Overview

overview

10

Static

static

3

2024-05-20...er.exe

windows7-x64

10

2024-05-20...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-20_14146883a3edc4077a23497dcc321ca5_mafia_magniber

  • Size

    6.1MB

  • Sample

    240520-f25s6aea9w

  • MD5

    14146883a3edc4077a23497dcc321ca5

  • SHA1

    0826326dc1840cf4699a5bed33e3927b91941df8

  • SHA256

    f195e4debb63bf188c34c24a1a95843f73c85ee462821d99f920de9f764a577f

  • SHA512

    939b543e9f32536f015913ea6ac4945371b311d0c13b129f8b3f1a49f98fdd45a01329017c5f772f316e69264a57107ca62c279d169a5dda930f32650d218787

  • SSDEEP

    98304:j8GuabX5ItnbvQ9HSzRmz1bOL+PnXcwfniYhGsP8kzBA806FLOAkGkzdnEVomFHo:j8GLitnGPnswvZ5A8TFLOyomFHKnP

Score
10/10
banloaddownloaderdropperevasiontrojan

Malware Config

Targets

    • Target

      2024-05-20_14146883a3edc4077a23497dcc321ca5_mafia_magniber

    • Size

      6.1MB

    • MD5

      14146883a3edc4077a23497dcc321ca5

    • SHA1

      0826326dc1840cf4699a5bed33e3927b91941df8

    • SHA256

      f195e4debb63bf188c34c24a1a95843f73c85ee462821d99f920de9f764a577f

    • SHA512

      939b543e9f32536f015913ea6ac4945371b311d0c13b129f8b3f1a49f98fdd45a01329017c5f772f316e69264a57107ca62c279d169a5dda930f32650d218787

    • SSDEEP

      98304:j8GuabX5ItnbvQ9HSzRmz1bOL+PnXcwfniYhGsP8kzBA806FLOAkGkzdnEVomFHo:j8GLitnGPnswvZ5A8TFLOyomFHKnP

    Score
    10/10
    banloaddownloaderdropperevasiontrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks