Overview

overview

7

Static

static

3

2024-02-19...er.exe

windows7-x64

7

2024-02-19...er.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/02/2024, 15:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-19_8e639e1c37dfc1a635d07a6c0bd7b021_magniber.exe

  • Size

    6.1MB

  • MD5

    8e639e1c37dfc1a635d07a6c0bd7b021

  • SHA1

    1de4ec0052ef4328bd28323cc6e6c26a23fc705f

  • SHA256

    2826e61c73315203c830b70e9f2dbc578895d5af361237c0d03eee5bb52c9c72

  • SHA512

    631aa8effc32d1c81ec513d41b21a5bce815123596a46e0c7f6691adbb280e84d01a3cc4ab0af2d9058ab69fb6ae2c4bf5aa8f2737837dbc034e06cbca2a2908

  • SSDEEP

    98304:+t+ww48YTRGrjsYrXa1PSELk/GEAUfZ82ub8GRprbGJ1y1xWcdGWLpDi5PdjDJiN:+xaELkaUfdOMeXdVlG5Fp+

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-19_8e639e1c37dfc1a635d07a6c0bd7b021_magniber.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-19_8e639e1c37dfc1a635d07a6c0bd7b021_magniber.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:1140
    • C:\Users\Admin\AppData\Local\Temp\2024-0u218c.exe
      "2024-0u218c.exe"
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      PID:2868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\cfg.ini
    Filesize

    19B

    MD5

    baf81296ec1e502618d5921515eb0225

    SHA1

    daf1b8a0977480acae3a346abce4e5c3e4b369a5

    SHA256

    f961f3f194b2ec9b091c7e9be3541f2d665127e5c7dea4b56a7d12a05a462eaa

    SHA512

    a3e5aee546fcffd58d8ba86d4fd004f21609fd65d4b6ddff78df93d2fcbe3a47a97b2a5a5f9e1692065acecd572ab4b460165d92fd3c95c8a0d1410f2b877113

    Download Submit

  • \Users\Admin\AppData\Local\Temp\2024-0u218c.exe
    Filesize

    6.1MB

    MD5

    ddd27d3312f880e590dcd1959865fbd9

    SHA1

    bab588c5355484c2e07e0b97224be77ef3faedd3

    SHA256

    01e1ccbb751043d4ee31c808e3abe16ea43a78aded364302f65bb953b4159b36

    SHA512

    f1d467429a81242f61fa3116c8bd6c13857806200cb6e9b59a3c1849588b73cc056718ffd5b096701660d302b1272fe60949be729628e4331230f2d935979c73

    Download Submit