Overview

overview

7

Static

static

3

2024-02-17...er.exe

windows7-x64

7

2024-02-17...er.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/02/2024, 12:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-17_96eebd6838d59fd7c96bc66a4bf9ae25_magniber.exe

  • Size

    6.1MB

  • MD5

    96eebd6838d59fd7c96bc66a4bf9ae25

  • SHA1

    07e529e866d404d89bdad5e20acb7fbd0bd12f2b

  • SHA256

    8070e159fc7e4a35496d07e13bd78597289d0165764828a383814fb381b7b0b4

  • SHA512

    5a4155965bd488e4aeb2c1318cce11472dab689ecddb438f042898ac3c6d764c33527db2145abc0bbc000fc119e0c64ee3884d2d3b83e081d96899bd9120d892

  • SSDEEP

    98304:+t+ww48YTRGrjsYrXa1PSELk/GEAUfZ82ub8GRprbGJ1y1xWcdGWLpDi5PdjDJiN:+xaELkaUfdOMeXdVlG5Fp+

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-17_96eebd6838d59fd7c96bc66a4bf9ae25_magniber.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-17_96eebd6838d59fd7c96bc66a4bf9ae25_magniber.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:960
    • C:\Users\Admin\AppData\Local\Temp\2024-0LHaY9.exe
      "2024-0LHaY9.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      PID:528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\2024-0LHaY9.exe
    Filesize

    4.1MB

    MD5

    364b1dd7139b35b8148417548a034591

    SHA1

    37b7aeb10e0b8a871afeb3ad7b605518f2042b71

    SHA256

    056c5dd8aef4a6e670c4a23b7dfd5353df30e266b16dbce0d25ac7ad97124a75

    SHA512

    784721490efe25bd9a1ec52d0b77abe6e2c11cb78484229d90d69659f878923f628537e90f827a87392f64e3e2c98c3fa36a4f63890231801dcf987753092d14

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\2024-0LHaY9.exe
    Filesize

    3.3MB

    MD5

    df7b2593600659949ed7070c0abcb3e2

    SHA1

    a493c96966b6735b8679500c79d3e186dec93284

    SHA256

    8a0376a3db2e61815d0eb4a622b6f8a6f55dcd5e9e2a27416befbc59bc7e008c

    SHA512

    cfe25c8cfe86f6d26d285366512ee0be4543451203d43cc897cd59e415a95e134f1296f2095ddd55640b0658806d05938ea37639cc1efa187807db28f16d0f5d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cfg.ini
    Filesize

    19B

    MD5

    6e2ed7d8d03ece0b786e62f7d61ca5fb

    SHA1

    c1a9b7f4e6ad665d41271727f56a7f124ad17991

    SHA256

    3d3510eb32e04318cfb67396e31829e77dde8567bc245305774d44be17c04e0f

    SHA512

    d66cd32265a5f67577d852720b0d1efe7a9751909cfd66cfb53b31822b2f9befd702788fd2c43366a1be61adc8ed98e4bf44a519bf72ecf470e162499c7d63d6

    Download Submit