General
-
Target
2024-04-29_4e42b3ade18ab268553e676ef05ff4e7_magniber
-
Size
8.8MB
-
Sample
240429-yclcbsba24
-
MD5
4e42b3ade18ab268553e676ef05ff4e7
-
SHA1
16bab4e5f73cf8fda1d976447c124200e1f4dd03
-
SHA256
14cb8bf391e4e0868fc10179ab620db667fa2dccc8b48ae91341bb55cfc61884
-
SHA512
65fe7a851853133fdd56e199197cc9bfe7a08e0ab4de2a00719b05f025e85bc7d7d9c16917ecb7f9de22ab5b01c834f2a7cf9f852b9f54834d07a55f54a0c1e3
-
SSDEEP
196608:YSFMKCIpPnswNIrIE22s/uAxJDdbb+tUW2dVjLqExr:YSFMVGnsRrIiwucdH4UTdVj
Malware Config
Targets
-
-
Target
2024-04-29_4e42b3ade18ab268553e676ef05ff4e7_magniber
-
Size
8.8MB
-
MD5
4e42b3ade18ab268553e676ef05ff4e7
-
SHA1
16bab4e5f73cf8fda1d976447c124200e1f4dd03
-
SHA256
14cb8bf391e4e0868fc10179ab620db667fa2dccc8b48ae91341bb55cfc61884
-
SHA512
65fe7a851853133fdd56e199197cc9bfe7a08e0ab4de2a00719b05f025e85bc7d7d9c16917ecb7f9de22ab5b01c834f2a7cf9f852b9f54834d07a55f54a0c1e3
-
SSDEEP
196608:YSFMKCIpPnswNIrIE22s/uAxJDdbb+tUW2dVjLqExr:YSFMVGnsRrIiwucdH4UTdVj
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-