Overview

overview

7

Static

static

1

2024-04-28...er.exe

windows7-x64

7

2024-04-28...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-28_04b91f14b2a6b45be59309bc3e76695a_magniber

  • Size

    8.6MB

  • Sample

    240428-fcdndagf3s

  • MD5

    04b91f14b2a6b45be59309bc3e76695a

  • SHA1

    a52b9c3e210ba393a65ee10216d4c91709ca72dc

  • SHA256

    322798dd214a40efc0862c85e8f1988bc02a076c00dd8d49328a28c0e98e179b

  • SHA512

    3df5ab1d08e2f1103070ebcb9a3997e71cbe8d4a49180a7fd0b49bef2d64a280e4a05eec9ab9a871ee5d4a65159dd8ebe75ab421936ebdcdc3cde647a8433dc4

  • SSDEEP

    98304:o76wMlkYxXKNgR7YjTMbk+ust6tXHJwWkHmPh7gCNq7N2/wK0pmsCWrqufezvktp:Dwi3K+lYMIstaiOgC8KVWrqufezvS

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      2024-04-28_04b91f14b2a6b45be59309bc3e76695a_magniber

    • Size

      8.6MB

    • MD5

      04b91f14b2a6b45be59309bc3e76695a

    • SHA1

      a52b9c3e210ba393a65ee10216d4c91709ca72dc

    • SHA256

      322798dd214a40efc0862c85e8f1988bc02a076c00dd8d49328a28c0e98e179b

    • SHA512

      3df5ab1d08e2f1103070ebcb9a3997e71cbe8d4a49180a7fd0b49bef2d64a280e4a05eec9ab9a871ee5d4a65159dd8ebe75ab421936ebdcdc3cde647a8433dc4

    • SSDEEP

      98304:o76wMlkYxXKNgR7YjTMbk+ust6tXHJwWkHmPh7gCNq7N2/wK0pmsCWrqufezvktp:Dwi3K+lYMIstaiOgC8KVWrqufezvS

    Score
    7/10
    discoveryspywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks