6fb89756316e20fa81e2cfb87fcba064_magniber_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6fb89756316e20fa81e2cfb87fcba064_magniber_JC.exe
Size

369KB
MD5

6fb89756316e20fa81e2cfb87fcba064
SHA1

9fb22630e9f618cdd677d7030720e4c591a9b926
SHA256

7b5f75e1fd5f4f6dc70b8a69d5a08c55e0e239d50d527cd2d6de751cde7f1596
SHA512

9980d1f458fdc6b2578d357ecc1b77430b57bd3c09203809922a36c0113919d252683614feffe51cc2414a46bad56690ba696e5db115037b60ee5c5b908a965c
SSDEEP

6144:Aqu4TEHPhVMyfDNfFrcb2ArSPavm87olAKTN:AqDTEHPhKidFIfWBhT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fb89756316e20fa81e2cfb87fcba064_magniber_JC.exe

Files

6fb89756316e20fa81e2cfb87fcba064_magniber_JC.exe
.exe windows x64

c410a0d21e5f572bdb876f852f8f6ef7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GlobalFindAtomW
CompareStringW
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
SetEndOfFile
ReadConsoleW
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableW
FindResourceA
lstrlenW
lstrlenA
lstrcmpW
FormatMessageW
MulDiv
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
SizeofResource
LockResource
LoadResource
GetProcAddress
GetModuleHandleA
FreeLibrary
GetSystemTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
LCMapStringW
GetStartupInfoW
CreateProcessA
GetCurrentThreadId
CreateThread
WriteConsoleW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetFilePointerEx
GetCurrentProcessId
Sleep
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
QueryPerformanceCounter
GetLastError
RaiseException
CloseHandle
WriteFile
ReadFile
GetFileType
CreateFileW
RtlVirtualUnwind
RtlUnwindEx
GetFileSizeEx
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetCommandLineA
GetCommandLineW
GetConsoleOutputCP

user32

LoadStringW
EmptyClipboard

advapi32

InitializeSecurityDescriptor
FreeSid
GetLengthSid
IsValidSid
SetSecurityDescriptorDacl
RegCloseKey
RegCreateKeyA
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegGetValueW
CopySid

ole32

CoCreateInstance
CoInitialize
CoCreateGuid
CoUninitialize

shell32

ShellAboutW
SHGetSpecialFolderPathW

oleaut32

BSTR_UserFree

shlwapi

ShellMessageBoxA

comctl32

ImageList_Destroy
ImageList_Add
ImageList_Create

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

winmm

timeGetTime

uxtheme

IsThemeActive
BufferedPaintClear

gdi32

CreatePatternBrush
CreateSolidBrush
GetRgnBox
CreateCompatibleBitmap
CombineRgn
CreateRectRgn
CreateRectRgnIndirect
DeleteDC
EqualRgn
CreateFontIndirectW
GetDeviceCaps
GetStockObject
GetTextExtentPointW
GetTextExtentPoint32W
LineTo
SelectObject
SetBkColor
SetBkMode
SetRectRgn
SetTextColor
GetTextMetricsW
CreateDIBSection
ExtCreatePen
MoveToEx
GetObjectW
CreateCompatibleDC

winspool.drv

UploadPrinterDriverPackageA

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c410a0d21e5f572bdb876f852f8f6ef7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

comctl32

rpcrt4

winmm

uxtheme

gdi32

winspool.drv

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 5KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 213KB - Virtual size: 212KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 5KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 213KB - Virtual size: 212KB

.reloc
Size: 2KB - Virtual size: 1KB