a2ff57e7773623cc09f98fbe0e8706d40bce2275c2f16a74aaa0bc967b770777 | Triage

Sharing

General

Target

2024-06-14_4d27d0395f05261bc5ffc5dfdfba9e3e_magniber
Size

4.6MB
Sample

240614-ld769svana
MD5

4d27d0395f05261bc5ffc5dfdfba9e3e
SHA1

64b3f03ef500b0fabe7ee2cc7a7d8bef41df57c2
SHA256

a2ff57e7773623cc09f98fbe0e8706d40bce2275c2f16a74aaa0bc967b770777
SHA512

3bc197dfe385a634a4c37555dbed27658a1e9e3844e69a0420e748cc88fd0100550931cf7820f8a857705aa8a84e3c2e38e79da1ef2736c82511f7ef6a4dbc4d
SSDEEP

49152:+Sd/SmMp/luXDffWTCcAt0ZqJEK8AbYMsYzOMsT43QTE6gUN:k/UcAt0oJ0A3sYqM93wi

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  2024-06-14_4d27d0395f05261bc5ffc5dfdfba9e3e_magniber
- Size
  
  4.6MB
- MD5
  
  4d27d0395f05261bc5ffc5dfdfba9e3e
- SHA1
  
  64b3f03ef500b0fabe7ee2cc7a7d8bef41df57c2
- SHA256
  
  a2ff57e7773623cc09f98fbe0e8706d40bce2275c2f16a74aaa0bc967b770777
- SHA512
  
  3bc197dfe385a634a4c37555dbed27658a1e9e3844e69a0420e748cc88fd0100550931cf7820f8a857705aa8a84e3c2e38e79da1ef2736c82511f7ef6a4dbc4d
- SSDEEP
  
  49152:+Sd/SmMp/luXDffWTCcAt0ZqJEK8AbYMsYzOMsT43QTE6gUN:k/UcAt0oJ0A3sYqM93wi
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2