General

  • Target

    2024-02-06_2c5e49d3a159f77083e3fdc56e862c2e_mafia_magniber

  • Size

    3.8MB

  • Sample

    240206-lkpnhadcg2

  • MD5

    2c5e49d3a159f77083e3fdc56e862c2e

  • SHA1

    fffa654bedbaef1e960215bc034dea3149ab25d0

  • SHA256

    30a5ca6e54c55b46317520db640c8341478b30b67425f620940be2561f65b429

  • SHA512

    8bd93580aa2fc93320cc315678817796bdc5d1a5ca0288f9def39379b15372dfd0eac3767f7ecaf0879b7a445846ebe568a8ccffa0050bbe2be649f7aca29461

  • SSDEEP

    98304:HEPWbvV4xogE1RPtQAH+yUu3W0eo4td3wx:HEPqV40x3P3/n4td3wx

Malware Config

Targets

    • Target

      2024-02-06_2c5e49d3a159f77083e3fdc56e862c2e_mafia_magniber

    • Size

      3.8MB

    • MD5

      2c5e49d3a159f77083e3fdc56e862c2e

    • SHA1

      fffa654bedbaef1e960215bc034dea3149ab25d0

    • SHA256

      30a5ca6e54c55b46317520db640c8341478b30b67425f620940be2561f65b429

    • SHA512

      8bd93580aa2fc93320cc315678817796bdc5d1a5ca0288f9def39379b15372dfd0eac3767f7ecaf0879b7a445846ebe568a8ccffa0050bbe2be649f7aca29461

    • SSDEEP

      98304:HEPWbvV4xogE1RPtQAH+yUu3W0eo4td3wx:HEPqV40x3P3/n4td3wx

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks