General
-
Target
2024-04-12_37b70de69e8ea3194be76b41efcb792f_magniber
-
Size
6.2MB
-
Sample
240412-kzq97shb73
-
MD5
37b70de69e8ea3194be76b41efcb792f
-
SHA1
b176ad9dcaa675b06dd490733247639b95de83ad
-
SHA256
dc0e63c40650cc179ec013ca06902770416da7be159e3b26f6182c7581471827
-
SHA512
61cf4ce9d63636fe018a5bbe04c9743f45d9fe0b7291a2875d7e47ecb92355eb6f13eb39a8f839d10c2e1a25d336cef9b75b5efae9141545bf4146c5fdf15624
-
SSDEEP
98304:+iFOmPlDYwC9Fm7giCU3qCIahwFxc0N0UkqJMgPpkwk+vmpou3aCTDsRpLPYuz7w:xtVC9FjUaCryCk6+fuX6pnrU
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-12_37b70de69e8ea3194be76b41efcb792f_magniber.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-12_37b70de69e8ea3194be76b41efcb792f_magniber.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-12_37b70de69e8ea3194be76b41efcb792f_magniber
-
Size
6.2MB
-
MD5
37b70de69e8ea3194be76b41efcb792f
-
SHA1
b176ad9dcaa675b06dd490733247639b95de83ad
-
SHA256
dc0e63c40650cc179ec013ca06902770416da7be159e3b26f6182c7581471827
-
SHA512
61cf4ce9d63636fe018a5bbe04c9743f45d9fe0b7291a2875d7e47ecb92355eb6f13eb39a8f839d10c2e1a25d336cef9b75b5efae9141545bf4146c5fdf15624
-
SSDEEP
98304:+iFOmPlDYwC9Fm7giCU3qCIahwFxc0N0UkqJMgPpkwk+vmpou3aCTDsRpLPYuz7w:xtVC9FjUaCryCk6+fuX6pnrU
Score9/10-
Detects executables packed with Themida
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Downloads MZ/PE file
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-