General

  • Target

    2024-03-22_8143ff3df89bc88853926273d0faec97_mafia_magniber

  • Size

    3.6MB

  • Sample

    240322-cxn33ahe2s

  • MD5

    8143ff3df89bc88853926273d0faec97

  • SHA1

    e143d4b78b9aa8f4ae9f67571235001240ef8526

  • SHA256

    70e493bcb0d1304960b901de3e5701f7c2fc1e2048c25ca23189b01b0af191bf

  • SHA512

    02742a0928806bff571e8bc2c315fe7f1167e2aeb835c77d8493f52f4734892b86b5913de33fdb7a65f9ccaf4f0868fc07c41ddde686dfcd8931abf7034b0b22

  • SSDEEP

    98304:JVaEu72cQA+Lb1IXPtQA2/Pr2XT0PosN85/hAJ:JVaEktQAB/e/Pr2XT0N+bAJ

Malware Config

Targets

    • Target

      2024-03-22_8143ff3df89bc88853926273d0faec97_mafia_magniber

    • Size

      3.6MB

    • MD5

      8143ff3df89bc88853926273d0faec97

    • SHA1

      e143d4b78b9aa8f4ae9f67571235001240ef8526

    • SHA256

      70e493bcb0d1304960b901de3e5701f7c2fc1e2048c25ca23189b01b0af191bf

    • SHA512

      02742a0928806bff571e8bc2c315fe7f1167e2aeb835c77d8493f52f4734892b86b5913de33fdb7a65f9ccaf4f0868fc07c41ddde686dfcd8931abf7034b0b22

    • SSDEEP

      98304:JVaEu72cQA+Lb1IXPtQA2/Pr2XT0PosN85/hAJ:JVaEktQAB/e/Pr2XT0N+bAJ

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks