5e855a7990c9dc50c3eee9acbfa5901c_magniber_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

5e855a7990c9dc50c3eee9acbfa5901c_magniber_JC.exe
Size

14.5MB
MD5

5e855a7990c9dc50c3eee9acbfa5901c
SHA1

c8150a36c50daaa11390751c07dd66a126f7a2be
SHA256

9d690668b8fe9ca9565b47e924da09b523685123c7cf1c2cdc7c0b536bef3b7d
SHA512

0437ae48f5682b7daedae3485c746b0535830b7e145d387f4ccc70f526ccb0d895334e42c8b3dbfc7fc3fbc81e8da31940ce7e22850449fd3a6e666f93228a49
SSDEEP

196608:Owv/Bj0I3fm9vkoEtzqPQy0GvJ4Z08RBCxXB7q3oWFCByCNXBftQ:Owv/wnEtiQy0Z08RBCxXJq3okTUXttQ

Score

1^/10

Malware Config

Signatures

Files

5e855a7990c9dc50c3eee9acbfa5901c_magniber_JC.exe
.exe windows x86

052c9e71a68d757b5984aab38228dd95

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:48:1f:bd:b6:f0:b2:28:18:7d:78:45:65:bb:16:4b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08-07-2022 00:00

Not After

02-08-2023 23:59

Subject

CN=iDOC K.K.,OU=idoc kabusikigaisha,O=iDOC K.K.,L=Chiyoda-ku,ST=Tokyo,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f2:0e:2b:36:38:e3:9b:e9:99:1f:b5:33:a1:b4:5a:a7:a8:e4:b0:7e
Signer

Actual PE Digest

f2:0e:2b:36:38:e3:9b:e9:99:1f:b5:33:a1:b4:5a:a7:a8:e4:b0:7e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragMove
ImageList_BeginDrag
InitCommonControlsEx
ImageList_EndDrag
ImageList_GetIconSize
CreatePropertySheetPageW
ImageList_Destroy
ord413
ImageList_Draw
ImageList_AddMasked
ord17
ImageList_Create
ImageList_Add
ImageList_Replace
ord412
ord410

kernel32

VirtualQuery
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
LoadLibraryExA
FormatMessageA
WritePrivateProfileStringW
FileTimeToSystemTime
Thread32First
Thread32Next
InitializeCriticalSectionAndSpinCount
CreateDirectoryW
GetFileTime
ReadFile
SetEndOfFile
SetFilePointer
SetFileTime
GetUserDefaultLCID
SetLastError
CreateMutexW
Sleep
CloseHandle
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetLogicalDrives
SizeofResource
HeapFree
InitializeCriticalSectionEx
WaitForSingleObject
HeapSize
MultiByteToWideChar
GetLastError
LockResource
QueryPerformanceFrequency
HeapReAlloc
RaiseException
FindResourceExW
LoadResource
FindResourceW
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
CreateProcessW
QueryPerformanceCounter
MulDiv
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetConsoleOutputCP
ReadConsoleW
SetFilePointerEx
SetEnvironmentVariableW
FreeLibraryAndExitThread
GetCommandLineA
GetModuleHandleExW
VirtualProtect
VirtualAlloc
PeekNamedPipe
LoadLibraryExW
TlsFree
RtlUnwind
InterlockedPushEntrySList
LCMapStringW
LCMapStringEx
EncodePointer
GetStringTypeW
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
GetConsoleMode
CreateSemaphoreW
GetProcessAffinityMask
ReleaseSemaphore
MoveFileW
FlushFileBuffers
GetFileType
CreateHardLinkW
RemoveDirectoryW
DeviceIoControl
SetThreadPriority
SetConsoleCtrlHandler
FoldStringW
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
IsDBCSLeadByte
GetCPInfo
CompareStringW
AreFileApisANSI
FileTimeToDosDateTime
OutputDebugStringW
GetSystemDirectoryW
OpenThread
GetThreadContext
ResumeThread
SuspendThread
AllocConsole
VerifyVersionInfoW
FreeLibrary
VerSetConditionMask
SetCurrentDirectoryW
GetCurrentDirectoryW
GetStdHandle
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
ReadDirectoryChangesW
QueueUserAPC
ExitThread
WaitForMultipleObjectsEx
CancelIo
GetDriveTypeW
GetFileAttributesExW
GetFileInformationByHandle
GetModuleFileNameW
GetPrivateProfileIntW
GetShortPathNameW
GetLongPathNameW
GetFileSizeEx
GetLocaleInfoW
GetWindowsDirectoryW
lstrcpynW
GetFullPathNameA
OutputDebugStringA
TlsGetValue
TlsAlloc
TlsSetValue
GetEnvironmentVariableW
GetACP
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
HeapCreate
GetCurrentProcess
TerminateProcess
GetEnvironmentVariableA
GetCurrentThreadId
GetExitCodeProcess
CreateEventA
ResetEvent
LocalFileTimeToFileTime
GetTempFileNameW
FileTimeToLocalFileTime
CompareFileTime
WideCharToMultiByte
lstrcmpW
DeleteFileW
GetTempPathW
GetUserDefaultUILanguage
IsDebuggerPresent
K32EnumProcessModules
K32EnumProcesses
LoadLibraryW
K32GetModuleBaseNameW
SetErrorMode
GetFullPathNameW
MoveFileExW
LocalFree
FormatMessageW
SetFileAttributesW
GetFileAttributesW
SetThreadExecutionState
GlobalAddAtomW
GlobalDeleteAtom
GetTickCount
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetCurrentThread
GetVersionExW
GetLocaleInfoA
CreateToolhelp32Snapshot
CreateEventW
SetEvent
GetSystemInfo
CreateThread
GetSystemTime
CopyFileW
ExitProcess
FindClose
FindNextFileW
GetCommandLineW
FindFirstFileW
Process32FirstW
Process32NextW
OpenProcess
CreateFileW
WriteFile
SetUnhandledExceptionFilter
Module32NextW
GlobalMemoryStatusEx
GetCurrentProcessId
Module32FirstW
ReleaseMutex

user32

GetSystemMetrics
SendMessageW
SystemParametersInfoW
CreateAcceleratorTableW
GetSysColor
LoadAcceleratorsW
CharLowerW
HideCaret
SetClassLongW
ShowCaret
GetKeyState
LockWindowUpdate
LoadImageW
GetCursorPos
IsCharAlphaNumericW
ValidateRect
GetUpdateRect
GetWindowThreadProcessId
GetMessageW
AllowSetForegroundWindow
FindWindowExW
SetWindowDisplayAffinity
GetTopWindow
LoadBitmapW
TranslateAcceleratorW
SetParent
SetActiveWindow
MapVirtualKeyW
ScreenToClient
IsWindow
CharLowerBuffW
GetAncestor
IsCharUpperW
GetWindow
CheckRadioButton
EndDialog
SetDlgItemTextW
SendDlgItemMessageW
DialogBoxIndirectParamW
MoveWindow
IsDlgButtonChecked
CheckDlgButton
DialogBoxParamW
MessageBoxIndirectW
GetFocus
OpenClipboard
CloseClipboard
EmptyClipboard
GetWindowTextLengthW
ReuseDDElParam
ShowWindowAsync
IsWindowUnicode
UnpackDDElParam
LoadCursorW
DrawTextW
ModifyMenuW
CheckMenuRadioItem
GetMenu
SetMenuItemInfoW
SetMenu
DrawTextExW
InsertMenuW
AppendMenuA
MsgWaitForMultipleObjects
DispatchMessageW
IsDialogMessageW
PeekMessageW
MessageBoxA
TranslateMessage
GetDlgItem
PostQuitMessage
EnableWindow
MessageBeep
GetDesktopWindow
UpdateWindow
MessageBoxW
wsprintfW
CreateMenu
BringWindowToTop
LoadIconW
wsprintfA
DestroyWindow
GetWindowLongW
GetMenuItemInfoW
GetSystemMenu
CallWindowProcW
GetWindowRect
IsWindowVisible
SetWindowPos
GetMenuItemCount
CreateWindowExW
CreatePopupMenu
RegisterClassExW
TrackPopupMenu
ShowWindow
InvalidateRgn
OffsetRect
RedrawWindow
MapWindowPoints
SetMenuDefaultItem
GetForegroundWindow
DestroyMenu
FindWindowW
GetWindowDC
SetWindowLongW
TrackPopupMenuEx
RemoveMenu
GetClientRect
IsZoomed
AppendMenuW
GetClassLongW
DrawIconEx
EnableMenuItem
DrawEdge
GetParent
DrawFrameControl
InvalidateRect
CopyImage
DdeFreeStringHandle
DdeDisconnect
CheckMenuItem
SetClipboardData
EndDeferWindowPos
DdeFreeDataHandle
DdeClientTransaction
DdeUninitialize
DdeInitializeW
TrackMouseEvent
ClientToScreen
GetMonitorInfoW
GetWindowInfo
DdeConnect
DdeCreateStringHandleW
BeginDeferWindowPos
DestroyCursor
EnumDisplayMonitors
MonitorFromWindow
MonitorFromRect
AdjustWindowRectEx
DeferWindowPos
SetLayeredWindowAttributes
IsWindowEnabled
WindowFromDC
GetMessagePos
SetPropW
RemovePropW
GetPropW
PtInRect
OemToCharA
CharToOemA
OemToCharBuffA
CharUpperW
CharToOemBuffW
DrawTextA
SetScrollInfo
DefWindowProcW
ShowScrollBar
GetDC
FillRect
GetCursor
GetScrollInfo
PostMessageW
GetScrollPos
GetCapture
SetTimer
SetFocus
SetCapture
SetCursor
KillTimer
ReleaseCapture
SetForegroundWindow
IsIconic
ReleaseDC
BeginPaint
EndPaint

gdi32

SetGraphicsMode
SetDIBColorTable
GetTextMetricsW
SetDIBits
CreateFontIndirectA
GetTextMetricsA
GetClipRgn
SetROP2
SetDIBitsToDevice
ExtTextOutW
CreatePatternBrush
CreateBitmap
GetObjectA
IntersectClipRect
SetWorldTransform
CreateDIBSection
CreateRoundRectRgn
TextOutW
GetTextExtentPoint32W
SelectClipRgn
RoundRect
BitBlt
StartPage
AbortDoc
EndDoc
CreateDCW
SetMapMode
StartDocW
EndPage
GetDeviceCaps
LineTo
MoveToEx
SetBkColor
SetBkMode
CreateFontIndirectW
CreateCompatibleBitmap
GetDIBColorTable
GetDIBits
GetObjectW
SetStretchBltMode
GetCurrentObject
GetClipBox
CreateRectRgn
SetViewportOrgEx
ExcludeClipRect
ExtSelectClipRgn
SetBrushOrgEx
SelectObject
CreateCompatibleDC
PatBlt
StretchBlt
GetStockObject
DeleteDC
SetTextColor
CreatePen
Rectangle
DeleteObject
CreateSolidBrush

winspool.drv

GetPrinterW
DocumentPropertiesW
ClosePrinter
DeviceCapabilitiesW
EnumPrintersW
OpenPrinterW
ord203

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PrintDlgExW

advapi32

RegEnumKeyW
CryptCreateHash
CryptHashData
CryptDestroyHash
OpenProcessToken
AdjustTokenPrivileges
RegOpenKeyA
SetFileSecurityW
LookupPrivilegeValueW
CryptAcquireContextW
CryptGetHashParam
SetSecurityDescriptorDacl
AllocateAndInitializeSid
RegCreateKeyExW
RegSetKeySecurity
FreeSid
CheckTokenMembership
InitializeSecurityDescriptor
RegQueryValueExW
CryptReleaseContext
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey

shell32

SHChangeNotify
DragAcceptFiles
SHAddToRecentDocs
DragQueryPoint
SHGetPathFromIDListW
SHGetFileInfoW
SHBindToParent
SHGetFolderPathW
SHFileOperationW
SHBrowseForFolderW
SHGetMalloc
DragFinish
DragQueryFileW
SHGetDesktopFolder
ShellExecuteExW

ole32

CoTaskMemAlloc
CoInitialize
CoUninitialize
OleUninitialize
ReleaseStgMedium
CoGetMalloc
CreateStreamOnHGlobal
OleInitialize
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
VariantClear
VariantInit
SafeArrayPutElement
SafeArrayCreateVector
SysAllocString

xmllite

CreateXmlReader

Exports

Exports

?get_lock@singleton_module@serialization@boost@@AAEAA_NXZ
?is_locked@singleton_module@serialization@boost@@QAE_NXZ
?lock@?1??get_lock@singleton_module@serialization@boost@@AAEAA_NXZ@4_NA
?lock@singleton_module@serialization@boost@@QAEXXZ
?unlock@singleton_module@serialization@boost@@QAEXXZ

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data:
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

052c9e71a68d757b5984aab38228dd95

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

0f:48:1f:bd:b6:f0:b2:28:18:7d:78:45:65:bb:16:4bCertificate

Extended Key Usages

Key Usages

f2:0e:2b:36:38:e3:9b:e9:99:1f:b5:33:a1:b4:5a:a7:a8:e4:b0:7eSigner

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

xmllite

Exports

Exports

Sections

.text Size: 4.5MB - Virtual size: 4.5MB

.data: Size: 5.4MB - Virtual size: 5.4MB

.rdata Size: 2.5MB - Virtual size: 2.5MB

.data Size: 1.7MB - Virtual size: 2.6MB

.rsrc Size: 136KB - Virtual size: 136KB

.reloc Size: 217KB - Virtual size: 217KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

0f:48:1f:bd:b6:f0:b2:28:18:7d:78:45:65:bb:16:4b
Certificate

f2:0e:2b:36:38:e3:9b:e9:99:1f:b5:33:a1:b4:5a:a7:a8:e4:b0:7e
Signer

.text
Size: 4.5MB - Virtual size: 4.5MB

.data:
Size: 5.4MB - Virtual size: 5.4MB

.rdata
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 1.7MB - Virtual size: 2.6MB

.rsrc
Size: 136KB - Virtual size: 136KB

.reloc
Size: 217KB - Virtual size: 217KB