General

  • Target

    2024-03-26_1071f205561637ae2d312a0081d6659f_mafia_magniber

  • Size

    2.9MB

  • Sample

    240326-b5ptwsec6x

  • MD5

    1071f205561637ae2d312a0081d6659f

  • SHA1

    d2812740726c70a79cec1a8613975405fa9ee34e

  • SHA256

    1e8c0aef4b3890923d97f1d25dc3bfa23844a7c11a6ebb4776a6e5de620eefc8

  • SHA512

    25ad8a4702abdc4cea686d97df46b8b75d9f86703178adc152a08a492b1b8098e908a76a1ab2dc297f3aca4fa3ed73a1e09bcbc535d7b560a8bdd3ffc66db59d

  • SSDEEP

    49152:BAJ3kRhgQs+3eTgfkkxYvbYfhzq4n82mCK+V4Kk1bScjcWltg0q/os/pQ:BAJURT1fkk+TW5Xm+4KXcjM0tUC

Malware Config

Targets

    • Target

      2024-03-26_1071f205561637ae2d312a0081d6659f_mafia_magniber

    • Size

      2.9MB

    • MD5

      1071f205561637ae2d312a0081d6659f

    • SHA1

      d2812740726c70a79cec1a8613975405fa9ee34e

    • SHA256

      1e8c0aef4b3890923d97f1d25dc3bfa23844a7c11a6ebb4776a6e5de620eefc8

    • SHA512

      25ad8a4702abdc4cea686d97df46b8b75d9f86703178adc152a08a492b1b8098e908a76a1ab2dc297f3aca4fa3ed73a1e09bcbc535d7b560a8bdd3ffc66db59d

    • SSDEEP

      49152:BAJ3kRhgQs+3eTgfkkxYvbYfhzq4n82mCK+V4Kk1bScjcWltg0q/os/pQ:BAJURT1fkk+TW5Xm+4KXcjM0tUC

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks