5c46aec4468bcd0f358054adcee783eab587ba5017b1edee8881b78904623e35 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-14_06dc28c7414d3050464c253652e8cb7d_magniber_revil
Size

18.5MB
Sample

240514-xeq5xsag6v
MD5

06dc28c7414d3050464c253652e8cb7d
SHA1

072f770bebce12387eebf2e9096d186cfdb87cda
SHA256

5c46aec4468bcd0f358054adcee783eab587ba5017b1edee8881b78904623e35
SHA512

75018a2101fd20b8275d27884d1c34c8816415865cfdf81d635237b2a25b67409ed42857533d8a8dbc6fe3e7a5de30b62ea797e38454ba383a23d63db43b3878
SSDEEP

393216:H+Rf4UdVEy9qMBNLtl+H3orJHXSPyQeEeov42xZzKMsZWrEcbLXoE8yS2R5J:Uf4UdVEy9qMBNW4rJ3SPDV423kZfgP8A

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  2024-05-14_06dc28c7414d3050464c253652e8cb7d_magniber_revil
- Size
  
  18.5MB
- MD5
  
  06dc28c7414d3050464c253652e8cb7d
- SHA1
  
  072f770bebce12387eebf2e9096d186cfdb87cda
- SHA256
  
  5c46aec4468bcd0f358054adcee783eab587ba5017b1edee8881b78904623e35
- SHA512
  
  75018a2101fd20b8275d27884d1c34c8816415865cfdf81d635237b2a25b67409ed42857533d8a8dbc6fe3e7a5de30b62ea797e38454ba383a23d63db43b3878
- SSDEEP
  
  393216:H+Rf4UdVEy9qMBNLtl+H3orJHXSPyQeEeov42xZzKMsZWrEcbLXoE8yS2R5J:Uf4UdVEy9qMBNW4rJ3SPDV423kZfgP8A
Score

7^/10

bootkit persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence