banload | 82f2b4a9efe71dbaebd47d6a5f0f4f81ea5e107610745f12373bd706ab01eaa2 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

82f2b4a9ef...a2.exe

windows7-x64

82f2b4a9ef...a2.exe

windows10-2004-x64

Sharing

General

Target

82f2b4a9efe71dbaebd47d6a5f0f4f81ea5e107610745f12373bd706ab01eaa2
Size

3.1MB
Sample

250308-czc4kszzex
MD5

49736562f838b77d4965801d98452def
SHA1

5a6fed8a35c91f02672bc5b29f833d4e6ad53a89
SHA256

82f2b4a9efe71dbaebd47d6a5f0f4f81ea5e107610745f12373bd706ab01eaa2
SHA512

bea46fe161a992419ecbe5754bf294f18a229e36d88fb8ee99c888b8d57c247a53b180a4e620b1b93043868535fdd8dcddb5f822486110ed37e6c9a8c82484f4
SSDEEP

49152:euWJCbWiLqRTNXYkier+1tgM68B1ECYJgkIlma2sx05tE:eugCSiwIPer+1tR68B+5JAmAxStE

Score

10^/10

banload discovery downloader dropper trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

82f2b4a9efe71dbaebd47d6a5f0f4f81ea5e107610745f12373bd706ab01eaa2.exe

Resource

win7-20240903-en

banload discovery downloader dropper trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

82f2b4a9efe71dbaebd47d6a5f0f4f81ea5e107610745f12373bd706ab01eaa2.exe

Resource

win10v2004-20250217-en

banload discovery downloader dropper trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  82f2b4a9efe71dbaebd47d6a5f0f4f81ea5e107610745f12373bd706ab01eaa2
- Size
  
  3.1MB
- MD5
  
  49736562f838b77d4965801d98452def
- SHA1
  
  5a6fed8a35c91f02672bc5b29f833d4e6ad53a89
- SHA256
  
  82f2b4a9efe71dbaebd47d6a5f0f4f81ea5e107610745f12373bd706ab01eaa2
- SHA512
  
  bea46fe161a992419ecbe5754bf294f18a229e36d88fb8ee99c888b8d57c247a53b180a4e620b1b93043868535fdd8dcddb5f822486110ed37e6c9a8c82484f4
- SSDEEP
  
  49152:euWJCbWiLqRTNXYkier+1tgM68B1ECYJgkIlma2sx05tE:eugCSiwIPer+1tR68B+5JAmAxStE
Score

10^/10

banload discovery downloader dropper trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Banload family
  banload
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddiscoverydownloaderdroppertrojan

behavioral2

banloaddiscoverydownloaderdroppertrojan

© 2018-2025

Terms | Privacy