banload | c4bdbd7738a494010351a8bafd2e1444f50dccb1f2eacf2d1e5bae38b514b8c1 | Triage

Sharing

General

Target

c4bdbd7738a494010351a8bafd2e1444f50dccb1f2eacf2d1e5bae38b514b8c1
Size

2.2MB
Sample

250225-vdzpkaxmz3
MD5

95acf5ebbc118aa4fbcfe3d7d0073696
SHA1

ddd76bf5acdfd196406c0ce5676331192a4e9362
SHA256

c4bdbd7738a494010351a8bafd2e1444f50dccb1f2eacf2d1e5bae38b514b8c1
SHA512

86fa39dbddec7bc3fa80141e4be69675f787743153eaa7337a2801486e1d01042a0bb752c5c2d643fec8bf75ae449157844e122089ff53fe8e171b13cf684594
SSDEEP

49152:dpbRm4GPK/MreGTEpqzCZzD0TYkYoVDn99c1/0VXtj0HAmZea+:z1GS/2z28YbuDnu0VXtjyAmZeR

Score

10^/10

banload downloader dropper persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  c4bdbd7738a494010351a8bafd2e1444f50dccb1f2eacf2d1e5bae38b514b8c1
- Size
  
  2.2MB
- MD5
  
  95acf5ebbc118aa4fbcfe3d7d0073696
- SHA1
  
  ddd76bf5acdfd196406c0ce5676331192a4e9362
- SHA256
  
  c4bdbd7738a494010351a8bafd2e1444f50dccb1f2eacf2d1e5bae38b514b8c1
- SHA512
  
  86fa39dbddec7bc3fa80141e4be69675f787743153eaa7337a2801486e1d01042a0bb752c5c2d643fec8bf75ae449157844e122089ff53fe8e171b13cf684594
- SSDEEP
  
  49152:dpbRm4GPK/MreGTEpqzCZzD0TYkYoVDn99c1/0VXtj0HAmZea+:z1GS/2z28YbuDnu0VXtjyAmZeR
Score

10^/10

banload downloader dropper persistence privilege_escalation trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Banload family
  banload
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperpersistenceprivilege_escalationtrojan

behavioral2

banloaddownloaderdropperpersistenceprivilege_escalationtrojan