General

  • Target

    2024-06-15_ca9010123910ce8fa1077666594df092_magniber_revil

  • Size

    4.3MB

  • Sample

    240615-xqxf3swall

  • MD5

    ca9010123910ce8fa1077666594df092

  • SHA1

    e00924f8d6286169804ba432251c006b1d0c9bb3

  • SHA256

    866080cead8b9024d2a05bcf0c14f970fcc772e9a8898ea05479d908bbe90fed

  • SHA512

    c396e5d3c1e3acccea5d860eb41866429dbb289cbc23e27de8895c44526968ee9ca025015eb768b7a7546a69203656efded8ac2e953b78b4987ac450cbe03aa6

  • SSDEEP

    49152:D5PigeXnpHEN1zKhYOPCP1/j283IwlgZKUxT2FHF6c9OtutF+YktHRFcbtUKA:DUpH+1+hDPS/jPlgDx2F+YwHRkeK

Malware Config

Targets

    • Target

      2024-06-15_ca9010123910ce8fa1077666594df092_magniber_revil

    • Size

      4.3MB

    • MD5

      ca9010123910ce8fa1077666594df092

    • SHA1

      e00924f8d6286169804ba432251c006b1d0c9bb3

    • SHA256

      866080cead8b9024d2a05bcf0c14f970fcc772e9a8898ea05479d908bbe90fed

    • SHA512

      c396e5d3c1e3acccea5d860eb41866429dbb289cbc23e27de8895c44526968ee9ca025015eb768b7a7546a69203656efded8ac2e953b78b4987ac450cbe03aa6

    • SSDEEP

      49152:D5PigeXnpHEN1zKhYOPCP1/j283IwlgZKUxT2FHF6c9OtutF+YktHRFcbtUKA:DUpH+1+hDPS/jPlgDx2F+YwHRkeK

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks