Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-09-04_11a07ae5b1c0322d338b600969f36d0f_magniber_metamorfo
-
Size
4.8MB
-
Sample
240904-xfajkavcpq
-
MD5
11a07ae5b1c0322d338b600969f36d0f
-
SHA1
0b51fabe8a2bfff2dcbd13d4b0af7737c926e51f
-
SHA256
f67c9eb3930de4c767f522915503ce71ea4dbf02a003f5d44d1261d5c0db8f0e
-
SHA512
09268b1506524b10b02136bde864a66b93e44bb254179f2c6e3d5b792ba71decbd2f6c899682e88b6144193c8952dad8d9e308a7c016d2d28310a48776d3f56b
-
SSDEEP
98304:+7IyvTgqJ/BZXxkIjPG1f5ehM/Cw/khc5FbKEQ26PVR7m6gZ1MRGNCyI5AxV300e:4bg6BZBkIAhehM/Cw/khc5FbKEV6PVRz
Malware Config
Targets
-
-
Target
2024-09-04_11a07ae5b1c0322d338b600969f36d0f_magniber_metamorfo
-
Size
4.8MB
-
MD5
11a07ae5b1c0322d338b600969f36d0f
-
SHA1
0b51fabe8a2bfff2dcbd13d4b0af7737c926e51f
-
SHA256
f67c9eb3930de4c767f522915503ce71ea4dbf02a003f5d44d1261d5c0db8f0e
-
SHA512
09268b1506524b10b02136bde864a66b93e44bb254179f2c6e3d5b792ba71decbd2f6c899682e88b6144193c8952dad8d9e308a7c016d2d28310a48776d3f56b
-
SSDEEP
98304:+7IyvTgqJ/BZXxkIjPG1f5ehM/Cw/khc5FbKEQ26PVR7m6gZ1MRGNCyI5AxV300e:4bg6BZBkIAhehM/Cw/khc5FbKEV6PVRz
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Pre-OS Boot
1Bootkit
1Defense Evasion
Modify Registry
2Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1