General

  • Target

    2024-03-30_50ca3439b38ccb9a35a6a7a3424cd786_mafia_magniber

  • Size

    10.9MB

  • Sample

    240330-fga32shb51

  • MD5

    50ca3439b38ccb9a35a6a7a3424cd786

  • SHA1

    4112722ac2c30545155d966e0a249853f31a7c7f

  • SHA256

    592359752863a45afe197baade8aeafab75de18712a5709b4fde690f0327c8f2

  • SHA512

    02a81548d7b31b4fe14e7e86a6ff54750cafbff5a4db2765767d8f4f07bb365b61947d95d29a37022465676611edc7bf1f07241dda4df9fece79971b1770937d

  • SSDEEP

    196608:zu8vuleDchJohmT+qw8LHFxiuV1Tasn9m3kzg4+MNdC3:zu8vuTohmT+qfPic19mMQ3

Malware Config

Targets

    • Target

      2024-03-30_50ca3439b38ccb9a35a6a7a3424cd786_mafia_magniber

    • Size

      10.9MB

    • MD5

      50ca3439b38ccb9a35a6a7a3424cd786

    • SHA1

      4112722ac2c30545155d966e0a249853f31a7c7f

    • SHA256

      592359752863a45afe197baade8aeafab75de18712a5709b4fde690f0327c8f2

    • SHA512

      02a81548d7b31b4fe14e7e86a6ff54750cafbff5a4db2765767d8f4f07bb365b61947d95d29a37022465676611edc7bf1f07241dda4df9fece79971b1770937d

    • SSDEEP

      196608:zu8vuleDchJohmT+qw8LHFxiuV1Tasn9m3kzg4+MNdC3:zu8vuTohmT+qfPic19mMQ3

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks