General
-
Target
51be2dc49d7d326c6592500265d7ee92dfebf9629bb36ef07ab3b18f8fb908af
-
Size
2.2MB
-
Sample
250318-yewk3s1lv6
-
MD5
9f859e77f2cae32a58260f900f5403d3
-
SHA1
35faeec65f7f85caeeaf6a13d13c134fc3570fe5
-
SHA256
51be2dc49d7d326c6592500265d7ee92dfebf9629bb36ef07ab3b18f8fb908af
-
SHA512
8a5b841bc2ed7d25edd054011cf64145baac4417d85325a83694582cc967614a4288fcbba8c976c032510b80e49feeb072509993450b03b4e62ac61f28921836
-
SSDEEP
49152:gpbRm4GPK/MTeGTE7eFvjfrwDkzd5oVDn99c1/0VX/Pv8qAmZea+:k1GS/UFrE4zXuDnu0VX/PbAmZeR
Malware Config
Targets
-
-
Target
51be2dc49d7d326c6592500265d7ee92dfebf9629bb36ef07ab3b18f8fb908af
-
Size
2.2MB
-
MD5
9f859e77f2cae32a58260f900f5403d3
-
SHA1
35faeec65f7f85caeeaf6a13d13c134fc3570fe5
-
SHA256
51be2dc49d7d326c6592500265d7ee92dfebf9629bb36ef07ab3b18f8fb908af
-
SHA512
8a5b841bc2ed7d25edd054011cf64145baac4417d85325a83694582cc967614a4288fcbba8c976c032510b80e49feeb072509993450b03b4e62ac61f28921836
-
SSDEEP
49152:gpbRm4GPK/MTeGTE7eFvjfrwDkzd5oVDn99c1/0VX/Pv8qAmZea+:k1GS/UFrE4zXuDnu0VX/PbAmZeR
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Banload family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-