General
-
Target
55459cfc161cebc672eabbf0bfd8d406edc4aa5ae0a070dbb73749c278c8ae64
-
Size
3.0MB
-
Sample
250412-tv3xwayjt6
-
MD5
9dfb2cc63a4f7bfe344c992d7cfaedf0
-
SHA1
fdbfb02be0624e25c1b55d6b715558fa317f5c2f
-
SHA256
55459cfc161cebc672eabbf0bfd8d406edc4aa5ae0a070dbb73749c278c8ae64
-
SHA512
5ca4547e2dc6c4fa17508f759f781bd37eef0eabd81d47085c0a4eb9957f48a096de1a553fce206fec961547cd1672d22112a1264761cb1a9489c57f36cb2914
-
SSDEEP
49152:OpbRm4GPK/Mv2STfnXR8lnz48kaMoVDn99c1/0VXfEmX28xO5tL:O1GS/IRwfkFuDnu0VXsm7xQtL
Malware Config
Targets
-
-
Target
55459cfc161cebc672eabbf0bfd8d406edc4aa5ae0a070dbb73749c278c8ae64
-
Size
3.0MB
-
MD5
9dfb2cc63a4f7bfe344c992d7cfaedf0
-
SHA1
fdbfb02be0624e25c1b55d6b715558fa317f5c2f
-
SHA256
55459cfc161cebc672eabbf0bfd8d406edc4aa5ae0a070dbb73749c278c8ae64
-
SHA512
5ca4547e2dc6c4fa17508f759f781bd37eef0eabd81d47085c0a4eb9957f48a096de1a553fce206fec961547cd1672d22112a1264761cb1a9489c57f36cb2914
-
SSDEEP
49152:OpbRm4GPK/Mv2STfnXR8lnz48kaMoVDn99c1/0VXfEmX28xO5tL:O1GS/IRwfkFuDnu0VXsm7xQtL
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Banload family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-