2024-01-01_34184c9fea2f73aa7f9533fedb8d9d86_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-01_34184c9fea2f73aa7f9533fedb8d9d86_magniber
Size

5.9MB
MD5

34184c9fea2f73aa7f9533fedb8d9d86
SHA1

5760d33b7eb3b611650c0532f72f27f2d8f5225b
SHA256

16ddac06afa49b09684312b702062780a84e940747010fda878affed60d0bdcc
SHA512

68564b596a34191a41a534b5ad66889d895e5e4b16a914cc93ab838eac631faafbad7189bda1a3c9bec7cdce0e9d807b385988623e53ff81b28e5bf5a1ed54f4
SSDEEP

98304:QhuUjZpK5R3yZuYQxtuc27hkobUanVOLv5xX7kR45PdMRwRDgpusNpz:0NY5ecskIixFIRfKRsXz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-01_34184c9fea2f73aa7f9533fedb8d9d86_magniber

Files

2024-01-01_34184c9fea2f73aa7f9533fedb8d9d86_magniber
.exe windows:5 windows x86 arch:x86

61655fe9ec7c8ed6c2355c7b42497458

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConvertThreadToFiber
SwitchToFiber
QueueUserWorkItem
GetFileSize
GetFullPathNameW
FindFirstFileW
GetFileAttributesW
GetTempPathW
FindClose
RemoveDirectoryW
FindNextFileW
SetFileAttributesW
GetModuleHandleA
WriteFile
VirtualFree
WaitForSingleObject
CreateDirectoryW
MoveFileExW
FreeResource
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
DeleteCriticalSection
lstrcmpiW
DeviceIoControl
LockResource
EnterCriticalSection
GetProcAddress
SetLastError
GetLastError
RaiseException
FlushInstructionCache
lstrlenW
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
ReadFile
TerminateProcess
LeaveCriticalSection
CreateFiber
GetPrivateProfileStringA
WideCharToMultiByte
lstrcmpiA
lstrcmpA
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetPrivateProfileStringW
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
GetStdHandle
HeapCreate
LCMapStringW
LCMapStringA
GetCPInfo
lstrlenA
CreateEventW
GetTickCount
SetEvent
CreateThread
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetLongPathNameW
GetStartupInfoW
GlobalFree
GlobalUnlock
GlobalAlloc
IsBadReadPtr
GlobalLock
ExpandEnvironmentStringsW
DeleteFileW
GetVersion
MoveFileW
VirtualAlloc
GetPrivateProfileIntW
WritePrivateProfileStringW
SizeofResource
Sleep
LoadLibraryW
InitializeCriticalSection
GetModuleHandleW
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
CreateProcessW
LoadResource
FreeLibrary
FindResourceW
FindResourceExW
GetSystemDirectoryW
GetVersionExW
TerminateThread
RtlUnwind
MoveFileA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitProcess
InterlockedCompareExchange
HeapFree
GetConsoleOutputCP
OpenProcess
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
HeapDestroy
HeapReAlloc
HeapSize
InterlockedExchange
CreateFileA
SystemTimeToFileTime
SetFilePointer
CreateMutexW
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
TlsFree
DeleteAtom
FindAtomW
TlsAlloc
ReleaseMutex
AddAtomW
OpenThread
GetAtomNameW
TlsSetValue
TlsGetValue
GetSystemTime
LocalFree
FormatMessageW
OutputDebugStringW
GetFileSizeEx
SetFilePointerEx

user32

PostQuitMessage
GetAncestor
GetForegroundWindow
wsprintfW
ExitWindowsEx
FindWindowW
WindowFromPoint
GetWindowInfo
PostMessageW
GetWindowRect
UnregisterClassA
DispatchMessageW
DefWindowProcW
CallWindowProcW
GetSystemMetrics
MessageBoxW
CreateWindowExW
GetActiveWindow
ShowWindow
SetWindowLongW
PeekMessageW
GetWindowLongW
RegisterClassExW
TranslateMessage
GetClassInfoExW
BeginPaint
GetClientRect
LoadCursorW
DialogBoxParamW
CharNextW
GetMessageW
DestroyWindow
EndPaint
GetWindow
GetWindowThreadProcessId
IsWindow
EnableWindow
MonitorFromWindow
EndDialog
RedrawWindow
AdjustWindowRectEx
MapWindowPoints
SetWindowTextW
GetWindowRgn
MoveWindow
ClientToScreen
MonitorFromPoint
TrackPopupMenu
GetSubMenu
SetFocus
LoadMenuW
GetCursorPos
DestroyMenu
GetMonitorInfoW
CheckMenuItem
PtInRect
EqualRect
CopyRect
SendMessageW
RegisterWindowMessageW
SetCursor
GetParent
IsWindowEnabled
InvalidateRect
IsWindowVisible
GetWindowTextW
FindWindowExW
SetTimer
DrawTextW
KillTimer
SetRect
SystemParametersInfoW
GetDlgItem
RegisterDeviceNotificationW
SetWindowPos
GetDesktopWindow

gdi32

SetBkColor
GetStockObject
CreateDIBSection
PtInRegion
CreateRectRgn
SetWindowOrgEx
LPtoDP
DPtoLP
GetClipBox
GetTextExtentPoint32W
SetTextColor
CreateFontIndirectW
SetBkMode
ExtTextOutW
GetObjectW
BitBlt
SetViewportOrgEx
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap

advapi32

OpenSCManagerW
RegEnumKeyExA
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
CloseServiceHandle
RegQueryValueExA
OpenServiceW
QueryServiceStatusEx
CryptAcquireContextW
CryptSetKeyParam
CryptReleaseContext
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptDecrypt
RegOpenKeyExA

shell32

ord680
SHGetSpecialFolderPathW
ShellExecuteExW
ShellExecuteW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CreateBindCtx
CoUninitialize
CreateStreamOnHGlobal

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsW
PathFindFileNameW
StrCmpIW
PathRemoveFileSpecW
SHSetValueA
PathCombineW
SHGetValueW
PathAppendW
PathIsDirectoryW
SHSetValueW
SHGetValueA

comctl32

_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipCreateBitmapFromFile
GdipLoadImageFromStream
GdipCloneImage
GdipCreateBitmapFromResource
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipCreateBitmapFromStream
GdipAlloc

urlmon

RegisterBindStatusCallback
CreateURLMoniker

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

psapi

GetModuleFileNameExW
EnumProcesses
EnumProcessModules

iphlpapi

GetAdaptersInfo

setupapi

CM_Get_Parent
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
CM_Get_Child
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
CM_Get_Device_IDW
SetupDiGetDeviceInstanceIdW
CM_Get_DevNode_Status
SetupDiEnumDeviceInfo
CM_Get_Sibling
CM_Locate_DevNodeW
SetupDiGetDeviceInterfaceDetailW

netapi32

Netbios

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61655fe9ec7c8ed6c2355c7b42497458

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

urlmon

version

psapi

iphlpapi

setupapi

netapi32

Sections

.text Size: 336KB - Virtual size: 335KB

.rdata Size: 65KB - Virtual size: 65KB

.data Size: 43KB - Virtual size: 63KB

.rsrc Size: 357KB - Virtual size: 357KB

.reloc Size: 26KB - Virtual size: 25KB

.text
Size: 336KB - Virtual size: 335KB

.rdata
Size: 65KB - Virtual size: 65KB

.data
Size: 43KB - Virtual size: 63KB

.rsrc
Size: 357KB - Virtual size: 357KB

.reloc
Size: 26KB - Virtual size: 25KB