Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    07-04-2024 19:34

General

  • Target

    2024-04-07_5fcd19e43a5fcfe20f6dee239392f78f_magniber_sliver.exe

  • Size

    9.4MB

  • MD5

    5fcd19e43a5fcfe20f6dee239392f78f

  • SHA1

    fa7512ada7534d24588770397dab058628fcd002

  • SHA256

    0ca3531e74c3e93f7f313db6fd2dd66db5cf279f869c0c64688854a8b2f08a0c

  • SHA512

    b99ec55f549ef137ff9428c7b28c49407dbc81d513ab330fae2df763fb2dd59c7b6ede835511e97cb307ecc67f1fbf6cc5d7d719e1ac6dea0b85ef43fdff6003

  • SSDEEP

    196608:8/oQ47ZAOgxeS66w958KxcK9076tXL94VQBWG:KoQOZsx+589K2G/B

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-07_5fcd19e43a5fcfe20f6dee239392f78f_magniber_sliver.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-07_5fcd19e43a5fcfe20f6dee239392f78f_magniber_sliver.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2908-0-0x00000000004B0000-0x0000000000510000-memory.dmp

    Filesize

    384KB

  • memory/2908-2-0x0000000140000000-0x000000014096F000-memory.dmp

    Filesize

    9.4MB

  • memory/2908-8-0x00000000004B0000-0x0000000000510000-memory.dmp

    Filesize

    384KB

  • memory/2908-14-0x00000000004B0000-0x0000000000510000-memory.dmp

    Filesize

    384KB

  • memory/2908-15-0x0000000140000000-0x000000014096F000-memory.dmp

    Filesize

    9.4MB