78b0ca77e1cef42c2d9492815f287f8e84e501ff79ddad8207a97d918fc3bf19 | Triage

Sharing

General

Target

2024-05-24_4bb5c9c02dd46f00e0eebfb524ec081a_magniber
Size

1.2MB
Sample

240524-2pf5xsea73
MD5

4bb5c9c02dd46f00e0eebfb524ec081a
SHA1

763341848a473c81eb1a0f4b8c8fdfabac88ad2f
SHA256

78b0ca77e1cef42c2d9492815f287f8e84e501ff79ddad8207a97d918fc3bf19
SHA512

03853c25326d9d965d0919cd1a3926f3f71b3cc0993e7c0bd61a8ae9aa3b5ab9080d4a30371ae475da4318581ac844d6a06bbc48dbde5a63ff97a3a1a8e86666
SSDEEP

24576:7n+kUERV2SQP2gggg8oGhPnX4pz/ZFoR83j4e4i1N6Iz:bDBRBgggg8JnX4pz4u30e4k6Iz

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  2024-05-24_4bb5c9c02dd46f00e0eebfb524ec081a_magniber
- Size
  
  1.2MB
- MD5
  
  4bb5c9c02dd46f00e0eebfb524ec081a
- SHA1
  
  763341848a473c81eb1a0f4b8c8fdfabac88ad2f
- SHA256
  
  78b0ca77e1cef42c2d9492815f287f8e84e501ff79ddad8207a97d918fc3bf19
- SHA512
  
  03853c25326d9d965d0919cd1a3926f3f71b3cc0993e7c0bd61a8ae9aa3b5ab9080d4a30371ae475da4318581ac844d6a06bbc48dbde5a63ff97a3a1a8e86666
- SSDEEP
  
  24576:7n+kUERV2SQP2gggg8oGhPnX4pz/ZFoR83j4e4i1N6Iz:bDBRBgggg8JnX4pz4u30e4k6Iz
Score

6^/10

bootkit persistence
- Checks for any installed AV software in registry
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Software Discovery

Security Software Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence