General

  • Target

    2024-06-04_de0e927a33ec54cdc2744c93d840211c_darkgate_magniber

  • Size

    13.3MB

  • Sample

    240604-n4ezhsfc9y

  • MD5

    de0e927a33ec54cdc2744c93d840211c

  • SHA1

    5c27c491923b3c7a4b9a4929d94d65cd6bc2622d

  • SHA256

    d91638fba1522225fd6bfad05302c9e389cd0028322a39e56535b1a8c935d9b3

  • SHA512

    04087f422eda8a7f6e18e16729123610d7821e4e365be7cb99a87e1487f356535f2d2fb0543bd6b49d7d063a0c26da9e7f841998e4ef9c8a8d34079f7c9fcba8

  • SSDEEP

    393216:QxPbSymvFxZ1IXAscUc/A86MarEC1uRNiZ:kNmNxZCXAGc4XMkyNiZ

Score
7/10

Malware Config

Targets

    • Target

      2024-06-04_de0e927a33ec54cdc2744c93d840211c_darkgate_magniber

    • Size

      13.3MB

    • MD5

      de0e927a33ec54cdc2744c93d840211c

    • SHA1

      5c27c491923b3c7a4b9a4929d94d65cd6bc2622d

    • SHA256

      d91638fba1522225fd6bfad05302c9e389cd0028322a39e56535b1a8c935d9b3

    • SHA512

      04087f422eda8a7f6e18e16729123610d7821e4e365be7cb99a87e1487f356535f2d2fb0543bd6b49d7d063a0c26da9e7f841998e4ef9c8a8d34079f7c9fcba8

    • SSDEEP

      393216:QxPbSymvFxZ1IXAscUc/A86MarEC1uRNiZ:kNmNxZCXAGc4XMkyNiZ

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks