Overview

overview

10

Static

static

1

2025-03-24...er.exe

windows7-x64

10

2025-03-24...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-24_be9e4cfe416c5d90f4c2f78dd2acc9e3_hijackloader_magniber

  • Size

    21.1MB

  • Sample

    250324-fvmc8ssjt6

  • MD5

    be9e4cfe416c5d90f4c2f78dd2acc9e3

  • SHA1

    170a12100ef7dcee69b5e22a07c3d65a5372c8da

  • SHA256

    a8d8760c87b1a9f76c193207a1c3d74479ced6a91f07139f582687d89ec00372

  • SHA512

    b19a4d891ddc28ee2423cc29a999c6f65ef7989008ac667db690d486889265aae1bb98e53984195892dc9301dd957c8ef66c79a86853173f005c2c8418aced54

  • SSDEEP

    393216:jh0gBOBtWbjDtr+xcK0PMRWDLJ8eZJhjdTR0kkBvE4v5SurkQD56f6RQk0+pZYIC:igBOvavxJtZjFRz6s44uLDmsQk0IZYT

Score
10/10
banloaddefense_evasiondiscoverydownloaderdroppertrojan

Malware Config

Targets

    • Target

      2025-03-24_be9e4cfe416c5d90f4c2f78dd2acc9e3_hijackloader_magniber

    • Size

      21.1MB

    • MD5

      be9e4cfe416c5d90f4c2f78dd2acc9e3

    • SHA1

      170a12100ef7dcee69b5e22a07c3d65a5372c8da

    • SHA256

      a8d8760c87b1a9f76c193207a1c3d74479ced6a91f07139f582687d89ec00372

    • SHA512

      b19a4d891ddc28ee2423cc29a999c6f65ef7989008ac667db690d486889265aae1bb98e53984195892dc9301dd957c8ef66c79a86853173f005c2c8418aced54

    • SSDEEP

      393216:jh0gBOBtWbjDtr+xcK0PMRWDLJ8eZJhjdTR0kkBvE4v5SurkQD56f6RQk0+pZYIC:igBOvavxJtZjFRz6s44uLDmsQk0IZYT

    Score
    10/10
    banloaddefense_evasiondiscoverydownloaderdroppertrojan

    • Banload

      Banload variants download malicious files, then install and execute the files.

      trojandropperdownloaderbanload

    • Banload family

      banload

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      defense_evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks