2023-08-26_a03345ae67b9349c473462dbf8727845_magniber_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-26_a03345ae67b9349c473462dbf8727845_magniber_JC.exe
Size

1.8MB
MD5

a03345ae67b9349c473462dbf8727845
SHA1

0d612e2986a1d9669b3dbdd29beed405189dd35a
SHA256

2ffdb71a40ea900db4caacdca5355f169d73f3d683868a6e0b46abf711cd3f5c
SHA512

ece9c4564e9117e886695347da8888fdf26ec8be9f40a7895f0a13c8349c6005972fdfe6a52a8f7fb3b5a936f1fdcd6ed7ef21112cc01f82a4b94076fb7aef0a
SSDEEP

49152:fX6GJ8mMXVbPYtdLAl8roTwCGMVi9Md9Xogr:fX6GyrVbPYtdLAl8t9Md9Xog

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_a03345ae67b9349c473462dbf8727845_magniber_JC.exe

Files

2023-08-26_a03345ae67b9349c473462dbf8727845_magniber_JC.exe
.exe windows:6 windows x86

929e6dd6029be520c622f6a28749aa55

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
FindFirstChangeNotificationW
FindCloseChangeNotification
SetFileTime
GetTempFileNameW
GetShortPathNameW
CreateDirectoryW
SearchPathW
GetFileInformationByHandle
RtlCaptureStackBackTrace
ResetEvent
lstrcmpiW
LoadLibraryExW
GetSystemDirectoryW
Sleep
GetTempPathW
GetCurrentDirectoryW
SetCurrentDirectoryW
VerifyVersionInfoW
SetLastError
VerSetConditionMask
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
GetProcAddress
WriteConsoleW
SetEndOfFile
ReadConsoleW
GetStringTypeW
SetStdHandle
SetConsoleCtrlHandler
SetEnvironmentVariableW
GetModuleHandleW
FreeLibrary
FindResourceExW
DeleteFileW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetModuleFileNameW
OpenProcess
GetCurrentProcessId
CreateMutexW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLongPathNameW
GetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
GetStdHandle
ExitProcess
GetModuleHandleExW
ResumeThread
ExitThread
RtlUnwind
WaitForMultipleObjectsEx
CreateTimerQueue
HeapDestroy
CloseHandle
SetFilePointer
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
ReleaseSemaphore
DuplicateHandle
SetProcessAffinityMask
VirtualProtect
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
GetCurrentThread
GetFileAttributesExW
CreateFileW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
InitializeCriticalSectionEx
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFileSize
GetFullPathNameW
GetLogicalDriveStringsW
QueryDosDeviceW
ReadFile
RemoveDirectoryW
SetFileAttributesW
GetCurrentProcess
GetTickCount
MoveFileExW
GetFileSizeEx
GetLocalTime
OutputDebugStringA
OutputDebugStringW
lstrcpynW
SetEvent
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
GetWindowsDirectoryW
MoveFileW
CreateFileA
DeleteFileA
WriteFile
GetTempPathA
GetTempFileNameA
DeviceIoControl
CreateEventW
WaitForMultipleObjects
LocalAlloc
IsDebuggerPresent
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
TryEnterCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
FormatMessageW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
FreeResource
GetSystemWindowsDirectoryW
GetVersionExW
lstrcmpA
lstrcmpiA
WaitForSingleObjectEx
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer

user32

SendMessageTimeoutW
LoadStringW
GetShellWindow
CopyRect
RegisterWindowMessageW
SendNotifyMessageW
FindWindowW
OffsetRect
UnionRect
EqualRect
DrawFocusRect
DestroyCursor
MoveWindow
UnregisterClassA
GetMessageW
GetClassInfoExW
DispatchMessageW
IsDialogMessageW
SetFocus
EndDialog
GetMonitorInfoW
MonitorFromWindow
LoadCursorW
GetWindow
GetParent
SetWindowLongW
GetWindowLongW
MapWindowPoints
ScreenToClient
GetWindowRect
GetClientRect
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
SetForegroundWindow
ReleaseCapture
TranslateMessage
GetAsyncKeyState
GetActiveWindow
DialogBoxParamW
PeekMessageW
CharNextW
SetCursor
PtInRect
SendMessageW
DestroyWindow
DefWindowProcW
SetCapture
PostQuitMessage
CallWindowProcW
UnregisterClassW
CreateWindowExW
IsWindow
ShowWindow
UpdateLayeredWindow
SetWindowPos
IsWindowVisible
IsIconic
GetWindowThreadProcessId
FindWindowExW
PostMessageW
KillTimer
SetTimer
wsprintfW
RegisterClassExW

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgnIndirect
DeleteDC
DeleteObject
OffsetViewportOrgEx
SaveDC
SelectClipRgn
SelectObject
CreateDIBSection
GetObjectW
SetViewportOrgEx
RectVisible
CreateFontW
EnumFontFamiliesW
RestoreDC

advapi32

OpenSCManagerW
RegOpenKeyExA
RegEnumKeyExA
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptSetKeyParam
CryptGenRandom
CryptImportKey
CryptEncrypt
CryptDecrypt
CryptContextAddRef
GetTokenInformation
UnlockServiceDatabase
QueryServiceStatus
QueryServiceLockStatusW
QueryServiceConfig2W
QueryServiceConfigW
LockServiceDatabase
DeleteService
ControlService
ChangeServiceConfig2W
ChangeServiceConfigW
StartServiceW
OpenProcessToken
AdjustTokenPrivileges
DuplicateTokenEx
LookupPrivilegeValueW
RegEnumValueW
CloseServiceHandle
CreateServiceW
OpenServiceW
RegQueryValueExA

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHGetFolderPathW
CommandLineToArgvW
ShellExecuteW
ShellExecuteExW
ord165

ole32

CoSetProxyBlanket
CoInitializeSecurity
CLSIDFromProgID
CreateStreamOnHGlobal
CoCreateGuid
OleRun
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree

oleaut32

VarUI4FromStr
VariantCopy
CreateErrorInfo
SetErrorInfo
GetErrorInfo
VariantChangeType
SysFreeString
SysAllocString
SysStringByteLen
SysAllocStringByteLen
VariantInit
SysStringLen
VarBstrCmp
VariantClear

shlwapi

SHGetValueW
PathRemoveFileSpecW
PathAppendW
wnsprintfW
PathFindFileNameW
PathFindFileNameA
PathFileExistsW
PathIsPrefixW
StrTrimA
StrStrIA
StrStrIW
StrCmpIW
StrToIntExW
SHGetValueA
PathFindExtensionW
PathCombineW
PathIsRelativeW
PathIsRootW
SHSetValueA
AssocQueryStringW
SHDeleteKeyW
PathRenameExtensionA
SHSetValueW
StrCmpNIW

comctl32

_TrackMouseEvent
InitCommonControlsEx

gdiplus

GdipFree
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipGetImageWidth
GdipAlloc
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipDrawRectangleI
GdipFillRectangleI
GdipGetImageHeight
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdiplusShutdown
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdiplusStartup
GdipDrawImagePointRectI
GdipCreateStringFormat

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

psapi

EnumProcesses
GetProcessImageFileNameW
GetModuleFileNameExW

iphlpapi

GetAdaptersInfo

wininet

InternetGetConnectedState

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

setupapi

SetupIterateCabinetW

Exports

Exports

_BasicEntry@8

Sections

.text
Size: 1021KB - Virtual size: 1021KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 492KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

929e6dd6029be520c622f6a28749aa55

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

version

psapi

iphlpapi

wininet

urlmon

setupapi

Exports

Exports

Sections

.text Size: 1021KB - Virtual size: 1021KB

.rdata Size: 233KB - Virtual size: 233KB

.data Size: 29KB - Virtual size: 50KB

.rsrc Size: 492KB - Virtual size: 492KB

.reloc Size: 53KB - Virtual size: 52KB

.text
Size: 1021KB - Virtual size: 1021KB

.rdata
Size: 233KB - Virtual size: 233KB

.data
Size: 29KB - Virtual size: 50KB

.rsrc
Size: 492KB - Virtual size: 492KB

.reloc
Size: 53KB - Virtual size: 52KB