ioc[.]one - OSINT Cyber Threat Intelligence Database

Magniber ransomware: exclusively for South Koreans | Malwarebytes Labs

Tags

country:	South Korea Laos
attack-pattern:	Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Scheduled Task - T1053.005 Server - T1583.004 Server - T1584.004 Scheduled Task - T1053

Show in Graph

Common Information

Type	Value
UUID	4868895f-750f-4f6c-9434-3eeecfa4ba53
Fingerprint	bf1070d1af0e869c
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 18, 2017, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 18, 2024, 2:36 a.m.
Headline	Magniber ransomware: exclusively for South Koreans
Title	Magniber ransomware: exclusively for South Koreans \| Malwarebytes Labs
Detected Hints/Tags/Attributes	71/2/29

Source URLs

	Redirection	Url
Details	Source	https://blog.malwarebytes.com/threat-analysis/2017/10/magniber-ransomware-exclusively-for-south-koreans/

URL Provider

Details	Provider	Source level domain
Details	malwarebytes.com	blog.malwarebytes.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	xat91h3evntk5zb66dr.bankme.date
Details	Domain	1	xat91h3evntk5zb66dr.jobsnot.services
Details	Domain	1	xat91h3evntk5zb66dr.carefit.agency
Details	Domain	1	xat91h3evntk5zb66dr.hotdisk.world
Details	Domain	154	youtu.be
Details	Domain	1	www.checkmal.com
Details	Domain	251	www.bleepingcomputer.com
Details	Domain	221	gist.github.com
Details	Domain	31	hshrzd.wordpress.com
Details	File	2	bankme.dat
Details	File	351	recycle.bin
Details	File	1	magniber_decryptor.exe
Details	Github username	3	evilsocket
Details	md5	1	ef70f414106ab23358c6734c434cb7dd
Details	md5	1	b89df665e6d52446e3e353fc1cc44711
Details	sha256	1	9bb96afdce48fcf9ba9d6dda2e23c936c661212e8a74114e7813082841667508
Details	sha256	1	8968c1b7a7aa95931fcd9b72cdde8416063da27565d5308c818fdaafddfa3b51
Details	sha256	1	aa8f077a5feeb9fa9dcffd3c69724c942d5ce173519c1c9df838804c9444bd30
Details	Url	1	http://xat91h3evntk5zb66dr.bankme.date/new1
Details	Url	1	http://xat91h3evntk5zb66dr.bankme.date/end1compare
Details	Url	1	http://xat91h3evntk5zb66dr.bankme.date/ep866p5m93wds513
Details	Url	1	http://xat91h3evntk5zb66dr.jobsnot.services/ep866p5m93wds513
Details	Url	1	http://xat91h3evntk5zb66dr.carefit.agency/ep866p5m93wds513
Details	Url	1	http://xat91h3evntk5zb66dr.hotdisk.world/ep866p5m93wds513at
Details	Url	1	https://youtu.be/vgogz1bxtre
Details	Url	1	https://www.checkmal.com/page/resource/video/?detail=read&idx=676&p=1&pc=20
Details	Url	1	https://www.bleepingcomputer.com/news/security/goodbye-cerber-hello-magniber-ransomware
Details	Url	1	https://gist.github.com/evilsocket/b89df665e6d52446e3e353fc1cc44711
Details	Url	28	https://hshrzd.wordpress.com