Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 20:43

General

  • Target

    2024-06-03_1a766c4d39d239ef65545777e9b86282_magniber.exe

  • Size

    12.2MB

  • MD5

    1a766c4d39d239ef65545777e9b86282

  • SHA1

    130156eb4593b11ad00cd7feadd3f39baf23d5b2

  • SHA256

    db67abd885bface215ef3d813c791c15365f59455341a75caee5b4080a40fa97

  • SHA512

    ca5eba0b7c54ccfa654d116035baafe5f9c1b8a3260f5d1ce043bef03892de8175b98af96b87fa6b5f9830c596cb3a48b1ed52919de52eae3f74a67e25779e5a

  • SSDEEP

    196608:bPg2CWhGuZvjwQklner7/0S+6JfRbkebsN/cJ67DgKEl9sMvrrqN12R75:bYgGG7wFln+3fRb0V7El9s+rqNI5

Score
1/10

Malware Config

Signatures

  • Modifies registry class 3 IoCs
  • Modifies system certificate store 2 TTPs 10 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-06-03_1a766c4d39d239ef65545777e9b86282_magniber.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-06-03_1a766c4d39d239ef65545777e9b86282_magniber.exe"
    1⤵
    • Modifies registry class
    • Modifies system certificate store
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:624

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1fef2467eb751c183def0f43eea366c1

    SHA1

    b6c6fe652cd86332e0a5fa5dadf56d26acc0edbf

    SHA256

    42649df7c56c9875baf27bcdcce6fc9efc41c9e81f7c717eae603d38dabcd81d

    SHA512

    823a3a9aa092c27cfbde762d75636f44cd770826fb1433fbdd43538f721d7a2d90b29de6e3a734056c35603146c6e695a06f8ba6ed2d3563dff9494a0ddea789

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ebe1d3bfe3e86ad8a5e0de40dfcdfca7

    SHA1

    3f61e5c395a65c0d75655e7fa15fdf17e73566b5

    SHA256

    a101c961e68659cc99d4db1742d8fcf8dd2eadd3a2fb6538f23efeef14a4af95

    SHA512

    d4a46e2b0f12d47c90eadb452747f8ab596e3e633c7fd3a17596f6ba42f09e0167d6a60daa92161e2948b2d5c68d22592e800c5b684b44e3681495ad8cb2581a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    b8276767172e3f2e2e9d80d5f594f66a

    SHA1

    7999615ba787377962392eefe130f2a1ae0218d8

    SHA256

    dd07c8d22f062ae2dc66cd6a133565e935ee9d33c623676ada20cd41079061a4

    SHA512

    a01eeeb50e134c520e0b62f7c679d58e9accb0677eff3ee7e7783c0dc00bc883f5694b1340fea961f446b6e6973b9339ec585cf80ce7a4e93b00687aec3abebe

  • C:\Users\Admin\AppData\Local\Temp\Tar177C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b