General
-
Target
2024-08-24_e840f880132b051a8ed040859372be54_magniber
-
Size
60.4MB
-
Sample
240824-rvcdtawelq
-
MD5
e840f880132b051a8ed040859372be54
-
SHA1
518107b1def3725b3a3c9a4789d60d4b91750a32
-
SHA256
889033357b0b39731d63c3cd4511f12b99bba0d30538f20ac63823568f5bf1c3
-
SHA512
88a02e5b9e706b53007673dd3d29d575560bd886c9ecc66496a4aebecaf9cf0cae8ad4e01db7dad7811d21da664ffb9f47a4d75a1c601f99cf12c0493ed79de9
-
SSDEEP
1572864:WOXa8tDkuw1ZdKB1Oh06d/SM0RLR4blsqxgpbqd:1Zl9K4Bn6d/cR14blj6pbk
Malware Config
Targets
-
-
Target
2024-08-24_e840f880132b051a8ed040859372be54_magniber
-
Size
60.4MB
-
MD5
e840f880132b051a8ed040859372be54
-
SHA1
518107b1def3725b3a3c9a4789d60d4b91750a32
-
SHA256
889033357b0b39731d63c3cd4511f12b99bba0d30538f20ac63823568f5bf1c3
-
SHA512
88a02e5b9e706b53007673dd3d29d575560bd886c9ecc66496a4aebecaf9cf0cae8ad4e01db7dad7811d21da664ffb9f47a4d75a1c601f99cf12c0493ed79de9
-
SSDEEP
1572864:WOXa8tDkuw1ZdKB1Oh06d/SM0RLR4blsqxgpbqd:1Zl9K4Bn6d/cR14blj6pbk
Score6/10-
Downloads MZ/PE file
-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
3Change Default File Association
1Component Object Model Hijacking
1Image File Execution Options Injection
1Privilege Escalation
Event Triggered Execution
3Change Default File Association
1Component Object Model Hijacking
1Image File Execution Options Injection
1