General
-
Target
2024-05-25_e7c557791a5d351a51a51c5f122389ce_mafia_magniber
-
Size
7.1MB
-
Sample
240525-mvn1dsee22
-
MD5
e7c557791a5d351a51a51c5f122389ce
-
SHA1
c16b7bc74dcf89f6acd6726fcfc9673ce24a7886
-
SHA256
134b02268dca5da0e72cd543d9e62f6a2b6fe662744274d4f18e5c4ea090c359
-
SHA512
d0ccd6a93e48c6e9672efcb610d23f9b86b08cb3f515db5b2acda41c37702ec82990fb684b8e37a422c9f4a6d07c45fd519645d9382b7324e8b4d975f01dc0b7
-
SSDEEP
196608:uBx62ceuZ01jC1TWO9WrKVo1wRuNBuyiMfypdL:u8eS01j4pWAEuyiMKpt
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-25_e7c557791a5d351a51a51c5f122389ce_mafia_magniber.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-25_e7c557791a5d351a51a51c5f122389ce_mafia_magniber.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-25_e7c557791a5d351a51a51c5f122389ce_mafia_magniber
-
Size
7.1MB
-
MD5
e7c557791a5d351a51a51c5f122389ce
-
SHA1
c16b7bc74dcf89f6acd6726fcfc9673ce24a7886
-
SHA256
134b02268dca5da0e72cd543d9e62f6a2b6fe662744274d4f18e5c4ea090c359
-
SHA512
d0ccd6a93e48c6e9672efcb610d23f9b86b08cb3f515db5b2acda41c37702ec82990fb684b8e37a422c9f4a6d07c45fd519645d9382b7324e8b4d975f01dc0b7
-
SSDEEP
196608:uBx62ceuZ01jC1TWO9WrKVo1wRuNBuyiMfypdL:u8eS01j4pWAEuyiMKpt
Score9/10-
Renames multiple (52) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-