General
-
Target
2024-10-16_1feb149f99f559fc0c204359a6ae4abe_magniber_revil
-
Size
15.5MB
-
Sample
241016-bmcrlszaqj
-
MD5
1feb149f99f559fc0c204359a6ae4abe
-
SHA1
e208b62afa9e3d64d467d3ffbab39df6052f6301
-
SHA256
be204886720c44fa29e5e6757f1bac479353d931c75399a58de2b3ccb7cd2834
-
SHA512
f632fd9441f8b1f8e19a4d6cf9a59daed1af38cb10a1a1c9c0a53c72930d04516434ce9087332c2567c95965b3d76e89072c658517157a7fd826fa1d228798eb
-
SSDEEP
196608:Tulbx5VjzHeMf3Xnn28luJADGD2yJrqNh+zzfNNa1G:Tulrtz13XnIODnyJrqNm
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-16_1feb149f99f559fc0c204359a6ae4abe_magniber_revil.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-10-16_1feb149f99f559fc0c204359a6ae4abe_magniber_revil.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-10-16_1feb149f99f559fc0c204359a6ae4abe_magniber_revil
-
Size
15.5MB
-
MD5
1feb149f99f559fc0c204359a6ae4abe
-
SHA1
e208b62afa9e3d64d467d3ffbab39df6052f6301
-
SHA256
be204886720c44fa29e5e6757f1bac479353d931c75399a58de2b3ccb7cd2834
-
SHA512
f632fd9441f8b1f8e19a4d6cf9a59daed1af38cb10a1a1c9c0a53c72930d04516434ce9087332c2567c95965b3d76e89072c658517157a7fd826fa1d228798eb
-
SSDEEP
196608:Tulbx5VjzHeMf3Xnn28luJADGD2yJrqNh+zzfNNa1G:Tulrtz13XnIODnyJrqNm
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1