2023-08-27_361ea8209630ea1fc1e212ce23ee9b27_magniber_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-27_361ea8209630ea1fc1e212ce23ee9b27_magniber_JC.exe
Size

23.2MB
MD5

361ea8209630ea1fc1e212ce23ee9b27
SHA1

8e8272f9890226e0bd28dbfb6e28eb335dfd57aa
SHA256

0a11f0af4b75f972200c636beebf476aaeabed96f77e8bfce49c73ed86239e74
SHA512

14a96e52fa60ab33700f82a0c8a5979c25706391d982f4ac975be11921a2b9b00d47b80610078e976d21f3188accb6e6a613af480f856669cf71a238d8862b40
SSDEEP

196608:lBY376DEtUmaIsqY4tdqYrKcxos1+11dFY9IPqYZvUqYneXmzWLy3TXsUkKneBSq:HY376DCYie4kTxz7lydH0GB4I+v/Sa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-27_361ea8209630ea1fc1e212ce23ee9b27_magniber_JC.exe

Files

2023-08-27_361ea8209630ea1fc1e212ce23ee9b27_magniber_JC.exe
.exe windows:5 windows x86

376fae70d5dc101bb8e92ceb10e3cd42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetAddConnection2A

cfgmgr32

CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
CM_Get_Sibling
CM_Locate_DevNodeA
CM_Get_Parent

comctl32

ImageList_AddMasked
ImageList_EndDrag
ImageList_DragMove
ImageList_BeginDrag
ImageList_DragLeave
PropertySheetA
ord8
ImageList_Create
ImageList_GetImageInfo
ImageList_Add
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Draw
ImageList_Destroy
ord6
ImageList_DragEnter

crypt32

CertFreeCertificateContext
CertAddSerializedElementToStore
CryptVerifyMessageSignature

shlwapi

UrlCreateFromPathA
PathSkipRootA
PathFindNextComponentA
SHGetValueA
PathRelativePathToA
StrSpnA
StrCSpnIA
PathMakePrettyA
PathCompactPathExA
StrTrimA
PathFileExistsA
SHDeleteKeyA
StrCmpNIA
StrChrA
StrToIntExA
StrStrA
PathCompactPathA
PathIsNetworkPathA
PathAppendA
PathIsDirectoryEmptyA
PathRemoveBackslashA
PathIsSameRootA
PathAddBackslashA
PathFindFileNameA
PathIsUNCA
PathCommonPrefixA
PathAddExtensionA
PathStripToRootA
PathFindExtensionA
PathCombineA
PathRemoveFileSpecA
PathStripPathA
PathIsDirectoryA
PathRemoveExtensionA
UrlCanonicalizeA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetDial
InternetHangUp
InternetAttemptConnect
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetGetConnectedState
HttpEndRequestA
HttpOpenRequestA
InternetReadFile
InternetCrackUrlA
InternetQueryDataAvailable
InternetConnectA
HttpQueryInfoA
InternetGoOnline
InternetSetFilePointer
HttpSendRequestA

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod
timeGetDevCaps
PlaySoundA

dbghelp

StackWalk
SymEnumSymbols
SymSetContext
SymInitialize
SymGetModuleBase
SymSetOptions
SymGetTypeInfo
SymGetLineFromAddr
SymCleanup
SymGetSymFromAddr
SymFunctionTableAccess

kernel32

FindFirstFileA
GetProcAddress
FindClose
ResetEvent
GetLocalTime
GetDiskFreeSpaceA
GetSystemInfo
FindNextFileA
GetModuleHandleA
DeleteFileA
lstrlenA
ConnectNamedPipe
GetMailslotInfo
DisconnectNamedPipe
CreateNamedPipeA
LocalAlloc
SetNamedPipeHandleState
CancelIo
CreateMailslotA
LocalFree
MoveFileExA
FlushFileBuffers
SetLastError
InterlockedExchange
MoveFileA
CopyFileExA
lstrcmpA
RemoveDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetThreadPriority
FindResourceA
LoadResource
SizeofResource
lstrcatA
SetCurrentDirectoryA
SetFileAttributesA
GetTempFileNameA
LockResource
GetCurrentDirectoryA
GetCurrentThreadId
GetTempPathA
GlobalLock
GlobalUnlock
GetSystemTimeAsFileTime
FindResourceExA
CreateProcessA
GetCurrentProcessId
GetPrivateProfileIntA
FileTimeToSystemTime
InterlockedIncrement
InterlockedDecrement
TerminateThread
GetExitCodeThread
SetHandleInformation
GetTickCount
GetExitCodeProcess
GetStdHandle
CreatePipe
GetCommState
SetCommState
SetCommTimeouts
TransmitCommChar
SetPriorityClass
GetCurrentProcess
GetVersionExA
WinExec
CompareStringA
GlobalReAlloc
lstrcpynA
GetTimeFormatA
FormatMessageA
CompareFileTime
GetWindowsDirectoryA
GetDateFormatA
GetProfileStringA
VirtualQuery
SetUnhandledExceptionFilter
IsBadStringPtrA
GlobalMemoryStatus
GetPriorityClass
GlobalMemoryStatusEx
DeviceIoControl
GetLogicalDrives
GetDiskFreeSpaceExA
HeapReAlloc
HeapCompact
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
HeapSize
LoadLibraryExA
LocalSize
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocaleInfoA
GetCommandLineA
GetFileAttributesA
MulDiv
GetSystemDirectoryA
ResumeThread
lstrcpyA
LocalHandle
CreateSemaphoreA
UnlockFile
LockFile
GetOverlappedResult
ReadFile
WriteFile
SystemTimeToFileTime
SetEndOfFile
SetFilePointer
GetFileSize
CreateFileA
EnumResourceNamesA
GetModuleFileNameA
VirtualAlloc
VirtualFree
MultiByteToWideChar
GetDriveTypeA
GetVolumeInformationA
SetErrorMode
GlobalFree
WideCharToMultiByte
GlobalAlloc
WaitForMultipleObjects
LoadLibraryA
CreateEventA
SetEvent
FreeLibrary
OutputDebugStringA
lstrcmpiA
SetThreadPriority
Sleep
GetCurrentThread
CloseHandle
ReleaseMutex
DeleteCriticalSection
CreateMutexA
EnterCriticalSection
GetLastError
CreateDirectoryA
RaiseException
IsBadWritePtr
LeaveCriticalSection
InitializeCriticalSection
IsBadReadPtr
WaitForSingleObject
GetComputerNameA
ExitThread
CreateThread
GetModuleHandleW
ExitProcess
GetConsoleCP
GetConsoleMode
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetEnvironmentVariableA
SetEnvironmentVariableW
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
RtlUnwind
CompareStringW
CopyFileA
GetProcessHeap

user32

TrackPopupMenu
HideCaret
SendMessageTimeoutA
WaitMessage
MsgWaitForMultipleObjects
ShowCursor
GetMenuItemID
SetMenuItemInfoA
GetMenuItemInfoA
SetPropA
RemovePropA
GetPropA
GetWindowThreadProcessId
DialogBoxIndirectParamA
LoadStringA
GetWindowWord
SetWindowWord
GetDialogBaseUnits
DrawFocusRect
ExitWindowsEx
ReleaseDC
EndPaint
SetWindowPlacement
OpenIcon
SetActiveWindow
IsIconic
BeginPaint
GetWindowPlacement
SystemParametersInfoA
CloseWindow
TranslateMessage
CharLowerBuffA
IsZoomed
GetSystemMetrics
IsWindowVisible
CallWindowProcA
GetWindowTextLengthA
CloseClipboard
GetClipboardData
EmptyClipboard
OpenClipboard
SetClipboardData
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItemInt
GetClassNameA
GetNextDlgTabItem
FillRect
DrawTextA
IsClipboardFormatAvailable
SetTimer
GetWindowRect
KillTimer
SetScrollPos
ClientToScreen
MessageBeep
CreatePopupMenu
AppendMenuA
MapWindowPoints
DestroyMenu
GetAsyncKeyState
IsChild
GetTopWindow
GetFocus
GetParent
InvalidateRect
RedrawWindow
GetSysColor
SetWindowPos
UpdateWindow
LoadCursorA
GetWindow
CharUpperA
IsWindowEnabled
GetWindowTextA
SetWindowTextA
PeekMessageA
PostMessageA
DispatchMessageA
DestroyWindow
RegisterClassExA
CharLowerA
CreateWindowExA
DefWindowProcA
wsprintfA
DestroyIcon
SetCursor
SendDlgItemMessageA
LoadIconA
GetClientRect
SetFocus
SendMessageA
SetRectEmpty
SetDlgItemInt
SetRect
SetWindowLongA
IntersectRect
GetWindowLongA
GetDlgItem
EndDialog
CheckDlgButton
ShowWindow
IsDlgButtonChecked
IsWindow
CheckRadioButton
EqualRect
ShowCaret
DestroyCaret
CreateCaret
SetCaretPos
BringWindowToTop
LoadImageA
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
IsRectEmpty
GetCursorPos
GetMenuItemCount
ReleaseCapture
GetNextDlgGroupItem
ShowScrollBar
ChildWindowFromPoint
GetWindowContextHelpId
ScrollWindowEx
GetMessageA
PostQuitMessage
GetSubMenu
SetForegroundWindow
RegisterWindowMessageA
IsDialogMessageA
GetForegroundWindow
TranslateAcceleratorA
ChangeClipboardChain
LoadAcceleratorsA
AdjustWindowRectEx
SetClipboardViewer
LoadMenuA
GetMenu
EnableMenuItem
SetMenu
DrawMenuBar
FindWindowA
GetMessagePos
CharUpperBuffA
LoadBitmapA
InflateRect
WindowFromPoint
SetCursorPos
SetParent
SetScrollInfo
GetMenuState
GetKeyState
RegisterClipboardFormatA
UnionRect
OffsetRect
DrawTextExA
SetCapture
DeleteMenu
PtInRect
GetUpdateRect
GetCapture
SetWindowContextHelpId
TrackPopupMenuEx
GetScrollInfo
CheckMenuItem
GetMessageTime
MessageBoxA
GetDC
ScreenToClient

gdi32

AbortPath
CreateEnhMetaFileA
ExtFloodFill
SelectClipPath
ExtCreatePen
StrokePath
BeginPath
CloseFigure
GetTextExtentPoint32A
Polyline
PolyBezier
GetTextMetricsA
CreateICA
IntersectClipRect
GetPixel
CloseEnhMetaFile
SetDIBitsToDevice
CreateDIBSection
SetPixel
StretchDIBits
SetTextAlign
CreateRectRgnIndirect
CombineRgn
FillRgn
CreateRectRgn
ExtTextOutA
TextOutA
MoveToEx
LineTo
BitBlt
SetTextColor
Polygon
SetBkColor
SetBkMode
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen
Chord
CreateSolidBrush
SelectClipRgn
GetObjectType
Ellipse
FlattenPath
GetPath
GetStockObject
SetViewportExtEx
CreatePatternBrush
GetTextExtentExPointA
GetBkColor
Rectangle
SetMapMode
DPtoLP
GetCurrentObject
GetEnhMetaFileBits
SetWindowExtEx
LPtoDP
DeleteEnhMetaFile
GetTextColor
OffsetViewportOrgEx
EnumFontFamiliesA
OffsetWindowOrgEx
GetBkMode
SetViewportOrgEx
GetViewportExtEx
PlayEnhMetaFile
CopyEnhMetaFileA
GetWindowExtEx
CreateBitmap
CreateDCA
GetDIBits
AbortDoc
EndDoc
StartDocA
StartPage
EndPage
SetWindowOrgEx
SetROP2
EnumFontFamiliesExA
GdiFlush
CreateFontIndirectA
EndPath
DeleteDC
DeleteObject
GetObjectA
GetDeviceCaps

winspool.drv

SetPrinterA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
EnumPrintersA

comdlg32

ChooseColorA
PrintDlgA
GetOpenFileNameA
PageSetupDlgA
GetSaveFileNameA

advapi32

DeleteService
OpenSCManagerA
ControlService
OpenServiceA
StartServiceA
ChangeServiceConfigA
CreateServiceA
CloseServiceHandle
AdjustTokenPrivileges
SetFileSecurityA
LookupPrivilegeValueA
OpenProcessToken
GetUserNameA
RegEnumValueA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
SetEntriesInAclA
InitializeSecurityDescriptor

shell32

SHBrowseForFolderA
SHGetDesktopFolder
ord680
ShellExecuteA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
DragFinish
DragQueryFileA
DragAcceptFiles
SHAddToRecentDocs
SHGetFolderPathA

ole32

CLSIDFromString
CoTaskMemAlloc
OleInitialize
OleUninitialize
GetRunningObjectTable
CreateItemMoniker
CoInitialize
CoUninitialize
CoGetMalloc
CoCreateInstance
CoTaskMemFree

oleaut32

VariantInit
VariantClear
OleCreatePropertyFrameIndirect
SysFreeString

Sections

.text
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 785KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mx_api
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16.8MB - Virtual size: 16.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

376fae70d5dc101bb8e92ceb10e3cd42

Headers

DLL Characteristics

File Characteristics

Imports

mpr

cfgmgr32

comctl32

crypt32

shlwapi

version

wininet

winmm

dbghelp

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 6.2MB - Virtual size: 6.2MB

.rdata Size: 208KB - Virtual size: 207KB

.data Size: 48KB - Virtual size: 785KB

mx_api Size: 512B - Virtual size: 10B

.tls Size: 2KB - Virtual size: 1KB

.rsrc Size: 16.8MB - Virtual size: 16.8MB

.text
Size: 6.2MB - Virtual size: 6.2MB

.rdata
Size: 208KB - Virtual size: 207KB

.data
Size: 48KB - Virtual size: 785KB

mx_api
Size: 512B - Virtual size: 10B

.tls
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 16.8MB - Virtual size: 16.8MB