2023-08-26_321bac79119a1a89a15750a410e78033_magniber_revil_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-26_321bac79119a1a89a15750a410e78033_magniber_revil_JC.exe
Size

17.6MB
MD5

321bac79119a1a89a15750a410e78033
SHA1

75f3a177a7b4497254058c20fe54ade15b6382e2
SHA256

c28167193ae24434b08a24ea3efa3ecc124e2d348704c65f800f7f6380ce7231
SHA512

b6821baa6a79e868273a7d17f3e7b83783d837a8d422ab517573b2921ba399e098419966b60a8ea0e0e8ae806d2282507215638d2157147fba4d043c9a457936
SSDEEP

393216:6yoTZGReOVPYAmx9CwO9dkQvVLktQmfsII7hZ64xyWTQZR/cW7wF:b6aPYF8hki531

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_321bac79119a1a89a15750a410e78033_magniber_revil_JC.exe

Files

2023-08-26_321bac79119a1a89a15750a410e78033_magniber_revil_JC.exe
.exe windows x86

03f49bc55f13407ab337203414e2ef42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MakeSureDirectoryPathExists

kernel32

GlobalMemoryStatus
FlushConsoleInputBuffer
GetStringTypeW
GetSystemTimeAsFileTime
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
InitializeSListHead
IsDebuggerPresent
SearchPathW
GetProfileIntW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetCurrentDirectoryW
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetLocaleInfoW
CompareStringW
CreateProcessA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
SystemTimeToFileTime
SetFileTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
WaitForMultipleObjects
LocalAlloc
FileTimeToLocalFileTime
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameW
FlushFileBuffers
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
EncodePointer
GetCurrentThreadId
MulDiv
LocalFree
GlobalFree
GlobalSize
SetLastError
ResumeThread
SuspendThread
ReleaseMutex
SetThreadPriority
GetTempFileNameA
GetDiskFreeSpaceExA
GetCurrentProcessId
GetSystemDefaultLCID
CreateDirectoryA
GetFileType
GetCommandLineW
GlobalUnlock
GlobalLock
GlobalAlloc
SetThreadExecutionState
GetSystemInfo
CreateMutexW
GetLogicalDriveStringsA
SetVolumeLabelW
lstrcmpA
GetDriveTypeA
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
TerminateProcess
TerminateThread
CopyFileW
GetSystemDirectoryA
ExpandEnvironmentStringsW
WritePrivateProfileStringW
GetWindowsDirectoryW
GetLogicalDrives
CreateSemaphoreW
OutputDebugStringW
CreateEventW
ReleaseSemaphore
FormatMessageW
GetACP
CreateEventA
SetEvent
GetTickCount
CreateProcessW
GlobalMemoryStatusEx
GetStartupInfoW
SetFilePointerEx
WriteFile
CopyFileExW
InterlockedIncrement
lstrcpyW
GetModuleHandleW
WTSGetActiveConsoleSessionId
FindResourceW
LoadResource
FindResourceExW
CreateThread
GetNativeSystemInfo
LockResource
LoadLibraryA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetSystemPowerStatus
InterlockedDecrement
SizeofResource
GetFileTime
SystemTimeToTzSpecificLocalTime
FreeLibrary
MoveFileExW
GetProcAddress
LoadLibraryW
DeleteFileW
FileTimeToSystemTime
GetFileAttributesA
CopyFileA
SetFileAttributesW
GetModuleHandleA
GetVersionExW
GetFileAttributesW
FindClose
GetTempPathW
FindNextFileA
GetModuleFileNameW
RemoveDirectoryW
GetCurrentProcess
FindNextFileW
FindFirstFileA
GetStdHandle
GetUserDefaultLCID
MoveFileExA
SleepEx
PeekNamedPipe
GetEnvironmentVariableA
RtlUnwind
GetModuleHandleExW
FindFirstFileExW
ExitThread
FreeLibraryAndExitThread
SetStdHandle
GetCommandLineA
HeapQueryInformation
VirtualAlloc
VirtualQuery
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
ReadConsoleW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetStartupInfoA
WaitForSingleObject
CreatePipe
OutputDebugStringA
GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
ExitProcess
DosDateTimeToFileTime
GetLocalTime
OpenEventA
FormatMessageA
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
GetDriveTypeW
QueryPerformanceCounter
WideCharToMultiByte
DeleteCriticalSection
GetFileSize
CloseHandle
DeleteFileA
QueryPerformanceFrequency
GetDiskFreeSpaceExW
CreateFileA
Sleep
MultiByteToWideChar
GetLogicalDriveStringsW
GetSystemDirectoryW
CreateFileW
InitializeCriticalSection
LeaveCriticalSection
DeviceIoControl
lstrlenW
EnterCriticalSection
GetVolumeInformationW
ReadFile
CreateDirectoryW
FindFirstFileW
GetModuleFileNameA

user32

LoadImageW
TrackMouseEvent
DestroyIcon
MapDialogRect
ShowOwnedPopups
SetCursor
DeleteMenu
CreatePopupMenu
GetMenuDefaultItem
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
IsRectEmpty
DrawIconEx
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
TranslateAcceleratorW
InsertMenuItemW
TranslateMessage
GetIconInfo
ExitWindowsEx
MessageBoxW
wsprintfW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
LoadAcceleratorsW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
SetWindowRgn
SetParent
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
wvsprintfW
CharNextW
GetCaretBlinkTime
GetCaretPos
CharPrevW
CreateCaret
ShowCaret
SetCaretPos
InvalidateRgn
GetGUIThreadInfo
CopyIcon
FrameRect
DrawIcon
UnionRect
GetWindowRgn
PeekMessageW
DispatchMessageW
GetMessageW
LoadCursorW
SetPropW
RegisterClassExW
SendMessageW
CreateWindowExW
GetAsyncKeyState
RealChildWindowFromPoint
GetPropW
DestroyWindow
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
SystemParametersInfoW
InflateRect
DestroyCursor
GetProcessWindowStation
PostMessageW
DefWindowProcW
GetWindowTextW
EnumWindows
SetWindowTextW
GetWindowThreadProcessId
EnableWindow
UpdateWindow
ShowWindow
GetClientRect
GetDC
SetForegroundWindow
MessageBoxA
FindWindowW
SetWindowPos
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
ScreenToClient
MoveWindow
ClientToScreen
InvalidateRect
PostQuitMessage
KillTimer
SetTimer
GetParent
SetWindowLongW
IntersectRect
MapWindowPoints
GetMonitorInfoW
IsWindow
MonitorFromWindow
GetWindowRect
GetWindowLongW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
RegisterWindowMessageW
GetMessagePos
GetMessageTime
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
GetUserObjectInformationW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetDlgItem
GetDlgCtrlID
UpdateLayeredWindow
MonitorFromPoint
GetMenuItemInfoW
DestroyMenu
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetSysColorBrush
ReleaseDC
GetSystemMetrics
CharUpperW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
IsWindowEnabled
CheckDlgButton
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
UnhookWindowsHookEx
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
GetSysColor
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetFocus
SetFocus

advapi32

RegDeleteValueW
RegOpenKeyExA
OpenProcessToken
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCreateKeyA
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
DeregisterEventSource
RegisterEventSourceA
ReportEventA
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ConvertStringSecurityDescriptorToSecurityDescriptorW

ole32

CLSIDFromProgID
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CLSIDFromString
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize

shell32

SHGetSpecialFolderPathA
ShellExecuteW
SHGetMalloc
SHFileOperationW
SHGetFolderPathA
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetPathFromIDListW
ShellExecuteA
SHBrowseForFolderW
SHGetFileInfoW
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAppBarMessage
SHCreateDirectoryExA
SHGetSpecialFolderPathW

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
SysStringLen
SysAllocStringLen
VariantInit
SysFreeString
SysAllocStringByteLen
SysAllocString

shlwapi

PathFindFileNameW
StrCmpW
PathRemoveFileSpecW
PathRemoveFileSpecA
PathRemoveArgsA
PathRemoveExtensionW
PathFileExistsA
PathFileExistsW
PathFindExtensionW
PathFindExtensionA
PathRemoveExtensionA
PathIsFileSpecW
StrCpyW
PathFindFileNameA
PathStripPathW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathAppendA
PathUnquoteSpacesA

wtsapi32

WTSQueryUserToken

gdiplus

GdipSetInterpolationMode
GdipDrawImageI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdiplusShutdown
GdipDeleteFontFamily
GdipDeleteBrush
GdipDrawImageRectI
GdipDrawString
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipCloneBrush
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDeleteFont
GdiplusStartup
GdipGetImageHeight
GdipCloneImage
GdipBitmapUnlockBits
GdipAlloc
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipGetPropertyItem
GdipCreateLineBrushI
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipGraphicsClear
GdipDrawImage
GdipCreateFontFromLogfontA
GdipGetFamily
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipCreateFontFromDC

netapi32

Netbios

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

gdi32

BitBlt
CopyMetaFileW
CreateDCW
GetDeviceCaps
SetBkColor
SetTextColor
CreateBitmap
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
GetObjectW
SelectObject
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
GetObjectA
CreatePenIndirect
GetCharABCWidthsW
GdiFlush
CreateCompatibleDC
ScaleWindowExtEx
DeleteDC
DeleteObject
ScaleViewportExtEx

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

comctl32

_TrackMouseEvent
InitCommonControlsEx
ord17

uxtheme

DrawThemeText
DrawThemeParentBackground
GetCurrentThemeName
DrawThemeBackground
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize
CloseThemeData
OpenThemeData
GetThemeColor

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

ws2_32

WSACleanup
closesocket
gethostname
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
recv
gethostbyname
WSACloseEvent
select
__WSAFDIsSet
ioctlsocket
listen
htonl
accept
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
bind
WSASetLastError
WSAGetLastError
WSAIoctl
sendto
freeaddrinfo
recvfrom
socket
WSAStartup
getaddrinfo
send

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmSetCompositionFontW
ImmGetOpenStatus
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

winmm

PlaySoundW

wldap32

ord142
ord79
ord301
ord133
ord145
ord219
ord46
ord14
ord216
ord208
ord41
ord147
ord117
ord26
ord27
ord127
ord167

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.5MB - Virtual size: 12.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03f49bc55f13407ab337203414e2ef42

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

wtsapi32

gdiplus

netapi32

version

gdi32

msimg32

winspool.drv

comctl32

uxtheme

setupapi

ws2_32

oleacc

imm32

winmm

wldap32

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 45KB - Virtual size: 102KB

.gfids Size: 106KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 12.5MB - Virtual size: 12.5MB

.reloc Size: 213KB - Virtual size: 212KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 45KB - Virtual size: 102KB

.gfids
Size: 106KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 12.5MB - Virtual size: 12.5MB

.reloc
Size: 213KB - Virtual size: 212KB