General
-
Target
2023-08-26_a97bbbee11c4aa5e3873d169dc93c812_magniber_JC.exe
-
Size
25.2MB
-
Sample
231011-glh5wsch9x
-
MD5
a97bbbee11c4aa5e3873d169dc93c812
-
SHA1
f553a4d28d1b5718ac1188b5022ffd640a9062d1
-
SHA256
e2f678ae963b89f6af695ca1897ebcf0574a4d4a18a07ed7644df37b7d8538ce
-
SHA512
20f47eb780641d86bb0966d817771dd183b9e57c0ad633f21badd46e9c064c08206e18f66ebde9d6774b41a6d70e9ca22c610e0f96f83296091b5ef7f458c5a2
-
SSDEEP
786432:Lrby/kC3lo7f9WKxFrWuPUY9s20qaOCdV6mfcLzvEEAu2:LrCloIK3Wu8n20WTlHAR
Malware Config
Targets
-
-
Target
2023-08-26_a97bbbee11c4aa5e3873d169dc93c812_magniber_JC.exe
-
Size
25.2MB
-
MD5
a97bbbee11c4aa5e3873d169dc93c812
-
SHA1
f553a4d28d1b5718ac1188b5022ffd640a9062d1
-
SHA256
e2f678ae963b89f6af695ca1897ebcf0574a4d4a18a07ed7644df37b7d8538ce
-
SHA512
20f47eb780641d86bb0966d817771dd183b9e57c0ad633f21badd46e9c064c08206e18f66ebde9d6774b41a6d70e9ca22c610e0f96f83296091b5ef7f458c5a2
-
SSDEEP
786432:Lrby/kC3lo7f9WKxFrWuPUY9s20qaOCdV6mfcLzvEEAu2:LrCloIK3Wu8n20WTlHAR
Score8/10-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1