General
-
Target
2024-02-20_265d762dfe1fc2ba291c4d75fb4db8d4_magniber
-
Size
1.0MB
-
Sample
240220-f8y9ysce88
-
MD5
265d762dfe1fc2ba291c4d75fb4db8d4
-
SHA1
e6eb66352c7f6756fa9b4cba103572a61913de36
-
SHA256
ddd80c43c4ac177493ea800d66c68df7dd5f9c44777d078e88f3e26185fc8aef
-
SHA512
fda97cc1ec2d6b0490ea2971d9565c1951925711b399fed77ab53cbd15f2071cd206a25fa5dc6b5418e2ecb9c774a38db00a21e64d9ecc1a39e2abb3ce75e2c7
-
SSDEEP
24576:HqPpkQsz0Qb1PCSgWqRVJ/n3dlEqxHeikvJaWlLES7RTZEgc3Eg0g:zNoU1PCSgWqRVJ/ntrHIvJT9F/c3L0
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-20_265d762dfe1fc2ba291c4d75fb4db8d4_magniber.exe
Resource
win7-20231215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
2024-02-20_265d762dfe1fc2ba291c4d75fb4db8d4_magniber
-
Size
1.0MB
-
MD5
265d762dfe1fc2ba291c4d75fb4db8d4
-
SHA1
e6eb66352c7f6756fa9b4cba103572a61913de36
-
SHA256
ddd80c43c4ac177493ea800d66c68df7dd5f9c44777d078e88f3e26185fc8aef
-
SHA512
fda97cc1ec2d6b0490ea2971d9565c1951925711b399fed77ab53cbd15f2071cd206a25fa5dc6b5418e2ecb9c774a38db00a21e64d9ecc1a39e2abb3ce75e2c7
-
SSDEEP
24576:HqPpkQsz0Qb1PCSgWqRVJ/n3dlEqxHeikvJaWlLES7RTZEgc3Eg0g:zNoU1PCSgWqRVJ/ntrHIvJT9F/c3L0
-
Modifies firewall policy service
-
Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality
-
UPX dump on OEP (original entry point)
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1