banload | abef29a0f9056beda2dba3faa5d42b069d0880437c80fbe65e27ebd6d2bbfdac | Triage

Sharing

General

Target

abef29a0f9056beda2dba3faa5d42b069d0880437c80fbe65e27ebd6d2bbfdac
Size

2.1MB
Sample

250317-a2tg8sxqy6
MD5

1bb2c884abfc605fa496242bdac65b78
SHA1

bc24248113fabf1a963c3be78bc2d03524e37bbf
SHA256

abef29a0f9056beda2dba3faa5d42b069d0880437c80fbe65e27ebd6d2bbfdac
SHA512

dd2c0e62cb09ee208d149cc538531d9ce51d46da3137e44533f9ca436060bf855373d8b54deee323a858e088d4afbad5f398bb31a7c7346a908a6542d1ac10a5
SSDEEP

49152:upbRm4GPK/M62mTsPOfY2HTmktexoVDn99c1/0VXKcgSdc+:u1GS/hf7Vt0uDnu0VXRBB

Score

10^/10

banload downloader dropper persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  abef29a0f9056beda2dba3faa5d42b069d0880437c80fbe65e27ebd6d2bbfdac
- Size
  
  2.1MB
- MD5
  
  1bb2c884abfc605fa496242bdac65b78
- SHA1
  
  bc24248113fabf1a963c3be78bc2d03524e37bbf
- SHA256
  
  abef29a0f9056beda2dba3faa5d42b069d0880437c80fbe65e27ebd6d2bbfdac
- SHA512
  
  dd2c0e62cb09ee208d149cc538531d9ce51d46da3137e44533f9ca436060bf855373d8b54deee323a858e088d4afbad5f398bb31a7c7346a908a6542d1ac10a5
- SSDEEP
  
  49152:upbRm4GPK/M62mTsPOfY2HTmktexoVDn99c1/0VXKcgSdc+:u1GS/hf7Vt0uDnu0VXRBB
Score

10^/10

banload downloader dropper persistence privilege_escalation trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Banload family
  banload
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperpersistenceprivilege_escalationtrojan

behavioral2

banloaddownloaderdroppertrojan