Overview

overview

10

Static

static

1

2024-07-04...er.exe

windows7-x64

10

2024-07-04...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-04_d7c365232b92a7b193ed80e93afbca11_mafia_magniber

  • Size

    2.4MB

  • Sample

    240704-b4yqeazard

  • MD5

    d7c365232b92a7b193ed80e93afbca11

  • SHA1

    ce610f40e82c5eed042544f9f17d56311048e984

  • SHA256

    111d7de3b8a30a541eba768a4dc4427fcc7b314f8b4f6c36a20df2c91fad8ab8

  • SHA512

    e79525be912110c4ea6338e645684c2a01723798187aa770790532ef6c146dea83d16f542c316402aba26c5588f2d02f47bbe559e2e6cb52d3835d8d62a12b03

  • SSDEEP

    49152:A1OeaPHHwJT1QrJOp4eNGIkn0q5VWy7EeNsmGvDwtmTiN16zwZ:A1OJwAtOp4eNGIUPtQAsmGLkmTLzE

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-07-04_d7c365232b92a7b193ed80e93afbca11_mafia_magniber

    • Size

      2.4MB

    • MD5

      d7c365232b92a7b193ed80e93afbca11

    • SHA1

      ce610f40e82c5eed042544f9f17d56311048e984

    • SHA256

      111d7de3b8a30a541eba768a4dc4427fcc7b314f8b4f6c36a20df2c91fad8ab8

    • SHA512

      e79525be912110c4ea6338e645684c2a01723798187aa770790532ef6c146dea83d16f542c316402aba26c5588f2d02f47bbe559e2e6cb52d3835d8d62a12b03

    • SSDEEP

      49152:A1OeaPHHwJT1QrJOp4eNGIkn0q5VWy7EeNsmGvDwtmTiN16zwZ:A1OJwAtOp4eNGIUPtQAsmGLkmTLzE

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Query Registry

2
T1012

Virtualization/Sandbox Evasion

1
T1497

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks