General
-
Target
2024-10-25_42bdad9fe64715cc4064eedb705538c8_magniber_nymaim
-
Size
3.1MB
-
Sample
241025-lxrcvsxglf
-
MD5
42bdad9fe64715cc4064eedb705538c8
-
SHA1
1c7a027e5706accffa51539fbbf6ad8a9788c942
-
SHA256
3f7b68cff98668eb1392ef4c9c156f5f0db1e3df34ec9cc11136057700476067
-
SHA512
7dc5b6361b4dc1ba5329467aa838917ddce898ca5f3c796bc1810a608e8e3498ab32b879973de96a78ba8620d45a0e25412fb041b30f44670048a0cc8349d927
-
SSDEEP
49152:FMDRZ9IBVL+s0ezJGd80SHMsThF35Hj1BzuAhcEC1XoC:FMDtIXLr06AdfEThF35PzuacEQ3
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-25_42bdad9fe64715cc4064eedb705538c8_magniber_nymaim.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-10-25_42bdad9fe64715cc4064eedb705538c8_magniber_nymaim.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-10-25_42bdad9fe64715cc4064eedb705538c8_magniber_nymaim
-
Size
3.1MB
-
MD5
42bdad9fe64715cc4064eedb705538c8
-
SHA1
1c7a027e5706accffa51539fbbf6ad8a9788c942
-
SHA256
3f7b68cff98668eb1392ef4c9c156f5f0db1e3df34ec9cc11136057700476067
-
SHA512
7dc5b6361b4dc1ba5329467aa838917ddce898ca5f3c796bc1810a608e8e3498ab32b879973de96a78ba8620d45a0e25412fb041b30f44670048a0cc8349d927
-
SSDEEP
49152:FMDRZ9IBVL+s0ezJGd80SHMsThF35Hj1BzuAhcEC1XoC:FMDtIXLr06AdfEThF35PzuacEQ3
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-