General
-
Target
2024-02-18_cdbcdbd65c050c549f99dfb4b8efbf47_magniber
-
Size
4.3MB
-
Sample
240218-pyxg2saa91
-
MD5
cdbcdbd65c050c549f99dfb4b8efbf47
-
SHA1
035df815fe26fac70a98376e6a5c14fe2c90c929
-
SHA256
b2196f6ee218510726c1b482949455c937fc841656df9284403d14217c30d807
-
SHA512
06cc9713603b6589f4683afa9893095b17c8cfefc635c3b3faac61593fc71f5ca75f0825684dc59b64a628afc9403f7995acdb1cf771bf16660c9a0aff15218f
-
SSDEEP
98304:QsbltXkUt8hD37ZerXSFSYGBDVfSXNiu0fEL8G+:DJtpadS2xlkueEL8v
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-18_cdbcdbd65c050c549f99dfb4b8efbf47_magniber.exe
Resource
win7-20231215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
2024-02-18_cdbcdbd65c050c549f99dfb4b8efbf47_magniber
-
Size
4.3MB
-
MD5
cdbcdbd65c050c549f99dfb4b8efbf47
-
SHA1
035df815fe26fac70a98376e6a5c14fe2c90c929
-
SHA256
b2196f6ee218510726c1b482949455c937fc841656df9284403d14217c30d807
-
SHA512
06cc9713603b6589f4683afa9893095b17c8cfefc635c3b3faac61593fc71f5ca75f0825684dc59b64a628afc9403f7995acdb1cf771bf16660c9a0aff15218f
-
SSDEEP
98304:QsbltXkUt8hD37ZerXSFSYGBDVfSXNiu0fEL8G+:DJtpadS2xlkueEL8v
-
Modifies firewall policy service
-
Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality
-
UPX dump on OEP (original entry point)
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1