0482177f998308973fb29e4291879c4933a0e4298d37a8faa91e5a2f3e413fb0 | Triage

Sharing

General

Target

2024-06-27_1808d21d28904f2e358e59ccdbb7a826_magniber_revil
Size

5.7MB
Sample

240627-kmklwsverp
MD5

1808d21d28904f2e358e59ccdbb7a826
SHA1

0fca765eea33d6c3ae224348738f13a5d73aed0b
SHA256

0482177f998308973fb29e4291879c4933a0e4298d37a8faa91e5a2f3e413fb0
SHA512

080852b050ed9d15548c51ba0508286e87d16288111324290dc7af4f6cb5edb182bc050dc0ca6064dd9ad6a3c8305670b89e9d28543b640672cce424618c101a
SSDEEP

98304:b/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7NmZkVK:uMD+cpvJ/4H3nmghWoa/fsysMF4JD85V

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  2024-06-27_1808d21d28904f2e358e59ccdbb7a826_magniber_revil
- Size
  
  5.7MB
- MD5
  
  1808d21d28904f2e358e59ccdbb7a826
- SHA1
  
  0fca765eea33d6c3ae224348738f13a5d73aed0b
- SHA256
  
  0482177f998308973fb29e4291879c4933a0e4298d37a8faa91e5a2f3e413fb0
- SHA512
  
  080852b050ed9d15548c51ba0508286e87d16288111324290dc7af4f6cb5edb182bc050dc0ca6064dd9ad6a3c8305670b89e9d28543b640672cce424618c101a
- SSDEEP
  
  98304:b/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7NmZkVK:uMD+cpvJ/4H3nmghWoa/fsysMF4JD85V
Score

9^/10

evasion
- Looks for VirtualBox Guest Additions in registry
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2