Overview

overview

7

Static

static

3

2024-04-20...il.exe

windows7-x64

7

2024-04-20...il.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-20_ad24af701d44cb0c0ac1c80ee35f83f3_magniber_revil

  • Size

    4.1MB

  • Sample

    240420-nqk9daff52

  • MD5

    ad24af701d44cb0c0ac1c80ee35f83f3

  • SHA1

    effa68b7de05e578daf596a4d40880d491b31887

  • SHA256

    d3e254b132c410302acc880ac4534b5bf0bb520982ae74e050f0563cc4afe192

  • SHA512

    74feb5a4f0746a38baa5cce790253f3f4feea5b844a4d1a93cac0ac6918926b75461da9aebfa6ed3ab5338dfa6450b38e81625384ef9d1bd3741979cc85172d2

  • SSDEEP

    98304:opa/BNVubnWGPG8hRiCu/CVUdVEy9qMBNP/qxct8q:eSum4UdVEy9qMBNLt

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      2024-04-20_ad24af701d44cb0c0ac1c80ee35f83f3_magniber_revil

    • Size

      4.1MB

    • MD5

      ad24af701d44cb0c0ac1c80ee35f83f3

    • SHA1

      effa68b7de05e578daf596a4d40880d491b31887

    • SHA256

      d3e254b132c410302acc880ac4534b5bf0bb520982ae74e050f0563cc4afe192

    • SHA512

      74feb5a4f0746a38baa5cce790253f3f4feea5b844a4d1a93cac0ac6918926b75461da9aebfa6ed3ab5338dfa6450b38e81625384ef9d1bd3741979cc85172d2

    • SSDEEP

      98304:opa/BNVubnWGPG8hRiCu/CVUdVEy9qMBNP/qxct8q:eSum4UdVEy9qMBNLt

    Score
    7/10
    bootkitpersistence

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks