Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
07-04-2024 19:34
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-04-07_5fcd19e43a5fcfe20f6dee239392f78f_magniber_sliver.exe
Resource
win7-20240220-en
2 signatures
150 seconds
General
-
Target
2024-04-07_5fcd19e43a5fcfe20f6dee239392f78f_magniber_sliver.exe
-
Size
9.4MB
-
MD5
5fcd19e43a5fcfe20f6dee239392f78f
-
SHA1
fa7512ada7534d24588770397dab058628fcd002
-
SHA256
0ca3531e74c3e93f7f313db6fd2dd66db5cf279f869c0c64688854a8b2f08a0c
-
SHA512
b99ec55f549ef137ff9428c7b28c49407dbc81d513ab330fae2df763fb2dd59c7b6ede835511e97cb307ecc67f1fbf6cc5d7d719e1ac6dea0b85ef43fdff6003
-
SSDEEP
196608:8/oQ47ZAOgxeS66w958KxcK9076tXL94VQBWG:KoQOZsx+589K2G/B
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
Processes:
2024-04-07_5fcd19e43a5fcfe20f6dee239392f78f_magniber_sliver.exedescription ioc process File opened for modification C:\Windows\System32\alg.exe 2024-04-07_5fcd19e43a5fcfe20f6dee239392f78f_magniber_sliver.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
2024-04-07_5fcd19e43a5fcfe20f6dee239392f78f_magniber_sliver.exedescription pid process Token: SeTakeOwnershipPrivilege 2908 2024-04-07_5fcd19e43a5fcfe20f6dee239392f78f_magniber_sliver.exe