Overview

overview

7

Static

static

3

2024-02-19...er.exe

windows7-x64

7

2024-02-19...er.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/02/2024, 15:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-19_8e639e1c37dfc1a635d07a6c0bd7b021_magniber.exe

  • Size

    6.1MB

  • MD5

    8e639e1c37dfc1a635d07a6c0bd7b021

  • SHA1

    1de4ec0052ef4328bd28323cc6e6c26a23fc705f

  • SHA256

    2826e61c73315203c830b70e9f2dbc578895d5af361237c0d03eee5bb52c9c72

  • SHA512

    631aa8effc32d1c81ec513d41b21a5bce815123596a46e0c7f6691adbb280e84d01a3cc4ab0af2d9058ab69fb6ae2c4bf5aa8f2737837dbc034e06cbca2a2908

  • SSDEEP

    98304:+t+ww48YTRGrjsYrXa1PSELk/GEAUfZ82ub8GRprbGJ1y1xWcdGWLpDi5PdjDJiN:+xaELkaUfdOMeXdVlG5Fp+

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-19_8e639e1c37dfc1a635d07a6c0bd7b021_magniber.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-19_8e639e1c37dfc1a635d07a6c0bd7b021_magniber.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2988
    • C:\Users\Admin\AppData\Local\Temp\2024-04JGbA5.exe
      "2024-04JGbA5.exe"
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      PID:3752

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\2024-04JGbA5.exe
    Filesize

    4.8MB

    MD5

    321c75578f0671c474adf78a03b01358

    SHA1

    a42703a8f045a00f11e5608096a9e669db8f3bf2

    SHA256

    e575b6f79ffd70e3964ddcf3ed900ea4957fff8caa5bcd7cdd6051ec94ca3da5

    SHA512

    1093642a364e3adf4df454e5f6a48b3425f23520adb2edceb15bd9ef0da39b55ed4fee28796483c738078f595032b8708094902f1d9a166f1bafb91beca68f4e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\2024-04JGbA5.exe
    Filesize

    5.8MB

    MD5

    2260bd24b6ae42cbef6510a9d545bc21

    SHA1

    01298b5f6640982841da8ed039d07b70ba1773d8

    SHA256

    0b015f8d4ef641abd5991625bef4594f9772689ff11d1ff787ce165a922e70e9

    SHA512

    70828d7918c70636e72e50224b5d10d74559a60ac1a15f60ceed221282fb41cb1d06fddb052eb3fac13f37283166715e7e3c26df42c23873ee72822bc5746395

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cfg.ini
    Filesize

    19B

    MD5

    baf81296ec1e502618d5921515eb0225

    SHA1

    daf1b8a0977480acae3a346abce4e5c3e4b369a5

    SHA256

    f961f3f194b2ec9b091c7e9be3541f2d665127e5c7dea4b56a7d12a05a462eaa

    SHA512

    a3e5aee546fcffd58d8ba86d4fd004f21609fd65d4b6ddff78df93d2fcbe3a47a97b2a5a5f9e1692065acecd572ab4b460165d92fd3c95c8a0d1410f2b877113

    Download Submit