General
-
Target
2024-05-30_416ec4a9a5c58d75144f314c22ae44f0_magniber
-
Size
1023KB
-
Sample
240530-mfjgcsfb25
-
MD5
416ec4a9a5c58d75144f314c22ae44f0
-
SHA1
bbed4e5b4257e1100a4822bffaa1a9fec86d777d
-
SHA256
c7b422bd88a6bc93ad32f33adce6969b7d5025090198e75a6cefc615c0530015
-
SHA512
cfb7024804cbc4d4eb61a4cd7d65ce185456a9df5d07ae1296568354c7012ddbefd1e998af1ebeae8b7b55b3ec0a21324a1fec8de7cf30d4ba831ff5bd71e666
-
SSDEEP
12288:80eTOmbDbOJJ0TR4u7Tgw3wonQCfrbxsoDasprSFB/gmDYYsLPp/LZp9s:80LmbD+J0lTbMWnVeFB/gAwm
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-30_416ec4a9a5c58d75144f314c22ae44f0_magniber.exe
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
2024-05-30_416ec4a9a5c58d75144f314c22ae44f0_magniber
-
Size
1023KB
-
MD5
416ec4a9a5c58d75144f314c22ae44f0
-
SHA1
bbed4e5b4257e1100a4822bffaa1a9fec86d777d
-
SHA256
c7b422bd88a6bc93ad32f33adce6969b7d5025090198e75a6cefc615c0530015
-
SHA512
cfb7024804cbc4d4eb61a4cd7d65ce185456a9df5d07ae1296568354c7012ddbefd1e998af1ebeae8b7b55b3ec0a21324a1fec8de7cf30d4ba831ff5bd71e666
-
SSDEEP
12288:80eTOmbDbOJJ0TR4u7Tgw3wonQCfrbxsoDasprSFB/gmDYYsLPp/LZp9s:80LmbD+J0lTbMWnVeFB/gAwm
-
Modifies firewall policy service
-
Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality
-
UPX dump on OEP (original entry point)
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1