TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
Behavioral task
behavioral1
Sample
2023-08-22_4db16711d7469ac9c14fab0c881c16a0_magniber_pos_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
2023-08-22_4db16711d7469ac9c14fab0c881c16a0_magniber_pos_JC.exe
Resource
win10v2004-20230831-en
Target
2023-08-22_4db16711d7469ac9c14fab0c881c16a0_magniber_pos_JC.exe
Size
26.6MB
MD5
4db16711d7469ac9c14fab0c881c16a0
SHA1
b15bd63faa5a25f4ac67f696c5e083106eddf1ad
SHA256
28c5d44d892fe9c7b2fe15e53955c623fda000ded96167495d86fe536de60a91
SHA512
1b04507ea1558f4030fb3a25109cc12ca215bff9f52ef6285e027252eaf5726f10533eff92daf9002dc3e04d31c5ceca73b4572864eaabf904bdf951f839b113
SSDEEP
393216:MzTbO5z8W8U2foOnK70EBKcWYlGgpt6DNcwy:MuttHGxv+krDNQ
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
2023-08-22_4db16711d7469ac9c14fab0c881c16a0_magniber_pos_JC.exe |
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE