49a7da479709e9a3dedf606e8c1c3ed1117646a9a05cf3422c37d5e95b936fff | Triage

Sharing

General

Target

2024-09-03_ac93ccb5d00c75cdea50107f824e8fd6_magniber_revil
Size

5.7MB
Sample

240903-btl9mashpm
MD5

ac93ccb5d00c75cdea50107f824e8fd6
SHA1

d76ef366607b2f8758b641a7279101158e40a83a
SHA256

49a7da479709e9a3dedf606e8c1c3ed1117646a9a05cf3422c37d5e95b936fff
SHA512

5b5b7b462d930f22f7f1579f4b633f910e92ae220981b374bad29bba543aeedb4333a61edc28ac7be422a94f3c8d193452468c958b836eddae48752381e126c4
SSDEEP

98304:j/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7NmFkVy:mMD+cpvJ/4H3nmghWoa/fsysMF4JD85h

Score

9^/10

discovery evasion

Malware Config

Targets

- Target
  
  2024-09-03_ac93ccb5d00c75cdea50107f824e8fd6_magniber_revil
- Size
  
  5.7MB
- MD5
  
  ac93ccb5d00c75cdea50107f824e8fd6
- SHA1
  
  d76ef366607b2f8758b641a7279101158e40a83a
- SHA256
  
  49a7da479709e9a3dedf606e8c1c3ed1117646a9a05cf3422c37d5e95b936fff
- SHA512
  
  5b5b7b462d930f22f7f1579f4b633f910e92ae220981b374bad29bba543aeedb4333a61edc28ac7be422a94f3c8d193452468c958b836eddae48752381e126c4
- SSDEEP
  
  98304:j/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7NmFkVy:mMD+cpvJ/4H3nmghWoa/fsysMF4JD85h
Score

9^/10

discovery evasion
- Looks for VirtualBox Guest Additions in registry
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2