45a46d6d5507e162be6f0d83ab8ccb6e_magniber_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

45a46d6d5507e162be6f0d83ab8ccb6e_magniber_JC.exe
Size

605KB
MD5

45a46d6d5507e162be6f0d83ab8ccb6e
SHA1

c858bb461a63f76b235161c444ef13541fa9e797
SHA256

33bce4f650fbf94f94560a9e4fbf732080d2a6c32e04903a4296ccf1af4cfcf7
SHA512

879e7a62208469fc7a73ce75ff631994affbc5ab724a5aa44ff640898cd32a2523640a7e02c793ef9574874d905fa7bdca92cb299f14b274f28ebb6623d30d2d
SSDEEP

12288:l3hiTHh1+fN/VYCLoK4BuQauZtByjOJeKqgb:lETHhQVDv4BuJuZtHeKZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45a46d6d5507e162be6f0d83ab8ccb6e_magniber_JC.exe

Files

45a46d6d5507e162be6f0d83ab8ccb6e_magniber_JC.exe
.exe windows x86

ff1e69c27f842a3e1779ddd36fd5623c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
DeleteFileW
DeviceIoControl
CreateFileW
GetCurrentProcessId
CreateProcessW
CreateMutexW
GetVersionExW
DebugBreak
lstrlenA
GlobalAlloc
GlobalFree
InterlockedCompareExchange
HeapFree
GetProcessHeap
LoadResource
SizeofResource
MultiByteToWideChar
lstrcmpiA
lstrcmpA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FreeLibrary
GlobalLock
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GlobalUnlock
LoadLibraryW
OutputDebugStringW
GetProcAddress
OpenProcess
TerminateProcess
CreateThread
CloseHandle
lstrcmpiW
LoadLibraryExW
Sleep
InitializeCriticalSection
GetLastError
lstrlenW
GetModuleFileNameW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
RaiseException
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
SetConsoleCtrlHandler
GetCurrentThread
HeapSize
GetModuleHandleA
GetModuleFileNameA
GetStdHandle
FatalAppExitA
HeapDestroy
GetLocaleInfoW
FindResourceW
VirtualFree
VirtualAlloc
CreateFileA
SystemTimeToFileTime
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
SetEndOfFile
SetFilePointerEx
WriteFile
ReadFile
GetFileSizeEx
FormatMessageW
GetLocalTime
LocalFree
GetCurrentThreadId
SetLastError
GetLocaleInfoA
HeapCreate
HeapReAlloc
GetStartupInfoW
ExitThread
ExitProcess
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
GetSystemTime
UnhandledExceptionFilter
TlsFree
DeleteAtom
FindAtomW
TlsAlloc
ReleaseMutex
AddAtomW
OpenThread
GetAtomNameW
TlsSetValue
WaitForSingleObject
TlsGetValue

user32

wvsprintfW
RegisterClassExW
ReleaseDC
UpdateLayeredWindow
GetDC
LoadImageW
IsDialogMessageW
IsWindow
PostMessageW
DestroyWindow
DefWindowProcW
CallWindowProcW
UnregisterClassA
SetWindowLongW
GetWindowLongW
SetWindowPos
CreateDialogParamW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
ShowWindow
CharNextW
GetWindowRect
LoadStringW
SetTimer
KillTimer
WindowFromPoint
GetWindowThreadProcessId
GetDesktopWindow
GetForegroundWindow
GetAncestor
EnumDisplaySettingsW
GetMonitorInfoW
MonitorFromPoint
GetWindowInfo
GetWindow
GetShellWindow
MessageBoxW
GetActiveWindow
GetSystemMetrics
PostQuitMessage
SystemParametersInfoW
IsWindowVisible
FindWindowW
ScreenToClient
SendMessageW
GetClassInfoExW

gdi32

DeleteObject
CreateFontW
GetTextMetricsW
EnumFontFamiliesW
CreateCompatibleDC
SelectObject
DeleteDC
CreateDIBSection
GetDeviceCaps

advapi32

RegDeleteKeyW
RegEnumKeyExA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegOpenKeyExA

shell32

ShellExecuteExW
ShellExecuteW

ole32

CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString
VarUI4FromStr

shlwapi

StrCmpIW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW
StrToIntExW
SHGetValueA
PathCombineW
SHGetValueW
PathIsRelativeW
SHSetValueW
StrCmpW
wnsprintfW
StrStrIW
SHSetValueA

comctl32

_TrackMouseEvent
InitCommonControlsEx

gdiplus

GdipCreateFont
GdipCreateBitmapFromHBITMAP
GdipDrawImageRect
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCloneImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipSaveImageToFile
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipDrawImageRectRectI
GdipGetImageWidth
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipAlloc
GdipFree
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipDrawString
GdipGetImageHeight
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipDeleteFont
GdipMeasureString
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDisposeImage

psapi

GetModuleFileNameExW

iphlpapi

GetAdaptersInfo

wininet

InternetGetConnectedState

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

crypt32

CertGetNameStringW

setupapi

CM_Get_DevNode_Status
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW

netapi32

Netbios

Sections

.text
Size: 377KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff1e69c27f842a3e1779ddd36fd5623c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

psapi

iphlpapi

wininet

urlmon

wintrust

crypt32

setupapi

netapi32

Sections

.text Size: 377KB - Virtual size: 377KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 149KB - Virtual size: 149KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 377KB - Virtual size: 377KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 149KB - Virtual size: 149KB

.reloc
Size: 13KB - Virtual size: 13KB