General
-
Target
2024-11-19_dd9f4944c12fdcd39d200cd374ca8bff_luca-stealer_magniber
-
Size
14.8MB
-
Sample
241119-yy27za1gqd
-
MD5
dd9f4944c12fdcd39d200cd374ca8bff
-
SHA1
f3d5838318f261bf5607e99ecb04ff97ab92536d
-
SHA256
6247c56d501cfc3fab88493ec3ace9412acd2c0f87be310104cb2a92abe9f910
-
SHA512
696f7b41621107725b38432e6ac2d0cde88c7b3a326839c7468921dbe2ef7feef2d552af0dc3dea7a37b785c4764fea76fe534b381d99b187b1514096ef96f37
-
SSDEEP
196608:mp/cHhw2rNAWgd/i7D4/mO4y/i2GhC5HeHxMX0RyXOcCn65U:YcDuWgd/i7C/iHh4WxPpcC+U
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-19_dd9f4944c12fdcd39d200cd374ca8bff_luca-stealer_magniber.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
2024-11-19_dd9f4944c12fdcd39d200cd374ca8bff_luca-stealer_magniber.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-11-19_dd9f4944c12fdcd39d200cd374ca8bff_luca-stealer_magniber
-
Size
14.8MB
-
MD5
dd9f4944c12fdcd39d200cd374ca8bff
-
SHA1
f3d5838318f261bf5607e99ecb04ff97ab92536d
-
SHA256
6247c56d501cfc3fab88493ec3ace9412acd2c0f87be310104cb2a92abe9f910
-
SHA512
696f7b41621107725b38432e6ac2d0cde88c7b3a326839c7468921dbe2ef7feef2d552af0dc3dea7a37b785c4764fea76fe534b381d99b187b1514096ef96f37
-
SSDEEP
196608:mp/cHhw2rNAWgd/i7D4/mO4y/i2GhC5HeHxMX0RyXOcCn65U:YcDuWgd/i7C/iHh4WxPpcC+U
Score9/10-
Renames multiple (300) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-