General
-
Target
2024-05-23_6e350b85936b588d7cda0beee7c7d716_magniber
-
Size
5.1MB
-
Sample
240523-mndabadd21
-
MD5
6e350b85936b588d7cda0beee7c7d716
-
SHA1
50c00b707df460a8df05271c53ef8fd0996f7dfe
-
SHA256
f80db396abdc9a4d6435426446d88073482e288a3b9fc3d21cf05dbde207bdd0
-
SHA512
b0760a5e591779544506b927d3f72348b0e1e7cd0a995a06ed4584ef1fa0391a405b3bcee6d8bdd8d0e193b356b646db495130db7f549732254abc5faf465d63
-
SSDEEP
98304:k/vt45232uPpqj4BB5Dg+8/nJ6rNbO3yguFbsTD527BWG:AN3ZpHpgNIbEGFuVQBWG
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-23_6e350b85936b588d7cda0beee7c7d716_magniber.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
2024-05-23_6e350b85936b588d7cda0beee7c7d716_magniber
-
Size
5.1MB
-
MD5
6e350b85936b588d7cda0beee7c7d716
-
SHA1
50c00b707df460a8df05271c53ef8fd0996f7dfe
-
SHA256
f80db396abdc9a4d6435426446d88073482e288a3b9fc3d21cf05dbde207bdd0
-
SHA512
b0760a5e591779544506b927d3f72348b0e1e7cd0a995a06ed4584ef1fa0391a405b3bcee6d8bdd8d0e193b356b646db495130db7f549732254abc5faf465d63
-
SSDEEP
98304:k/vt45232uPpqj4BB5Dg+8/nJ6rNbO3yguFbsTD527BWG:AN3ZpHpgNIbEGFuVQBWG
-
Downloads MZ/PE file
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-