General
-
Target
2024-06-04_de0e927a33ec54cdc2744c93d840211c_darkgate_magniber
-
Size
13.3MB
-
Sample
240604-n4ezhsfc9y
-
MD5
de0e927a33ec54cdc2744c93d840211c
-
SHA1
5c27c491923b3c7a4b9a4929d94d65cd6bc2622d
-
SHA256
d91638fba1522225fd6bfad05302c9e389cd0028322a39e56535b1a8c935d9b3
-
SHA512
04087f422eda8a7f6e18e16729123610d7821e4e365be7cb99a87e1487f356535f2d2fb0543bd6b49d7d063a0c26da9e7f841998e4ef9c8a8d34079f7c9fcba8
-
SSDEEP
393216:QxPbSymvFxZ1IXAscUc/A86MarEC1uRNiZ:kNmNxZCXAGc4XMkyNiZ
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-04_de0e927a33ec54cdc2744c93d840211c_darkgate_magniber.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-04_de0e927a33ec54cdc2744c93d840211c_darkgate_magniber.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-06-04_de0e927a33ec54cdc2744c93d840211c_darkgate_magniber
-
Size
13.3MB
-
MD5
de0e927a33ec54cdc2744c93d840211c
-
SHA1
5c27c491923b3c7a4b9a4929d94d65cd6bc2622d
-
SHA256
d91638fba1522225fd6bfad05302c9e389cd0028322a39e56535b1a8c935d9b3
-
SHA512
04087f422eda8a7f6e18e16729123610d7821e4e365be7cb99a87e1487f356535f2d2fb0543bd6b49d7d063a0c26da9e7f841998e4ef9c8a8d34079f7c9fcba8
-
SSDEEP
393216:QxPbSymvFxZ1IXAscUc/A86MarEC1uRNiZ:kNmNxZCXAGc4XMkyNiZ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1