLjgce5175H/WdyQ509+klqSg4PTuTnBBYt:wiNBlwRGPR7L22/eBWd550zTR1eq
Score

3^/10

discovery
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

banloaddiscoverydownloaderdroppertrojan

behavioral20

banloaddiscoverydownloaderdroppertrojan

behavioral21

behavioral22