General
-
Target
2024-01-08_4d382146366fd0fb6eabf0e1aba9dd2d_floxif_magniber
-
Size
7.3MB
-
Sample
240109-hfdhwscebk
-
MD5
4d382146366fd0fb6eabf0e1aba9dd2d
-
SHA1
bd74e620bf84ec70deb3476b6c2021bc1e91077b
-
SHA256
2ebfd46f379eb76706964a6f6b631fadba834551786310821d0be0b96c37cfba
-
SHA512
236878e4421d4166c3bc09dcecb812ecd6b85c1ab869f5ec38c99c826fdb6f0d8a1769d50137a3251789f995fa316e4d097c209533187b9f1a3216baeac85e8a
-
SSDEEP
196608:CK3D6wKQyBRrnSdE1UvNbYMmEDNbFez/pPAZTy:CK3DIjVn618MVNbFezhIZTy
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-08_4d382146366fd0fb6eabf0e1aba9dd2d_floxif_magniber.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-08_4d382146366fd0fb6eabf0e1aba9dd2d_floxif_magniber.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-08_4d382146366fd0fb6eabf0e1aba9dd2d_floxif_magniber
-
Size
7.3MB
-
MD5
4d382146366fd0fb6eabf0e1aba9dd2d
-
SHA1
bd74e620bf84ec70deb3476b6c2021bc1e91077b
-
SHA256
2ebfd46f379eb76706964a6f6b631fadba834551786310821d0be0b96c37cfba
-
SHA512
236878e4421d4166c3bc09dcecb812ecd6b85c1ab869f5ec38c99c826fdb6f0d8a1769d50137a3251789f995fa316e4d097c209533187b9f1a3216baeac85e8a
-
SSDEEP
196608:CK3D6wKQyBRrnSdE1UvNbYMmEDNbFez/pPAZTy:CK3DIjVn618MVNbFezhIZTy
-
Banload
Banload variants download malicious files, then install and execute the files.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Modifies AppInit DLL entries
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-