General

  • Target

    2024-05-09_845044d1516228849dac63a07162884c_magniber_revil_zxxz

  • Size

    24.3MB

  • Sample

    240509-xetaaacc59

  • MD5

    845044d1516228849dac63a07162884c

  • SHA1

    364ccf2194cf9cb04c861a36bfe12b0dc6689c64

  • SHA256

    21e150da18a14da440998f6411d177034a45d2c40b8612498922e91b22994fa3

  • SHA512

    c986e59bb96d97a8620dca82abe884a5e1202493d593701d088db7e0a68085a90febb8e115d5ab1c35cb92e48b1dcdc58b7297661a7cedb7ca66eb107ea86755

  • SSDEEP

    196608:QP0Hj6JigboXZDwqY8a/qVwsEXX1KOgCu3JK1Op3H2SAmGcWqnlv018jBYS:QPboGX8a/jWWu3cI2D/cWcls1A

Malware Config

Targets

    • Target

      2024-05-09_845044d1516228849dac63a07162884c_magniber_revil_zxxz

    • Size

      24.3MB

    • MD5

      845044d1516228849dac63a07162884c

    • SHA1

      364ccf2194cf9cb04c861a36bfe12b0dc6689c64

    • SHA256

      21e150da18a14da440998f6411d177034a45d2c40b8612498922e91b22994fa3

    • SHA512

      c986e59bb96d97a8620dca82abe884a5e1202493d593701d088db7e0a68085a90febb8e115d5ab1c35cb92e48b1dcdc58b7297661a7cedb7ca66eb107ea86755

    • SSDEEP

      196608:QP0Hj6JigboXZDwqY8a/qVwsEXX1KOgCu3JK1Op3H2SAmGcWqnlv018jBYS:QPboGX8a/jWWu3cI2D/cWcls1A

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks