banload | 64f49c4b8aa5d2eb408b10774eff3df4386b824fee1301dbad6a5d982443613a | Triage

Sharing

General

Target

64f49c4b8aa5d2eb408b10774eff3df4386b824fee1301dbad6a5d982443613a
Size

6.1MB
Sample

250412-twb6jsyta1
MD5

9814fd49bb2677f629a804077726cbe4
SHA1

6986b01157be4c693c969fc22feeec0cb4d1cfc4
SHA256

64f49c4b8aa5d2eb408b10774eff3df4386b824fee1301dbad6a5d982443613a
SHA512

b0dc8db8fb4922f68c8e9031dad1636663b47243b40749e2b3fc6659bfe998a6a821ba660b706e197d6f87d17e76349d0e4be88dbc34bf340559721d7d278503
SSDEEP

98304:FAA+ssCrSVuDnu0VXq2RzR8IRIGyB4zQqwJBxQtPm:2A+4JDfBq3SIGrEqmBxoPm

Score

10^/10

banload downloader dropper persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  64f49c4b8aa5d2eb408b10774eff3df4386b824fee1301dbad6a5d982443613a
- Size
  
  6.1MB
- MD5
  
  9814fd49bb2677f629a804077726cbe4
- SHA1
  
  6986b01157be4c693c969fc22feeec0cb4d1cfc4
- SHA256
  
  64f49c4b8aa5d2eb408b10774eff3df4386b824fee1301dbad6a5d982443613a
- SHA512
  
  b0dc8db8fb4922f68c8e9031dad1636663b47243b40749e2b3fc6659bfe998a6a821ba660b706e197d6f87d17e76349d0e4be88dbc34bf340559721d7d278503
- SSDEEP
  
  98304:FAA+ssCrSVuDnu0VXq2RzR8IRIGyB4zQqwJBxQtPm:2A+4JDfBq3SIGrEqmBxoPm
Score

10^/10

banload downloader dropper persistence privilege_escalation trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- Banload family
  banload
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

banloaddownloaderdropperpersistenceprivilege_escalationtrojan