General

  • Target

    2024-01-08_4d382146366fd0fb6eabf0e1aba9dd2d_floxif_magniber

  • Size

    7.3MB

  • Sample

    240109-hfdhwscebk

  • MD5

    4d382146366fd0fb6eabf0e1aba9dd2d

  • SHA1

    bd74e620bf84ec70deb3476b6c2021bc1e91077b

  • SHA256

    2ebfd46f379eb76706964a6f6b631fadba834551786310821d0be0b96c37cfba

  • SHA512

    236878e4421d4166c3bc09dcecb812ecd6b85c1ab869f5ec38c99c826fdb6f0d8a1769d50137a3251789f995fa316e4d097c209533187b9f1a3216baeac85e8a

  • SSDEEP

    196608:CK3D6wKQyBRrnSdE1UvNbYMmEDNbFez/pPAZTy:CK3DIjVn618MVNbFezhIZTy

Malware Config

Targets

    • Target

      2024-01-08_4d382146366fd0fb6eabf0e1aba9dd2d_floxif_magniber

    • Size

      7.3MB

    • MD5

      4d382146366fd0fb6eabf0e1aba9dd2d

    • SHA1

      bd74e620bf84ec70deb3476b6c2021bc1e91077b

    • SHA256

      2ebfd46f379eb76706964a6f6b631fadba834551786310821d0be0b96c37cfba

    • SHA512

      236878e4421d4166c3bc09dcecb812ecd6b85c1ab869f5ec38c99c826fdb6f0d8a1769d50137a3251789f995fa316e4d097c209533187b9f1a3216baeac85e8a

    • SSDEEP

      196608:CK3D6wKQyBRrnSdE1UvNbYMmEDNbFez/pPAZTy:CK3DIjVn618MVNbFezhIZTy

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Modifies AppInit DLL entries

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks