banload | 7f0005d39580ba537d4f9581b47c28adf132a6586d62881a62cd56fa1b24ab27 | Triage

Submit
Reports

Overview

overview

Static

static

1

RPGXP_E.exe

windows11-21h2-x64

Sharing

General

Target

RPGXP_E.exe
Size

27.2MB
Sample

240702-3a9pcszalr
MD5

4db4691a4f71af97b109b11ee2c70ec9
SHA1

ba5eaa22936505df35a10319dbce60ed6e873383
SHA256

7f0005d39580ba537d4f9581b47c28adf132a6586d62881a62cd56fa1b24ab27
SHA512

2688575f993dd7c2b0bff1634465149103412032bc882d09ccd492033ec94b27c84e4a1655118264728fea358969504ff748a8e6fe73dd313789f2a2d142f15a
SSDEEP

786432:F6HKbIBBYy9IMhfpNIubCq9iS2wvX1RA6rxiShm0RML1P:+iI3/9IM6uejAX1RUShT

Score

10^/10

banload aspackv2 discovery downloader dropper trojan

Static task

static1

Behavioral task

behavioral1

Sample

RPGXP_E.exe

Resource

win11-20240611-en

banload aspackv2 discovery downloader dropper trojan

windows11-21h2-x64

16 signatures

60 seconds

Malware Config

Targets

- Target
  
  RPGXP_E.exe
- Size
  
  27.2MB
- MD5
  
  4db4691a4f71af97b109b11ee2c70ec9
- SHA1
  
  ba5eaa22936505df35a10319dbce60ed6e873383
- SHA256
  
  7f0005d39580ba537d4f9581b47c28adf132a6586d62881a62cd56fa1b24ab27
- SHA512
  
  2688575f993dd7c2b0bff1634465149103412032bc882d09ccd492033ec94b27c84e4a1655118264728fea358969504ff748a8e6fe73dd313789f2a2d142f15a
- SSDEEP
  
  786432:F6HKbIBBYy9IMhfpNIubCq9iS2wvX1RA6rxiShm0RML1P:+iI3/9IM6uejAX1RUShT
Score

10^/10

banload aspackv2 discovery downloader dropper trojan
- Banload
  Banload variants download malicious files, then install and execute the files.
  trojan dropper downloader banload
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

banloadaspackv2discoverydownloaderdroppertrojan

© 2018-2024

Terms | Privacy