2023-08-25_884fce6991838d2999bf4efc54f8bb5e_magniber_revil_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-25_884fce6991838d2999bf4efc54f8bb5e_magniber_revil_JC.exe
Size

5.2MB
MD5

884fce6991838d2999bf4efc54f8bb5e
SHA1

5cd0cdcf6695f3e6e0770d015410c7a220707ae3
SHA256

0462bb0ae1ff30a682a44932f523e0c274748bc3878941e759da654a9883498c
SHA512

31d1f48f936323fc7f0e759ddfc2a15ebe9e66e8dbb0fb9169f305d43080788b8c12a5a9c4ec935fd89877d844796eb3091090850408c0d8d1590c9c1bec4954
SSDEEP

98304:UGcR6vnpr1ZMuypHBk9WmTRUdOofGOeWo/b76gF3oz+c7G5he2u8mY9z0rm:UGSCnv7TReOp/b76C678JmY9zem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-25_884fce6991838d2999bf4efc54f8bb5e_magniber_revil_JC.exe

Files

2023-08-25_884fce6991838d2999bf4efc54f8bb5e_magniber_revil_JC.exe
.exe windows:5 windows x86

62e197479f205f7eb3437f240025aaee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wldap32

ord143
ord50
ord26
ord30
ord200
ord32
ord217
ord79
ord33
ord301
ord27
ord41
ord46
ord211
ord22
ord35
ord60

kernel32

GetLocaleInfoW
FileTimeToLocalFileTime
SetFileTime
GetCurrentDirectoryW
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
RaiseException
SetConsoleCtrlHandler
ExitThread
GetTimeFormatA
GetDateFormatA
GetStartupInfoW
HeapReAlloc
HeapSize
ExitProcess
GetTimeZoneInformation
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
VirtualAlloc
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetSystemDirectoryA
QueryPerformanceFrequency
VerifyVersionInfoA
CompareFileTime
GetEnvironmentVariableA
PeekNamedPipe
MoveFileExA
FlushFileBuffers
GetConsoleScreenBufferInfo
SetFilePointer
ReadFile
GlobalFlags
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetVersionExA
SystemTimeToFileTime
FileTimeToSystemTime
lstrlenA
lstrcmpA
CompareStringW
ResumeThread
SetThreadPriority
GetCurrentDirectoryA
GetFullPathNameA
DeleteFileA
SetConsoleMode
ReadConsoleInputA
GetFileInformationByHandle
GetFileAttributesA
FindFirstFileA
GetDriveTypeA
DosDateTimeToFileTime
GetLocalTime
TryEnterCriticalSection
CreateMutexW
GetDiskFreeSpaceExW
RemoveDirectoryW
CreateHardLinkW
MoveFileExW
GetFileAttributesExW
GetComputerNameA
GetLogicalDriveStringsW
ExpandEnvironmentStringsW
GetLongPathNameW
FormatMessageA
OpenEventA
CreateWaitableTimerA
ResetEvent
GetSystemTime
GlobalMemoryStatus
GetVersion
FlushConsoleInputBuffer
SetConsoleTextAttribute
CreatePipe
GetExitCodeThread
GetConsoleWindow
GetExitCodeProcess
SetEndOfFile
FormatMessageW
MulDiv
lstrlenW
LockResource
GlobalFree
LocalReAlloc
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
CompareStringA
GetFileSize
DuplicateHandle
CreateSemaphoreA
CreateEventA
ReleaseSemaphore
CloseHandle
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
SleepEx
SetEvent
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
CreateIoCompletionPort
VerifyVersionInfoW
VerSetConditionMask
InterlockedCompareExchange
HeapFree
GetProcessHeap
TlsGetValue
TlsSetValue
TlsFree
SetWaitableTimer
PostQueuedCompletionStatus
WaitForSingleObject
InterlockedExchangeAdd
Sleep
TerminateProcess
OpenProcess
HeapAlloc
GetPrivateProfileStringA
TlsAlloc
CreateEventW
QueueUserAPC
TerminateThread
LocalFree
LocalAlloc
SetUnhandledExceptionFilter
GetCurrentThreadId
CreateThread
GetProcessTimes
WriteFile
lstrcpyW
FindFirstFileW
FindNextFileW
CopyFileW
FindClose
GetFileAttributesW
SetFileAttributesW
FindResourceW
LoadResource
SizeofResource
FreeResource
GetSystemDirectoryW
MoveFileW
GetModuleHandleA
GetCurrentProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetModuleHandleW
GetSystemInfo
CreateFileW
CreateMutexA
ReleaseMutex
WritePrivateProfileStringA
LoadLibraryW
GetProcAddress
FreeLibrary
CreateProcessW
CreateFileA
DeviceIoControl
GetEnvironmentVariableW
GetTickCount
DeleteFileW
InitializeCriticalSection
GetTempPathW
CreateDirectoryW
GetPrivateProfileIntW
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
GetModuleFileNameW
OpenMutexA
GetCurrentProcessId
WaitForMultipleObjectsEx
WaitForSingleObjectEx
CreateWaitableTimerW
SetLastError
GetQueuedCompletionStatus
WaitForMultipleObjects

user32

GetProcessWindowStation
GetUserObjectInformationW
GetSubMenu
GetMenuItemCount
SetCursor
InvalidateRect
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
ClientToScreen
ShowWindow
ReleaseCapture
SetRect
GetMenuItemID
GetMenuState
ValidateRect
PeekMessageW
GetKeyState
DispatchMessageW
TranslateMessage
GetMessageW
CallNextHookEx
GetSysColorBrush
GetSysColor
wsprintfW
MoveWindow
SystemParametersInfoW
SetWindowLongW
GetWindowLongW
SetWindowTextW
RegisterWindowMessageW
WinHelpW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
CopyRect
PtInRect
GetDlgCtrlID
IsRectEmpty
UnionRect
SetWindowsHookExW
AppendMenuW
CreatePopupMenu
LoadIconW
DestroyMenu
MessageBoxW
TrackPopupMenu
SetForegroundWindow
GetCursorPos
PostMessageW
SendMessageW
KillTimer
SetTimer
UpdateWindow
PostQuitMessage
UnhookWindowsHookEx
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowThreadProcessId
FindWindowW
CreateAcceleratorTableW
InvalidateRgn
GetCaretPos
HideCaret
ShowCaret
CharPrevW
GetWindowRgn
CharNextW
UpdateLayeredWindow
GetUpdateRect
ReleaseDC
GetCaretBlinkTime
SetCaretPos
CreateCaret
SetWindowRgn
MonitorFromPoint
IsZoomed
DefWindowProcW
CallWindowProcW
GetMenu
RegisterClassExW
SetCapture
GetCapture
MonitorFromWindow
GetMonitorInfoW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowTextLengthW
GetWindowTextW
LoadCursorW
GetSystemMetrics
GetDC
MessageBoxA

gdi32

GetTextExtentPoint32W
ExtTextOutW
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
GetStockObject
CreateSolidBrush
SaveDC
CreateRectRgnIndirect
CombineRgn
GetTextMetricsW
RestoreDC
SetBkMode
SelectClipRgn
CreateRectRgn
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetStretchBltMode
SetMapMode
CreateCompatibleBitmap
GetObjectA
CreateRoundRectRgn
CreateDIBSection
PtInRegion
StretchBlt
GetCharABCWidthsW
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
BitBlt
ExtSelectClipRgn
DeleteDC
CreatePen

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

CryptSetHashParam
OpenSCManagerW
CryptDecrypt
ReportEventW
RegisterEventSourceW
CryptGenRandom
CryptCreateHash
CryptSignHashA
CryptDestroyHash
CryptExportKey
CryptGetUserKey
CryptAcquireContextA
CryptGetProvParam
CryptDestroyKey
CryptReleaseContext
CryptEnumProvidersA
RegisterEventSourceA
OpenServiceW
ReportEventA
DeregisterEventSource
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueW
RegQueryValueExW
RegCloseKey
StartServiceW
DeleteService
CreateServiceW
CloseServiceHandle

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
Shell_NotifyIconW
SHGetPathFromIDListW

ole32

OleLockRunning
CLSIDFromString
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CoCreateGuid
CoTaskMemFree
CLSIDFromProgID

oleaut32

VariantClear
VariantChangeType
SysFreeString
SysAllocString
VariantInit

iphlpapi

GetExtendedTcpTable
GetAdaptersInfo

crypt32

CertOpenStore
CertGetCertificateContextProperty
CertOpenSystemStoreA
CertFindCertificateInStore
CertGetIntendedKeyUsage
CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertCloseStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext

shlwapi

wnsprintfW

ws2_32

recvfrom
getnameinfo
inet_addr
gethostbyname
gethostname
WSACreateEvent
WSAEventSelect
WSACloseEvent
WSAEnumNetworkEvents
sendto
socket
recv
send
__WSAFDIsSet
WSAIoctl
connect
accept
getaddrinfo
listen
freeaddrinfo
WSARecv
select
shutdown
getsockname
getpeername
getsockopt
ntohs
closesocket
ioctlsocket
WSASocketW
WSASend
setsockopt
bind
WSAGetLastError
htons
htonl
ntohl
WSASetLastError
WSACleanup
WSAStartup
getservbyname

mswsock

AcceptEx
GetAcceptExSockaddrs

gdiplus

GdipDrawRectangleI
GdipLoadImageFromStream
GdipImageSelectActiveFrame
GdipDrawImageRectI
GdipCloneImage
GdiplusStartup
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipCreateFromHDC
GdipDeleteGraphics
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipMeasureString
GdipDrawString
GdipFillRectangleI
GdipCreatePen1
GdipDeletePen
GdipSetPenDashStyle
GdipDrawLineI
GdipSetPenMode
GdipCreateFontFromDC
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipDrawPath
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem

dbghelp

MiniDumpWriteDump

oleacc

CreateStdAccessibleObject
LresultFromObject

comctl32

ord17
_TrackMouseEvent

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 777KB - Virtual size: 777KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 618KB - Virtual size: 617KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62e197479f205f7eb3437f240025aaee

Headers

DLL Characteristics

File Characteristics

Imports

wldap32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

iphlpapi

crypt32

shlwapi

ws2_32

mswsock

gdiplus

dbghelp

oleacc

comctl32

imm32

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 777KB - Virtual size: 777KB

.data Size: 98KB - Virtual size: 137KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 618KB - Virtual size: 617KB

.reloc Size: 215KB - Virtual size: 215KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 777KB - Virtual size: 777KB

.data
Size: 98KB - Virtual size: 137KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 618KB - Virtual size: 617KB

.reloc
Size: 215KB - Virtual size: 215KB