General

  • Target

    2024-04-07_c5041f18daf9859ba83f312f1097dd5a_mafia_magniber

  • Size

    11.0MB

  • Sample

    240407-fbkejadg47

  • MD5

    c5041f18daf9859ba83f312f1097dd5a

  • SHA1

    6c0e87870972ded6e1b830c4705b4e5a78195308

  • SHA256

    52e276fbe0fc3a09e3a1c8cca033d73f3849b888af39d9e10b3b4c6586ceb2bb

  • SHA512

    81c6aff477518c45ca990b212b1c70f4b00be15b8074fab651e748ec4f04e05a11c2f6a926bce31ab36540f84266815658320bb611e894c8a59ed050bd2a6563

  • SSDEEP

    196608:cV2Cr8jHw8QzpFiTUW5Ecm4+4S43cPAf8jE6mvDriWMb92K:3GkHwtZGmx49cPAkjADrnMbUK

Malware Config

Targets

    • Target

      2024-04-07_c5041f18daf9859ba83f312f1097dd5a_mafia_magniber

    • Size

      11.0MB

    • MD5

      c5041f18daf9859ba83f312f1097dd5a

    • SHA1

      6c0e87870972ded6e1b830c4705b4e5a78195308

    • SHA256

      52e276fbe0fc3a09e3a1c8cca033d73f3849b888af39d9e10b3b4c6586ceb2bb

    • SHA512

      81c6aff477518c45ca990b212b1c70f4b00be15b8074fab651e748ec4f04e05a11c2f6a926bce31ab36540f84266815658320bb611e894c8a59ed050bd2a6563

    • SSDEEP

      196608:cV2Cr8jHw8QzpFiTUW5Ecm4+4S43cPAf8jE6mvDriWMb92K:3GkHwtZGmx49cPAkjADrnMbUK

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks