03df1f6e2edb2b74748f63299f0ab99090d829bdac6e4b4a7be66eff8c8c6a1e | Triage

Submit
Reports

Overview

overview

7

Static

static

1

2024-04-28...er.exe

windows7-x64

7

2024-04-28...er.exe

windows10-2004-x64

7

Sharing

General

Target

2024-04-28_d7899e7b510b52edce32328fba8761b7_magniber
Size

8.6MB
Sample

240428-frav2agf99
MD5

d7899e7b510b52edce32328fba8761b7
SHA1

fc75b915bd3b3892a39a33fd7e1d75c33eef4386
SHA256

03df1f6e2edb2b74748f63299f0ab99090d829bdac6e4b4a7be66eff8c8c6a1e
SHA512

581ba7bfbfe5bc93b8b256dff9dbbb075be45e25de79beb3e6fb8efcdf478da2c21b09aa9aa081ab5160bf9d5a6914b9385f6eab894ed15161f0fa8f7c9cc565
SSDEEP

98304:K76wMlkYxXKNgR7YjTMbk+ust6tXHJwWkHmPh7gCNq7N2/wK0pmsCWrqufezvktp:pwi3K+lYMIstaiOgC8KVWrqufezv+

Score

7^/10

discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

2024-04-28_d7899e7b510b52edce32328fba8761b7_magniber.exe

Resource

win7-20240221-en

discovery spyware stealer

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-28_d7899e7b510b52edce32328fba8761b7_magniber.exe

Resource

win10v2004-20240419-en

discovery spyware stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-28_d7899e7b510b52edce32328fba8761b7_magniber
- Size
  
  8.6MB
- MD5
  
  d7899e7b510b52edce32328fba8761b7
- SHA1
  
  fc75b915bd3b3892a39a33fd7e1d75c33eef4386
- SHA256
  
  03df1f6e2edb2b74748f63299f0ab99090d829bdac6e4b4a7be66eff8c8c6a1e
- SHA512
  
  581ba7bfbfe5bc93b8b256dff9dbbb075be45e25de79beb3e6fb8efcdf478da2c21b09aa9aa081ab5160bf9d5a6914b9385f6eab894ed15161f0fa8f7c9cc565
- SSDEEP
  
  98304:K76wMlkYxXKNgR7YjTMbk+ust6tXHJwWkHmPh7gCNq7N2/wK0pmsCWrqufezvktp:pwi3K+lYMIstaiOgC8KVWrqufezv+
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer

© 2018-2024

Terms | Privacy