General
-
Target
2024-04-07_b97de48c5024d22ca945bda2383555b2_magniber
-
Size
5.8MB
-
Sample
240407-v9cvnsad69
-
MD5
b97de48c5024d22ca945bda2383555b2
-
SHA1
fc069786bb07c62d871449ca4cca8cdffe6d6b4e
-
SHA256
1354c1ef785e3d7aef4979b99b39e5886f47e82c1b3409420cb21c56098accab
-
SHA512
97d58dfd742bbda49a9c8427c8bb0758de1bbec63106df87904f2aefd9c1d47cdd0dbef54e8fcc269eac8f0ba4fbb54b5841f2b023c02c9310baee28861cc0e4
-
SSDEEP
98304:/YvoKhqqe2nun4wPPPJ+epgFnce4ryC+zEG1O1uFY6MMQS7kGLws:YZhPDMH3hgp9CkE6wKRML3s
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-07_b97de48c5024d22ca945bda2383555b2_magniber.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
2024-04-07_b97de48c5024d22ca945bda2383555b2_magniber
-
Size
5.8MB
-
MD5
b97de48c5024d22ca945bda2383555b2
-
SHA1
fc069786bb07c62d871449ca4cca8cdffe6d6b4e
-
SHA256
1354c1ef785e3d7aef4979b99b39e5886f47e82c1b3409420cb21c56098accab
-
SHA512
97d58dfd742bbda49a9c8427c8bb0758de1bbec63106df87904f2aefd9c1d47cdd0dbef54e8fcc269eac8f0ba4fbb54b5841f2b023c02c9310baee28861cc0e4
-
SSDEEP
98304:/YvoKhqqe2nun4wPPPJ+epgFnce4ryC+zEG1O1uFY6MMQS7kGLws:YZhPDMH3hgp9CkE6wKRML3s
-
Downloads MZ/PE file
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-