General
-
Target
2024-04-28_1c8abfbd35ffd0cbfddc93be61765e4a_magniber
-
Size
48.4MB
-
Sample
240428-gjz1mahf6t
-
MD5
1c8abfbd35ffd0cbfddc93be61765e4a
-
SHA1
199a6fcc19294a8f8ec512cbc930b68e1cc48246
-
SHA256
078b64078a5dc8d14b5a4223a6425e4ab650ff38eaf298cd64d8bd9284a4868d
-
SHA512
b6b1dce16f2bc212d4e9d3f99211c079e95133ae243d1668cf63d02da312433fd247f4f42b46f386e1b5e8154899f3ea504e649312b7f03375ba1e4fc4f1efa3
-
SSDEEP
786432:81uku651ufXEtPCpa2KWGuU/atU6Q25xKRdQ1VcpYtMwubtJSfDEdwd/:83Fzucaw2NGJ0U6HxSMKprvUEdw/
Malware Config
Targets
-
-
Target
2024-04-28_1c8abfbd35ffd0cbfddc93be61765e4a_magniber
-
Size
48.4MB
-
MD5
1c8abfbd35ffd0cbfddc93be61765e4a
-
SHA1
199a6fcc19294a8f8ec512cbc930b68e1cc48246
-
SHA256
078b64078a5dc8d14b5a4223a6425e4ab650ff38eaf298cd64d8bd9284a4868d
-
SHA512
b6b1dce16f2bc212d4e9d3f99211c079e95133ae243d1668cf63d02da312433fd247f4f42b46f386e1b5e8154899f3ea504e649312b7f03375ba1e4fc4f1efa3
-
SSDEEP
786432:81uku651ufXEtPCpa2KWGuU/atU6Q25xKRdQ1VcpYtMwubtJSfDEdwd/:83Fzucaw2NGJ0U6HxSMKprvUEdw/
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-