General
-
Target
2024-02-18_7a244ee41ee9ec8e9db66897bac70fca_magniber
-
Size
4.1MB
-
Sample
240218-p266naab6z
-
MD5
7a244ee41ee9ec8e9db66897bac70fca
-
SHA1
3b7e3a2f19a5faaca50528eff459a02e0c631f2e
-
SHA256
b38843c2b94e20796ebf60f7bcdcaf1c844eba470c7bcbe56d0d39fc17c51ec1
-
SHA512
3efdd2c2519aa6f36c2ca7e5c4e2afc8877544c69c8f3560584cde09c89063642bec2289725fa1cda97683fd20a72f007f0bfdee6276741d9653b098977adc24
-
SSDEEP
49152:sZfICio2RCV0sGbGVdylWojqkraXkFyWa+tdTeOWpNBRdL2PbX+tRs2v7cnio6v0:sC4yGVyvaXkyWa+tMOWLFEQfHdn5
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-18_7a244ee41ee9ec8e9db66897bac70fca_magniber.exe
Resource
win7-20231215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
2024-02-18_7a244ee41ee9ec8e9db66897bac70fca_magniber
-
Size
4.1MB
-
MD5
7a244ee41ee9ec8e9db66897bac70fca
-
SHA1
3b7e3a2f19a5faaca50528eff459a02e0c631f2e
-
SHA256
b38843c2b94e20796ebf60f7bcdcaf1c844eba470c7bcbe56d0d39fc17c51ec1
-
SHA512
3efdd2c2519aa6f36c2ca7e5c4e2afc8877544c69c8f3560584cde09c89063642bec2289725fa1cda97683fd20a72f007f0bfdee6276741d9653b098977adc24
-
SSDEEP
49152:sZfICio2RCV0sGbGVdylWojqkraXkFyWa+tdTeOWpNBRdL2PbX+tRs2v7cnio6v0:sC4yGVyvaXkyWa+tMOWLFEQfHdn5
-
Modifies firewall policy service
-
Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality
-
UPX dump on OEP (original entry point)
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1