Overview

overview

10

Static

static

3

2024-03-28...er.exe

windows7-x64

10

2024-03-28...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-28_e733b74413e5c27b1414ebec75473641_mafia_magniber

  • Size

    6.1MB

  • Sample

    240328-fa8ezabh98

  • MD5

    e733b74413e5c27b1414ebec75473641

  • SHA1

    3e443289a7bba66aa2ad5af528431354d1a41909

  • SHA256

    068e85adcb00bea7d201fcbaf04f0925ba91ae406e2d9458e3de588957bbe52a

  • SHA512

    b61186576c3c1332445f78dfac2ca6fbcc05d393909e94d1665bf4e8fef4ccc0bd2ddecb14a28dfc4b51fe0664fdff620727ec70fbf441230af11eb2edaffb3e

  • SSDEEP

    98304:n8GueofGTi8HhYHSzRmz1bOL+PnXcwd5pNduXx4Q6QEq34FLOAkGkzdnEVomFHKP:n8GpTizPnswnp2X+w5IFLOyomFHKnP

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-03-28_e733b74413e5c27b1414ebec75473641_mafia_magniber

    • Size

      6.1MB

    • MD5

      e733b74413e5c27b1414ebec75473641

    • SHA1

      3e443289a7bba66aa2ad5af528431354d1a41909

    • SHA256

      068e85adcb00bea7d201fcbaf04f0925ba91ae406e2d9458e3de588957bbe52a

    • SHA512

      b61186576c3c1332445f78dfac2ca6fbcc05d393909e94d1665bf4e8fef4ccc0bd2ddecb14a28dfc4b51fe0664fdff620727ec70fbf441230af11eb2edaffb3e

    • SSDEEP

      98304:n8GueofGTi8HhYHSzRmz1bOL+PnXcwd5pNduXx4Q6QEq34FLOAkGkzdnEVomFHKP:n8GpTizPnswnp2X+w5IFLOyomFHKnP

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks