Overview

overview

10

Static

static

1

2024-03-10...er.exe

windows7-x64

10

2024-03-10...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-10_d40f484e42344e80f33b086974c960e5_magniber

  • Size

    5.4MB

  • Sample

    240310-darq4sba8x

  • MD5

    d40f484e42344e80f33b086974c960e5

  • SHA1

    435209f34bd2368b0f99981d731ae7c02b31f4f1

  • SHA256

    6441f71fabb6bfc51ae69ed5029abd3093291c7fc31ca16d7f820f193d8875c0

  • SHA512

    eeee5906961a771fcf8caf6a9899f76255add0d79b58c89ecbd3335b73a8333b0f3ee272bba839baecf838371a18ec59322a506af0823bb5d14ff96e8f1350af

  • SSDEEP

    98304:xwFC+e1UOteFp0IpTX/RCwF9tpyB96TrBhxCheHd00X08pT:xwFC9fteU56rpkUBhxC8HCm

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-03-10_d40f484e42344e80f33b086974c960e5_magniber

    • Size

      5.4MB

    • MD5

      d40f484e42344e80f33b086974c960e5

    • SHA1

      435209f34bd2368b0f99981d731ae7c02b31f4f1

    • SHA256

      6441f71fabb6bfc51ae69ed5029abd3093291c7fc31ca16d7f820f193d8875c0

    • SHA512

      eeee5906961a771fcf8caf6a9899f76255add0d79b58c89ecbd3335b73a8333b0f3ee272bba839baecf838371a18ec59322a506af0823bb5d14ff96e8f1350af

    • SSDEEP

      98304:xwFC+e1UOteFp0IpTX/RCwF9tpyB96TrBhxCheHd00X08pT:xwFC9fteU56rpkUBhxC8HCm

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • UPX dump on OEP (original entry point)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks