General
-
Target
2024-06-13_62613aa47bd56fbe429f67042d308324_magniber
-
Size
293KB
-
Sample
240613-gk1njszgpk
-
MD5
62613aa47bd56fbe429f67042d308324
-
SHA1
6b65041823c6d7194eb09bfab63a60d4ba47576a
-
SHA256
500309beebda5ac4ead2222ac5bf7b6cae5203f07d283e204d5cbbad612d6fad
-
SHA512
a23bcb4b1ed86a99d441cb9eb7f5c164dbf92ae243455874be0a48cf26edb48357e0bd4efc20c6befea6b4a0dd9c426172c019e1d1d72cb0d73b1d3761609c7e
-
SSDEEP
3072:2qviezBmYQZhG93v9F5pxH53E4+VTs7JDuLDHXGUp1I+FF/NQvMQu+j8K/RTP9an:ziez5QZ4lnh7TDu3X+EGRr9K1TOsDR
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-13_62613aa47bd56fbe429f67042d308324_magniber.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
2024-06-13_62613aa47bd56fbe429f67042d308324_magniber.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-06-13_62613aa47bd56fbe429f67042d308324_magniber
-
Size
293KB
-
MD5
62613aa47bd56fbe429f67042d308324
-
SHA1
6b65041823c6d7194eb09bfab63a60d4ba47576a
-
SHA256
500309beebda5ac4ead2222ac5bf7b6cae5203f07d283e204d5cbbad612d6fad
-
SHA512
a23bcb4b1ed86a99d441cb9eb7f5c164dbf92ae243455874be0a48cf26edb48357e0bd4efc20c6befea6b4a0dd9c426172c019e1d1d72cb0d73b1d3761609c7e
-
SSDEEP
3072:2qviezBmYQZhG93v9F5pxH53E4+VTs7JDuLDHXGUp1I+FF/NQvMQu+j8K/RTP9an:ziez5QZ4lnh7TDu3X+EGRr9K1TOsDR
Score10/10-
Modifies security service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1