magniber | 652e1eac5b19ff783f453fbca0afcabd7ede53dac6eec6e1d35cbad346078f90

Analysis

max time kernel
0s
max time network
1s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
22-12-2023 01:43

Target

4a85c4bd950cd5034a5a06ad9f77c08c.dll
Size

38KB
MD5

4a85c4bd950cd5034a5a06ad9f77c08c
SHA1

c95573edb69411a4aeb106567d04c4871c46c7eb
SHA256

652e1eac5b19ff783f453fbca0afcabd7ede53dac6eec6e1d35cbad346078f90
SHA512

9c84dc894351798c69faf92e6ca93b2174ac0fad9df05b2dd63154347b9c750339d317f261ef4ef541334a8ef8ce5a80ff5be1f9e58908a11373778b7ab7b6e9
SSDEEP

768:vDjer4oprwpTVpy4Th3ev7o6i0W6njYqnOU7ieRt7HGNwvzl8:XerBwNVQ4Qdi0djZnOU7i2t7HGKJ

Score

10^/10

Detect magniber ransomware 1 IoCs

resource	yara_rule
behavioral2/memory/3608-1-0x000002B3CF970000-0x000002B3D0162000-memory.dmp	family_magniber

Magniber Ransomware
Ransomware family widely seen in Asia being distributed by the Magnitude exploit kit.
ransomware magniber

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4a85c4bd950cd5034a5a06ad9f77c08c.dll,#1
1⤵
PID:3608

memory/3608-1-0x000002B3CF970000-0x000002B3D0162000-memory.dmp

Filesize
7.9MB

Download
memory/3608-6-0x000002B3CF930000-0x000002B3CF931000-memory.dmp

Filesize
4KB

Download
memory/3608-10-0x000002B3D0170000-0x000002B3D0171000-memory.dmp

Filesize
4KB

Download
memory/3608-14-0x000002B3D01D0000-0x000002B3D01D1000-memory.dmp

Filesize
4KB

Download