1d54aba417990c3d1fc5016be5a8e30f1831f7dde9d54f519ca4e9d6c81a0d42

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10/04/2024, 05:29

Target

2024-04-10_821fefdab4e4353bcd93ae8a4e6db32a_magniber.exe
Size

1.3MB
MD5

821fefdab4e4353bcd93ae8a4e6db32a
SHA1

af51c53f8f050419c4f89c954e39edffb04911dd
SHA256

1d54aba417990c3d1fc5016be5a8e30f1831f7dde9d54f519ca4e9d6c81a0d42
SHA512

b6d890d03315a34331d997709cc0803dbf25101d8a9a0ca3117e3e6aad98d12d267960989f4f2451c357b7473aaa2d2fd05713698689ee7ffdf292793b04a04b
SSDEEP

24576:M1JJ3merT5EhVzhBD8uXTTTN+Y1TSZD38VvhYPj5Xl7oDNT5jZ3:ymeaVzrDlXTTTNBTSh3Fj5Ngb9

Score

5^/10

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\alg.exe	2024-04-10_821fefdab4e4353bcd93ae8a4e6db32a_magniber.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeTakeOwnershipPrivilege	2928	2024-04-10_821fefdab4e4353bcd93ae8a4e6db32a_magniber.exe

memory/2928-0-0x00000000005D0000-0x0000000000637000-memory.dmp

Filesize
412KB

Download
memory/2928-1-0x0000000000400000-0x000000000055A000-memory.dmp

Filesize
1.4MB

Download
memory/2928-6-0x00000000005D0000-0x0000000000637000-memory.dmp

Filesize
412KB

Download
memory/2928-7-0x00000000005D0000-0x0000000000637000-memory.dmp

Filesize
412KB

Download
memory/2928-15-0x0000000000400000-0x000000000055A000-memory.dmp

Filesize
1.4MB

Download