Overview

overview

7

Static

static

3

2024-05-25...il.exe

windows7-x64

7

2024-05-25...il.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-25_1dd8c81067ba1975428def96d968080c_magniber_revil

  • Size

    4.8MB

  • Sample

    240525-nj5dnsfb74

  • MD5

    1dd8c81067ba1975428def96d968080c

  • SHA1

    e6c86cd5a3ecece6fc6ad2f6dd5a8bc3e9e44d83

  • SHA256

    bff1ac9bb8b210886f4c76d7218af842412c8a90cde1c229db9aaa9d91a81a2f

  • SHA512

    ba14e7ab80d6c90dedb5efcfa9a84158c6ad429afde8557a82cff923dfabfd9353ec70e47397ee414435f43b6a0d50365861e05116eb64e132dae1487226a65b

  • SSDEEP

    98304:UPTxnEk+I2PGAbhRiCu/CVUdVEy9qMBNP/qxct8q7zTILXWBFXF3Uw:u+7k4UdVEy9qMBNLtTWa7Uw

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      2024-05-25_1dd8c81067ba1975428def96d968080c_magniber_revil

    • Size

      4.8MB

    • MD5

      1dd8c81067ba1975428def96d968080c

    • SHA1

      e6c86cd5a3ecece6fc6ad2f6dd5a8bc3e9e44d83

    • SHA256

      bff1ac9bb8b210886f4c76d7218af842412c8a90cde1c229db9aaa9d91a81a2f

    • SHA512

      ba14e7ab80d6c90dedb5efcfa9a84158c6ad429afde8557a82cff923dfabfd9353ec70e47397ee414435f43b6a0d50365861e05116eb64e132dae1487226a65b

    • SSDEEP

      98304:UPTxnEk+I2PGAbhRiCu/CVUdVEy9qMBNP/qxct8q7zTILXWBFXF3Uw:u+7k4UdVEy9qMBNLtTWa7Uw

    Score
    7/10
    bootkitpersistence

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks