b73994405c1e14777a39fac998a6d6d04cbe46305a02cb24468d524ae8732f02 | Triage

Sharing

General

Target

2024-05-25_9e59da677bb0e1750261d790bfd1902a_magniber
Size

43.5MB
Sample

240525-yz7h3sgh3w
MD5

9e59da677bb0e1750261d790bfd1902a
SHA1

04bb6ce597893dbe53cbc685b3d831352578f957
SHA256

b73994405c1e14777a39fac998a6d6d04cbe46305a02cb24468d524ae8732f02
SHA512

177a75872eb267e94b9389a4efefc8a6343b50aeb514a44acd0c42d8a8ce3dea0e13aa4620373f406ca7e2a1d930e9eecb7eeae1344933729152e768ef3ca1de
SSDEEP

786432:Nw8nIe84AaDI0h1kInVKyVTU+1vqdAlPbbxh/ldO9xShzjr/P6s1sl/wJc+PE:Nw8n7AL0hb4yVTU00Mj9yshz/11sl/wU

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  2024-05-25_9e59da677bb0e1750261d790bfd1902a_magniber
- Size
  
  43.5MB
- MD5
  
  9e59da677bb0e1750261d790bfd1902a
- SHA1
  
  04bb6ce597893dbe53cbc685b3d831352578f957
- SHA256
  
  b73994405c1e14777a39fac998a6d6d04cbe46305a02cb24468d524ae8732f02
- SHA512
  
  177a75872eb267e94b9389a4efefc8a6343b50aeb514a44acd0c42d8a8ce3dea0e13aa4620373f406ca7e2a1d930e9eecb7eeae1344933729152e768ef3ca1de
- SSDEEP
  
  786432:Nw8nIe84AaDI0h1kInVKyVTU+1vqdAlPbbxh/ldO9xShzjr/P6s1sl/wJc+PE:Nw8n7AL0hb4yVTU00Mj9yshz/11sl/wU
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence