General
-
Target
2024-02-18_fcb0f73744fbe3b939ea16f7689d7fbf_magniber
-
Size
3.7MB
-
Sample
240218-p5ldcsag55
-
MD5
fcb0f73744fbe3b939ea16f7689d7fbf
-
SHA1
8d3aca27f39c77f455cd8c275aee62085b7ac888
-
SHA256
9991134a71335447e338802861c282a5d9d1d60052dd7f64b158e1c204a5a878
-
SHA512
8959ef3addf987887f53942fc1380d205ce35f4c9c02efcbb4ed3992eebf5c5560864fd44df27f27038ee2681d3387e9cb272883c41723b89f82c0f91561b50d
-
SSDEEP
49152:ogUU6MQiAYyjja2vI6qi4gHRG/M0qaQyHlQh4FUe4xGTQt9SwhJ6Yp2Nz/J0Dfo:34M7AYcja2A6+gH84xGTQt9SG+N
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-18_fcb0f73744fbe3b939ea16f7689d7fbf_magniber.exe
Resource
win7-20231215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
2024-02-18_fcb0f73744fbe3b939ea16f7689d7fbf_magniber
-
Size
3.7MB
-
MD5
fcb0f73744fbe3b939ea16f7689d7fbf
-
SHA1
8d3aca27f39c77f455cd8c275aee62085b7ac888
-
SHA256
9991134a71335447e338802861c282a5d9d1d60052dd7f64b158e1c204a5a878
-
SHA512
8959ef3addf987887f53942fc1380d205ce35f4c9c02efcbb4ed3992eebf5c5560864fd44df27f27038ee2681d3387e9cb272883c41723b89f82c0f91561b50d
-
SSDEEP
49152:ogUU6MQiAYyjja2vI6qi4gHRG/M0qaQyHlQh4FUe4xGTQt9SwhJ6Yp2Nz/J0Dfo:34M7AYcja2A6+gH84xGTQt9SG+N
-
Modifies firewall policy service
-
Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality
-
UPX dump on OEP (original entry point)
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1