Behavioral task
behavioral1
Sample
2024-06-08_e71e577d8f655217ee69d0cf2a006a0b_magniber.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-08_e71e577d8f655217ee69d0cf2a006a0b_magniber.exe
Resource
win10v2004-20240508-en
General
-
Target
2024-06-08_e71e577d8f655217ee69d0cf2a006a0b_magniber
-
Size
13.8MB
-
MD5
e71e577d8f655217ee69d0cf2a006a0b
-
SHA1
e6e229c75237a52ff9ef2967d8949039f978e57e
-
SHA256
68208b669bd0b9d24e26678a3429aa0b60ae648afbf1532a0e94b6473d6167bd
-
SHA512
aa43ce3145afd3198b8b51bdd3c4b7ccbe9269ef9b1669844e16f78e8ba3e79b88225abdd4921208947ff10e49267469d5e6fb5d1cc20c9527594446d6f60686
-
SSDEEP
196608:AXbauePAt91FNW/74KBA7vK4EkNxKBhX5NoHfwT9ZzsEfPis6257O9+Qx26WQHC5:Xu91vW/F4EKwBhtT0MROUQx26O9VI2
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-06-08_e71e577d8f655217ee69d0cf2a006a0b_magniber
Files
-
2024-06-08_e71e577d8f655217ee69d0cf2a006a0b_magniber.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 574KB - Virtual size: 13.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 266KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 13.0MB - Virtual size: 13.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 20KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE