General
-
Target
2024-03-22_8143ff3df89bc88853926273d0faec97_mafia_magniber
-
Size
3.6MB
-
Sample
240322-cxn33ahe2s
-
MD5
8143ff3df89bc88853926273d0faec97
-
SHA1
e143d4b78b9aa8f4ae9f67571235001240ef8526
-
SHA256
70e493bcb0d1304960b901de3e5701f7c2fc1e2048c25ca23189b01b0af191bf
-
SHA512
02742a0928806bff571e8bc2c315fe7f1167e2aeb835c77d8493f52f4734892b86b5913de33fdb7a65f9ccaf4f0868fc07c41ddde686dfcd8931abf7034b0b22
-
SSDEEP
98304:JVaEu72cQA+Lb1IXPtQA2/Pr2XT0PosN85/hAJ:JVaEktQAB/e/Pr2XT0N+bAJ
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-22_8143ff3df89bc88853926273d0faec97_mafia_magniber.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-22_8143ff3df89bc88853926273d0faec97_mafia_magniber.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-22_8143ff3df89bc88853926273d0faec97_mafia_magniber
-
Size
3.6MB
-
MD5
8143ff3df89bc88853926273d0faec97
-
SHA1
e143d4b78b9aa8f4ae9f67571235001240ef8526
-
SHA256
70e493bcb0d1304960b901de3e5701f7c2fc1e2048c25ca23189b01b0af191bf
-
SHA512
02742a0928806bff571e8bc2c315fe7f1167e2aeb835c77d8493f52f4734892b86b5913de33fdb7a65f9ccaf4f0868fc07c41ddde686dfcd8931abf7034b0b22
-
SSDEEP
98304:JVaEu72cQA+Lb1IXPtQA2/Pr2XT0PosN85/hAJ:JVaEktQAB/e/Pr2XT0N+bAJ
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-