General

  • Target

    2024-10-16_1feb149f99f559fc0c204359a6ae4abe_magniber_revil

  • Size

    15.5MB

  • Sample

    241016-bmcrlszaqj

  • MD5

    1feb149f99f559fc0c204359a6ae4abe

  • SHA1

    e208b62afa9e3d64d467d3ffbab39df6052f6301

  • SHA256

    be204886720c44fa29e5e6757f1bac479353d931c75399a58de2b3ccb7cd2834

  • SHA512

    f632fd9441f8b1f8e19a4d6cf9a59daed1af38cb10a1a1c9c0a53c72930d04516434ce9087332c2567c95965b3d76e89072c658517157a7fd826fa1d228798eb

  • SSDEEP

    196608:Tulbx5VjzHeMf3Xnn28luJADGD2yJrqNh+zzfNNa1G:Tulrtz13XnIODnyJrqNm

Malware Config

Targets

    • Target

      2024-10-16_1feb149f99f559fc0c204359a6ae4abe_magniber_revil

    • Size

      15.5MB

    • MD5

      1feb149f99f559fc0c204359a6ae4abe

    • SHA1

      e208b62afa9e3d64d467d3ffbab39df6052f6301

    • SHA256

      be204886720c44fa29e5e6757f1bac479353d931c75399a58de2b3ccb7cd2834

    • SHA512

      f632fd9441f8b1f8e19a4d6cf9a59daed1af38cb10a1a1c9c0a53c72930d04516434ce9087332c2567c95965b3d76e89072c658517157a7fd826fa1d228798eb

    • SSDEEP

      196608:Tulbx5VjzHeMf3Xnn28luJADGD2yJrqNh+zzfNNa1G:Tulrtz13XnIODnyJrqNm

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks for any installed AV software in registry

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks