Magniber Ransomware’s Relaunch Technique - ASEC BLOG
Tags
| attack-pattern: | Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Msiexec - T1218.007 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | aa52a4b5-9693-4656-ae7f-8d806d591f32 |
| Fingerprint | be532469edf78f8d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 24, 2023, 8:10 a.m. |
| Added to db | Feb. 24, 2023, 1:21 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Magniber Ransomware’s Relaunch Technique |
| Title | Magniber Ransomware’s Relaunch Technique - ASEC BLOG |
| Detected Hints/Tags/Attributes | 25/1/12 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/en/48312/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 17 | ✔ | ASEC | https://asec.ahnlab.com/en/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 269 | msiexec.exe |
|
| Details | md5 | 4 | 35c3743df22ea0de26aeac37a88da1c9 |
|
| Details | md5 | 4 | 0723b125887e632bd2203680b75efb57 |
|
| Details | md5 | 4 | 1484d68f70fca635fa36bdf6d0493fbf |
|
| Details | md5 | 4 | fad8957047b31c13ac7ae4f72c4775d4 |
|
| Details | md5 | 4 | aa4c28fb3cd600745aa0abd616b2b128 |
|
| Details | md5 | 4 | c32d55881a9290267ddbe7005b12b6b8 |
|
| Details | md5 | 4 | bd952ad584866bcd4454a3385b615c74 |
|
| Details | md5 | 4 | be1fbf7bf36efcf84a604da24b93d97f |
|
| Details | md5 | 4 | 162d6827d206fbab285c09b518f30ec9 |
|
| Details | md5 | 4 | 65ac438561b3a415876dff89d2804a13 |
|
| Details | Windows Registry Key | 112 | HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |