2024-03-27_afe9c1564e2bbbdf0ca14036e9707ed5_magniber | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-27_afe9c1564e2bbbdf0ca14036e9707ed5_magniber
Size

4.3MB
MD5

afe9c1564e2bbbdf0ca14036e9707ed5
SHA1

b6382d8dcca1483cba158ebd923574feea0bffc8
SHA256

bf405280d7d2d274f7481f662d73dc2c76316ab08a0ea14831433440378f8886
SHA512

360835be522ef696197fbf75752f15f577be9036f814ca2803c54503f32320dc6aeb02ea12ff7ed560d25e72052cdcc36e5de9daf64ffcb936f6847acfd489dd
SSDEEP

98304:O7AgVGBLECSPV6n3MkGCzjqS7Lpah0a8A/YG5DyzFfj:fECqV8jFkP/b9yV

Score

10^/10

Malware Config

Signatures

Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_Binary_References_Browsers

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-27_afe9c1564e2bbbdf0ca14036e9707ed5_magniber

Files

2024-03-27_afe9c1564e2bbbdf0ca14036e9707ed5_magniber
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 629KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 994KB - Virtual size: 993KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ