Overview

overview

10

Static

static

10

2024-06-27...ot.exe

windows7-x64

7

2024-06-27...ot.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-27_6430e9ec7e8c1fb1e7a78b73932419bc_magniber_qakbot

  • Size

    5.7MB

  • Sample

    240627-g8ee8ayhjp

  • MD5

    6430e9ec7e8c1fb1e7a78b73932419bc

  • SHA1

    b5d1b1cc515bd623f9866e1de040a2a73c753420

  • SHA256

    773857db776e83d1d4cc43ebb1d9ab67b6de3e14ddb8a413c757557b4ad3dd23

  • SHA512

    4243aa6ec4281ea2808bcf070fa50eb510b82fc3cc2455699a15da1b0464600acece38a67f8797aa5c8d4831ff138e05ebde0f520f687f8e48680709875b82eb

  • SSDEEP

    98304:HskDP1dOcdwJeV/ztZBe91oiImuUiK9N9EGQKF9BSHLr7a3:LOtS/hwkmg4EdLrO3

Score
10/10
blackmoonpersistence

Malware Config

Targets

    • Target

      2024-06-27_6430e9ec7e8c1fb1e7a78b73932419bc_magniber_qakbot

    • Size

      5.7MB

    • MD5

      6430e9ec7e8c1fb1e7a78b73932419bc

    • SHA1

      b5d1b1cc515bd623f9866e1de040a2a73c753420

    • SHA256

      773857db776e83d1d4cc43ebb1d9ab67b6de3e14ddb8a413c757557b4ad3dd23

    • SHA512

      4243aa6ec4281ea2808bcf070fa50eb510b82fc3cc2455699a15da1b0464600acece38a67f8797aa5c8d4831ff138e05ebde0f520f687f8e48680709875b82eb

    • SSDEEP

      98304:HskDP1dOcdwJeV/ztZBe91oiImuUiK9N9EGQKF9BSHLr7a3:LOtS/hwkmg4EdLrO3

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks