Analysis
-
max time kernel
41s -
max time network
47s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
15-09-2022 06:03
Static task
static1
Behavioral task
behavioral1
Sample
SYSTEM.Security.Database.Upgrade.Win10.0.jse
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
SYSTEM.Security.Database.Upgrade.Win10.0.jse
Resource
win10v2004-20220812-en
General
-
Target
SYSTEM.Security.Database.Upgrade.Win10.0.jse
-
Size
185KB
-
MD5
f6d2fc78661b55258fb704f66c9949e4
-
SHA1
7c4608440e4afcb032890edd4deef18a0ce3c8dd
-
SHA256
6a68217b951f9655e4a7ed13fcfc4696ac5d231450fe7d2be8b6a1d71425752c
-
SHA512
9f66641f19e8046b19f7bffa056ec3e677aae853102dded94c22665381d0d2b65334c16c74d7b64df319b1518931d6ad281ad86c1fbc67ee6ba1984f67506dce
-
SSDEEP
3072:dthtQYzUz8giIajyEPeR00t/+DYhRkEIKf+6yr3S1IuIDbHBX66vPYH/J25gfgbD:z73zUz8gCjyUeihSRkCy3H36HxgbD
Malware Config
Signatures
-
Detect magniber ransomware 2 IoCs
Processes:
resource yara_rule behavioral1/memory/1272-54-0x0000000000230000-0x0000000000242000-memory.dmp family_magniber behavioral1/memory/1272-55-0x00000000051DA000-0x00000000051E5000-memory.dmp family_magniber -
Magniber Ransomware
Ransomware family widely seen in Asia being distributed by the Magnitude exploit kit.