General
-
Target
2024-11-10_5d4624fcd841404099555d709485babc_hijackloader_luca-stealer_magniber_poet-rat
-
Size
28.5MB
-
Sample
241110-bw2r4awhke
-
MD5
5d4624fcd841404099555d709485babc
-
SHA1
3d661939fb9cee36699f72ce4dc8839b4fda9a33
-
SHA256
ee7037f785ddb10b91578c9d1f9df061e5ba5b078e51820e8bc7647d6b40fd91
-
SHA512
2118d164cad0fb1cbb538fcd7f8275a373c0a87842b7073b649f3cab76e01d2566ade143887cf0b9aa76fb3f65e3bfe59cb002b6d770b6d360c897bbb75b0b27
-
SSDEEP
393216:UtEBzLXJsv6tWKFdu9C9WHfePHkZmyTtvkJJhddL1ugGFPO2bacIGxfRu8/aJHYJ:JzyS+eC5rzgKQ2ikj
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-10_5d4624fcd841404099555d709485babc_hijackloader_luca-stealer_magniber_poet-rat.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-11-10_5d4624fcd841404099555d709485babc_hijackloader_luca-stealer_magniber_poet-rat.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-11-10_5d4624fcd841404099555d709485babc_hijackloader_luca-stealer_magniber_poet-rat
-
Size
28.5MB
-
MD5
5d4624fcd841404099555d709485babc
-
SHA1
3d661939fb9cee36699f72ce4dc8839b4fda9a33
-
SHA256
ee7037f785ddb10b91578c9d1f9df061e5ba5b078e51820e8bc7647d6b40fd91
-
SHA512
2118d164cad0fb1cbb538fcd7f8275a373c0a87842b7073b649f3cab76e01d2566ade143887cf0b9aa76fb3f65e3bfe59cb002b6d770b6d360c897bbb75b0b27
-
SSDEEP
393216:UtEBzLXJsv6tWKFdu9C9WHfePHkZmyTtvkJJhddL1ugGFPO2bacIGxfRu8/aJHYJ:JzyS+eC5rzgKQ2ikj
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
1