d420da458ca2f642d7f541219cc71ddea42f236c7889c04de4733f08d9b89170 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

BananaBot.exe

windows10-2004-x64

7

Sharing

General

Target

BananaBot.exe
Size

2.7MB
Sample

240629-lgzdjavcqe
MD5

8063181c476db09b6cc2df0d31e36559
SHA1

26e1303e7599d11977ecbde0885a63f6b32b7086
SHA256

d420da458ca2f642d7f541219cc71ddea42f236c7889c04de4733f08d9b89170
SHA512

b56da66f2f9c7f992e5fc4572645fd8e5287a6b54e9affe9d6484bfd2a7c936450a60b705edf566fe57a4b2e175be1f36b284500c6c39ef93695cf73bef5e533
SSDEEP

49152:vDjlabwz9XDjlabwz9ngfAM7tzqosdnzrL+QppFj97enzGsz4QX:bqwBqwhAAo4zWKZ7ef4Q

Score

7^/10

spyware stealer vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

BananaBot.exe

Resource

win10v2004-20240611-en

spyware stealer vmprotect

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  BananaBot.exe
- Size
  
  2.7MB
- MD5
  
  8063181c476db09b6cc2df0d31e36559
- SHA1
  
  26e1303e7599d11977ecbde0885a63f6b32b7086
- SHA256
  
  d420da458ca2f642d7f541219cc71ddea42f236c7889c04de4733f08d9b89170
- SHA512
  
  b56da66f2f9c7f992e5fc4572645fd8e5287a6b54e9affe9d6484bfd2a7c936450a60b705edf566fe57a4b2e175be1f36b284500c6c39ef93695cf73bef5e533
- SSDEEP
  
  49152:vDjlabwz9XDjlabwz9ngfAM7tzqosdnzrL+QppFj97enzGsz4QX:bqwBqwhAAo4zWKZ7ef4Q
Score

7^/10

spyware stealer vmprotect
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

spywarestealervmprotect

© 2018-2024

Terms | Privacy