General
-
Target
2024-05-11_571c4af4cedef9b6d90dd0c125dc15ae_magniber_zxxz
-
Size
5.1MB
-
Sample
240511-n6yjmsfa6z
-
MD5
571c4af4cedef9b6d90dd0c125dc15ae
-
SHA1
9b93f2f375c70d7f65453a6c2a19ff02642b01e9
-
SHA256
7109dad9bf6b84cd5f7726c0da2b14d874c406ba7b61615269e8c0c8d0993814
-
SHA512
b96bd93d05d45e20665513ac8fe90f3a8eff2a1e9c350dd869b0c8fca99f0ba38e935db97f198f2bdf31dc9d8a7aab8147f48175bf785f3659f621e8e4a53a7c
-
SSDEEP
98304:RQvO/XAnnXrv9qCUI48Kbnk48LRYJ5wk4r3z:R76nXrv9qCUI48W3O
Behavioral task
behavioral1
Sample
2024-05-11_571c4af4cedef9b6d90dd0c125dc15ae_magniber_zxxz.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
2024-05-11_571c4af4cedef9b6d90dd0c125dc15ae_magniber_zxxz
-
Size
5.1MB
-
MD5
571c4af4cedef9b6d90dd0c125dc15ae
-
SHA1
9b93f2f375c70d7f65453a6c2a19ff02642b01e9
-
SHA256
7109dad9bf6b84cd5f7726c0da2b14d874c406ba7b61615269e8c0c8d0993814
-
SHA512
b96bd93d05d45e20665513ac8fe90f3a8eff2a1e9c350dd869b0c8fca99f0ba38e935db97f198f2bdf31dc9d8a7aab8147f48175bf785f3659f621e8e4a53a7c
-
SSDEEP
98304:RQvO/XAnnXrv9qCUI48Kbnk48LRYJ5wk4r3z:R76nXrv9qCUI48W3O
-
Detects JavaScript files used for persistence and executable or script execution
-
UPX dump on OEP (original entry point)
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-