Overview

overview

9

Static

static

3

2024-04-25...il.exe

windows7-x64

9

2024-04-25...il.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-25_a114f6b8e5bc2b1c61ec685e04939eb9_magniber_revil

  • Size

    16.3MB

  • Sample

    240425-jn78xagh83

  • MD5

    a114f6b8e5bc2b1c61ec685e04939eb9

  • SHA1

    3325809cf00427ec4afd8a38b533ad8470a6645b

  • SHA256

    624f1b6120a37ab6e163e5db80d2d4098a705f91f0a50ad6779cabf9b0ca1dcb

  • SHA512

    eb356c53707fa05fea9e0955dc15995806d53b70511901931837b6a5a2a1177e7c896c315089ed95660d33bd34101616ede6fd534aba463ce5baea8906102de8

  • SSDEEP

    196608:dNym2iBYGfsV3A+DyBQuEAbKqM+XYuqS4O7NADtV6v+AqL16bLMD+cpvJ/4H3nmb:dN4H3X28ZE7JqLobLMFgXnU7sElly

Score
9/10
evasion

Malware Config

Targets

    • Target

      2024-04-25_a114f6b8e5bc2b1c61ec685e04939eb9_magniber_revil

    • Size

      16.3MB

    • MD5

      a114f6b8e5bc2b1c61ec685e04939eb9

    • SHA1

      3325809cf00427ec4afd8a38b533ad8470a6645b

    • SHA256

      624f1b6120a37ab6e163e5db80d2d4098a705f91f0a50ad6779cabf9b0ca1dcb

    • SHA512

      eb356c53707fa05fea9e0955dc15995806d53b70511901931837b6a5a2a1177e7c896c315089ed95660d33bd34101616ede6fd534aba463ce5baea8906102de8

    • SSDEEP

      196608:dNym2iBYGfsV3A+DyBQuEAbKqM+XYuqS4O7NADtV6v+AqL16bLMD+cpvJ/4H3nmb:dN4H3X28ZE7JqLobLMFgXnU7sElly

    Score
    9/10
    evasion

    • Looks for VirtualBox Guest Additions in registry

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Query Registry

1
T1012

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks