Overview

overview

7

Static

static

3

2024-05-24...er.exe

windows7-x64

7

2024-05-24...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-24_c622f2d7610da11596365cae3e435af9_magniber

  • Size

    2.6MB

  • Sample

    240524-pckw5aaa5w

  • MD5

    c622f2d7610da11596365cae3e435af9

  • SHA1

    a7ff89f6270178ca654b85f2e60832d58b944b69

  • SHA256

    58e91e6a86103ec2b64bcca5bfe24d1b372a95ed8f0f88edb704e8c93065b74b

  • SHA512

    9e4549a00c5e24376863b287c00f3e9be038d2e7aeabebf7441f7929e95cd8f46123e8e78159cef3095de1372f639a420d646187f189ff865a08219e22a1449d

  • SSDEEP

    49152:1yW8ocWWbb5CgT/lTXAAhdZDYHKC18at8nSNG/ppdfiaTomDmg27RnWGj:sWoWWbJTXZhdZiBfNEpdfiQD527BWG

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      2024-05-24_c622f2d7610da11596365cae3e435af9_magniber

    • Size

      2.6MB

    • MD5

      c622f2d7610da11596365cae3e435af9

    • SHA1

      a7ff89f6270178ca654b85f2e60832d58b944b69

    • SHA256

      58e91e6a86103ec2b64bcca5bfe24d1b372a95ed8f0f88edb704e8c93065b74b

    • SHA512

      9e4549a00c5e24376863b287c00f3e9be038d2e7aeabebf7441f7929e95cd8f46123e8e78159cef3095de1372f639a420d646187f189ff865a08219e22a1449d

    • SSDEEP

      49152:1yW8ocWWbb5CgT/lTXAAhdZDYHKC18at8nSNG/ppdfiaTomDmg27RnWGj:sWoWWbJTXZhdZiBfNEpdfiQD527BWG

    Score
    7/10
    spywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks