General
-
Target
2024-04-07_1ec78ac0898f63c64eb19b0475e2322e_magniber
-
Size
4.7MB
-
Sample
240407-3dh1tahf4x
-
MD5
1ec78ac0898f63c64eb19b0475e2322e
-
SHA1
bbbbf53c06c387bf2dbc69d779c20826512d1c8d
-
SHA256
a70135b3bf5c57e6d39dd6e9b16b25839b679fe0c44254459cfdafa8cabe4519
-
SHA512
6bb82dfcb3e1a36de9aa362cb9ca7a26eb70a46c2d8aae010d5b73feba0fd18c833051701379c6d03c1897cb5085ada3c541fc548b8f02fc365c355873d4f159
-
SSDEEP
98304:KqJkdmBucaT57K3C4qJ31B0G0c5S2uf+bGhGmv5:L2dV7VK8tj0QufMC
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-07_1ec78ac0898f63c64eb19b0475e2322e_magniber.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
2024-04-07_1ec78ac0898f63c64eb19b0475e2322e_magniber.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-07_1ec78ac0898f63c64eb19b0475e2322e_magniber
-
Size
4.7MB
-
MD5
1ec78ac0898f63c64eb19b0475e2322e
-
SHA1
bbbbf53c06c387bf2dbc69d779c20826512d1c8d
-
SHA256
a70135b3bf5c57e6d39dd6e9b16b25839b679fe0c44254459cfdafa8cabe4519
-
SHA512
6bb82dfcb3e1a36de9aa362cb9ca7a26eb70a46c2d8aae010d5b73feba0fd18c833051701379c6d03c1897cb5085ada3c541fc548b8f02fc365c355873d4f159
-
SSDEEP
98304:KqJkdmBucaT57K3C4qJ31B0G0c5S2uf+bGhGmv5:L2dV7VK8tj0QufMC
Score9/10-
Renames multiple (5962) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-