Analysis
-
max time kernel
145s -
max time network
162s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system -
submitted
11-10-2023 10:54
Static task
static1
Behavioral task
behavioral1
Sample
2023-08-26_a03345ae67b9349c473462dbf8727845_magniber_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
2023-08-26_a03345ae67b9349c473462dbf8727845_magniber_JC.exe
Resource
win10v2004-20230915-en
General
-
Target
2023-08-26_a03345ae67b9349c473462dbf8727845_magniber_JC.exe
-
Size
1.8MB
-
MD5
a03345ae67b9349c473462dbf8727845
-
SHA1
0d612e2986a1d9669b3dbdd29beed405189dd35a
-
SHA256
2ffdb71a40ea900db4caacdca5355f169d73f3d683868a6e0b46abf711cd3f5c
-
SHA512
ece9c4564e9117e886695347da8888fdf26ec8be9f40a7895f0a13c8349c6005972fdfe6a52a8f7fb3b5a936f1fdcd6ed7ef21112cc01f82a4b94076fb7aef0a
-
SSDEEP
49152:fX6GJ8mMXVbPYtdLAl8roTwCGMVi9Md9Xogr:fX6GyrVbPYtdLAl8t9Md9Xog
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
description ioc Process File opened for modification \??\PhysicalDrive0 2023-08-26_a03345ae67b9349c473462dbf8727845_magniber_JC.exe -
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 2144 2023-08-26_a03345ae67b9349c473462dbf8727845_magniber_JC.exe