180811bb84b6c21ba184da02d49db7f1a74545c9a671e144dad4fec4800f77f6 | Triage

Sharing

General

Target

2024-09-08_ee11b91163a297250084f35ed62e830a_magniber
Size

36.6MB
Sample

240908-e79hvsyerc
MD5

ee11b91163a297250084f35ed62e830a
SHA1

9c282529f2d80d55ee3c9300f1979950ec000823
SHA256

180811bb84b6c21ba184da02d49db7f1a74545c9a671e144dad4fec4800f77f6
SHA512

dcbdbfae118d829aec41b6a7a57af8cb014fd3bfc0e96ac3c3fdafc07cd02446a9de6e7a736594f851ee252b54e4be14d2d8b5e6eecdde257d0e0f395aad0305
SSDEEP

786432:uwCnIe84qL+5ENqGHbEbsXsO0VHhEWJ4eVXiDJ:uwCn7qLTcGHobvO0XEWJ4eIDJ

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  2024-09-08_ee11b91163a297250084f35ed62e830a_magniber
- Size
  
  36.6MB
- MD5
  
  ee11b91163a297250084f35ed62e830a
- SHA1
  
  9c282529f2d80d55ee3c9300f1979950ec000823
- SHA256
  
  180811bb84b6c21ba184da02d49db7f1a74545c9a671e144dad4fec4800f77f6
- SHA512
  
  dcbdbfae118d829aec41b6a7a57af8cb014fd3bfc0e96ac3c3fdafc07cd02446a9de6e7a736594f851ee252b54e4be14d2d8b5e6eecdde257d0e0f395aad0305
- SSDEEP
  
  786432:uwCnIe84qL+5ENqGHbEbsXsO0VHhEWJ4eVXiDJ:uwCn7qLTcGHobvO0XEWJ4eIDJ
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence