cdcaa4a5c0a620047b45b49968c30bf26a57834e7a6489fe3026a8d99b7f5cbf | Triage

Sharing

General

Target

2024-04-29_c16f00308248ddaa94e75fdbc8ec490e_bkransomware_magniber
Size

6.7MB
Sample

240429-frzjdsbf3w
MD5

c16f00308248ddaa94e75fdbc8ec490e
SHA1

01e25e544d310d3b930b17855743b1f05f8b9479
SHA256

cdcaa4a5c0a620047b45b49968c30bf26a57834e7a6489fe3026a8d99b7f5cbf
SHA512

0a4ba3a564149f5afe8d5bd61f26083190c02dc9c22959d93f5444716a40c531ed32c00d98581d26fe1ea69713b27fe19189123f109899c070ff6a5e8b5b9cc1
SSDEEP

98304:4/AH+HGh2ZzVlvoFAvyIwZ8UX8Un8UXgeEeg/uI:hH/QBJE8UX8Un8UhI

Score

6^/10

Malware Config

Targets

- Target
  
  2024-04-29_c16f00308248ddaa94e75fdbc8ec490e_bkransomware_magniber
- Size
  
  6.7MB
- MD5
  
  c16f00308248ddaa94e75fdbc8ec490e
- SHA1
  
  01e25e544d310d3b930b17855743b1f05f8b9479
- SHA256
  
  cdcaa4a5c0a620047b45b49968c30bf26a57834e7a6489fe3026a8d99b7f5cbf
- SHA512
  
  0a4ba3a564149f5afe8d5bd61f26083190c02dc9c22959d93f5444716a40c531ed32c00d98581d26fe1ea69713b27fe19189123f109899c070ff6a5e8b5b9cc1
- SSDEEP
  
  98304:4/AH+HGh2ZzVlvoFAvyIwZ8UX8Un8UXgeEeg/uI:hH/QBJE8UX8Un8UhI
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2