4aa5df24a7c722adfe826ff18a6c68a6b3b384a8a69718a7a3c7719a7a0166f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-01_62a615b193c192b0bdb61f8dac38af42_magniber
Size

4.8MB
Sample

240901-msfw1ayfrd
MD5

62a615b193c192b0bdb61f8dac38af42
SHA1

ef603496c0e1b1e5bbebd96a4d9d92a776ee7789
SHA256

4aa5df24a7c722adfe826ff18a6c68a6b3b384a8a69718a7a3c7719a7a0166f2
SHA512

28e31b1aab7800cfa0d48e7cb7a4d026b452ce8b2d2cfd257d4d95430925091dac1dec222aef60d9c6defe22374f493b4aaee4e7855180cad10a83416f2ea517
SSDEEP

98304:JVeM4VwHuokyfz8PGcx2HynIiprw0F80XZqPB:/AVwDkx2SnIe84qPB

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  2024-09-01_62a615b193c192b0bdb61f8dac38af42_magniber
- Size
  
  4.8MB
- MD5
  
  62a615b193c192b0bdb61f8dac38af42
- SHA1
  
  ef603496c0e1b1e5bbebd96a4d9d92a776ee7789
- SHA256
  
  4aa5df24a7c722adfe826ff18a6c68a6b3b384a8a69718a7a3c7719a7a0166f2
- SHA512
  
  28e31b1aab7800cfa0d48e7cb7a4d026b452ce8b2d2cfd257d4d95430925091dac1dec222aef60d9c6defe22374f493b4aaee4e7855180cad10a83416f2ea517
- SSDEEP
  
  98304:JVeM4VwHuokyfz8PGcx2HynIiprw0F80XZqPB:/AVwDkx2SnIe84qPB
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence