931dd35c105250ed7d9c408f20d01fbffc265daefcfba3f98d4d659054283669 | Triage

Sharing

General

Target

2024-06-14_2b0c4457ff9e5589f6e2f2d2dd82d507_magniber
Size

23.6MB
Sample

240614-xdreasscre
MD5

2b0c4457ff9e5589f6e2f2d2dd82d507
SHA1

f7628e5b892449fc4f86ea7ecf51ce796528c185
SHA256

931dd35c105250ed7d9c408f20d01fbffc265daefcfba3f98d4d659054283669
SHA512

9050ae8f525fc48f10e97e9fa4b8deefb638ae5ee3adce90209c6cd6e68f8f223fcdb8e9c2559240bb4be39b3ebd635915af5ae7d4fe55bc7315ec4c1e3e50ca
SSDEEP

393216:2RsEP8j2IxCBZz2IxCBZz2IxCBZqggBZZZGSGSG9qCqCq3:858j2G8Z2G8Z2G8kGSGSG9qCqCq3

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2024-06-14_2b0c4457ff9e5589f6e2f2d2dd82d507_magniber
- Size
  
  23.6MB
- MD5
  
  2b0c4457ff9e5589f6e2f2d2dd82d507
- SHA1
  
  f7628e5b892449fc4f86ea7ecf51ce796528c185
- SHA256
  
  931dd35c105250ed7d9c408f20d01fbffc265daefcfba3f98d4d659054283669
- SHA512
  
  9050ae8f525fc48f10e97e9fa4b8deefb638ae5ee3adce90209c6cd6e68f8f223fcdb8e9c2559240bb4be39b3ebd635915af5ae7d4fe55bc7315ec4c1e3e50ca
- SSDEEP
  
  393216:2RsEP8j2IxCBZz2IxCBZz2IxCBZqggBZZZGSGSG9qCqCq3:858j2G8Z2G8Z2G8kGSGSG9qCqCq3
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2