2024-01-10_b165ca4557575ccac4c6f29947b2051c_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-10_b165ca4557575ccac4c6f29947b2051c_magniber
Size

3.4MB
MD5

b165ca4557575ccac4c6f29947b2051c
SHA1

4c828394474cf923ca1743b20561aeb44bf80f42
SHA256

4fd39a617b3960c6dd80e47c5b50dd945cedad1af2cfadf19df3be18ac38cb09
SHA512

f65bbf7b788fe6d316f4c199263c7f0398373af2b799d9e153cfebfc7d64d2cb25e24703737fdb04d1444ed54c278541e8dbd9a8701acaa3eb0d9453dbcd3985
SSDEEP

98304:oRpMhxLpYpEDVgsQEexj84eFralV9zH/OnOqHd:4MhRaaDVgsQRx8rk9bGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-10_b165ca4557575ccac4c6f29947b2051c_magniber

Files

2024-01-10_b165ca4557575ccac4c6f29947b2051c_magniber
.exe windows:6 windows x86 arch:x86

d306c21dcaefbd0c25bea1b641d04054

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
CreateThread
MoveFileW
GetTempFileNameW
CopyFileW
GetCurrentProcessId
MoveFileExW
GetLocalTime
DeleteFileW
FormatMessageW
WritePrivateProfileStringW
LoadLibraryExW
lstrcmpiW
MultiByteToWideChar
ExitThread
GetCurrentThreadId
CreateMutexW
GetCommandLineW
MapViewOfFile
CreateFileMappingW
ResetEvent
GetSystemInfo
CloseHandle
SetEvent
CreateEventW
UnmapViewOfFile
CreateFileW
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
LoadLibraryW
GetModuleFileNameW
lstrcpynW
GetCurrentProcess
FindResourceW
LoadResource
FindResourceExW
LockResource
SizeofResource
GetModuleHandleW
GetProcessHeap
DeleteCriticalSection
LocalFree
lstrcmpA
DeviceIoControl
WriteConsoleW
SetFilePointerEx
ReadConsoleW
SetStdHandle
OutputDebugStringA
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
GetProcAddress
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetTempPathW
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
GetFileType
GetModuleFileNameA
ExitProcess
GetModuleHandleExW
RtlUnwind
WaitForMultipleObjectsEx
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
ReleaseSemaphore
DuplicateHandle
SetProcessAffinityMask
VirtualProtect
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
GetCurrentThread
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
lstrlenA
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
InitializeCriticalSectionAndSpinCount
QueryPerformanceFrequency
QueryPerformanceCounter
TryEnterCriticalSection
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
GetPrivateProfileStringW
GetOEMCP
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetLastError
HeapSize
LocalAlloc
InitializeCriticalSectionEx
HeapFree
EncodePointer
OutputDebugStringW
GetCurrentDirectoryW
SearchPathW
CreateDirectoryW
GetFullPathNameW
GetShortPathNameW
RemoveDirectoryW
SetFileAttributesW
SetFileTime
GetSystemDirectoryW
GetWindowsDirectoryW
lstrlenW
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileW
FindNextFileW
GetLogicalDriveStringsW
CompareFileTime
GetFileInformationByHandle
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetStdHandle
GetFileAttributesExW
GetFileAttributesW
SetLastError
GetDiskFreeSpaceExW
QueryDosDeviceW
OpenProcess
GetTickCount
WideCharToMultiByte
GetLongPathNameW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetFileSizeEx
WaitForMultipleObjects
TerminateProcess
GetExitCodeProcess
GetEnvironmentVariableW
GetVersionExW
CreateFileA
DeleteFileA
GetTempPathA
GetTempFileNameA
SetCurrentDirectoryW
MulDiv
FreeResource
GetACP
lstrcmpW
FileTimeToLocalFileTime
GetFileTime
LocalFileTimeToFileTime
GetSystemTime
FileTimeToDosDateTime
DosDateTimeToFileTime
SystemTimeToFileTime
IsBadReadPtr
GetVersion
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
Sleep
ResumeThread
IsDebuggerPresent
RtlCaptureStackBackTrace

user32

UnregisterClassW
IsWindow
ScreenToClient
DestroyWindow
PostMessageW
MonitorFromWindow
SendMessageW
IsWindowEnabled
InvalidateRgn
PostQuitMessage
CreateAcceleratorTableW
GetMonitorInfoW
GetWindowDC
RedrawWindow
SetLayeredWindowAttributes
SetForegroundWindow
LoadImageW
GetMessageW
DefWindowProcW
FindWindowExW
SendMessageTimeoutW
DispatchMessageW
PeekMessageW
CharNextW
TranslateMessage
MessageBoxW
wsprintfW
GetShellWindow
GetWindowThreadProcessId
FindWindowW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
GetWindowLongW
SetWindowLongW
LoadCursorW
IsChild
UpdateLayeredWindow
SetWindowPos
IsWindowVisible
IsZoomed
SetFocus
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
GetWindowRect
GetCursorPos
CreateCaret
GetCaretBlinkTime
SetCaretPos
MapWindowPoints
IntersectRect
UnionRect
IsRectEmpty
GetSystemMetrics
GetParent
GetClassNameW
GetWindow
IsIconic
EnableWindow
SetWindowRgn
SetPropW
RemovePropW
RegisterClassW
ShowWindow
GetMenu
GetPropW
AdjustWindowRectEx
SystemParametersInfoW
wvsprintfW
SetCursor
InflateRect
OffsetRect
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
MonitorFromPoint
CopyRect
CopyImage
CharPrevW
DrawTextW
SetRect
DestroyIcon
DrawIconEx
GetIconInfo
GetMessagePos
MoveWindow
GetDlgCtrlID
DrawFocusRect
FillRect
HideCaret
ShowCaret
ClientToScreen
GetSysColor
PtInRect

advapi32

RegOpenKeyExW
FreeSid
AllocateAndInitializeSid
GetUserNameW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegCreateKeyW
CryptDestroyHash
RegDeleteValueW
GetExplicitEntriesFromAclW
EqualSid
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
DeleteAce
GetTrusteeNameW
LookupAccountSidW
LookupAccountNameW
RegSetValueExW
OpenProcessToken
AdjustTokenPrivileges
DuplicateTokenEx
LookupPrivilegeValueW
RegEnumValueW
RegQueryValueExW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetKeyParam
CryptGetHashParam
CryptImportKey
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptHashData
CheckTokenMembership

shell32

ord165
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHChangeNotify
SHFileOperationW

ole32

OleRun
CreateStreamOnHGlobal
StringFromGUID2
CLSIDFromString
OleLockRunning
CoInitializeEx
CoInitializeSecurity
OleUninitialize
CoInitialize
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoTaskMemFree
OleInitialize
CoTaskMemRealloc
CLSIDFromProgID
CoSetProxyBlanket
CoCreateGuid

oleaut32

VariantInit
VariantClear
SysAllocString
SysAllocStringByteLen
CreateErrorInfo
SetErrorInfo
GetErrorInfo
SafeArrayPutElement
SafeArrayCreate
VariantChangeType
SysFreeString
SysStringLen
VariantCopy
SysStringByteLen
VarUI4FromStr

shlwapi

StrToIntExW
StrStrIW
PathFindExtensionW
SHAutoComplete
PathFileExistsW
wnsprintfW
PathFindFileNameA
PathIsPrefixW
AssocQueryStringW
SHSetValueA
PathRenameExtensionA
PathIsDirectoryW
PathIsRelativeW
SHSetValueW
PathFindFileNameW
PathRemoveFileSpecW
PathIsRootW
PathCompactPathW
SHGetValueW
PathCombineW
PathAppendW

comctl32

ImageList_DrawEx
ImageList_GetIconSize
_TrackMouseEvent
ord17
InitCommonControlsEx

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msimg32

AlphaBlend
GradientFill

gdiplus

GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawLineI
GdiplusShutdown
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromStreamICM
GdipDrawImageRectI
GdipGetImagePixelFormat
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipDrawPath
GdipFillEllipseI
GdipClosePathFigure
GdipCreateTexture
GdipCloneImage
GdipDisposeImage
GdiplusStartup
GdipGetImageGraphicsContext
GdipDrawRectangleI
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipGraphicsClear
GdipFillPath
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipAddPathArc
GdipDrawEllipseI
GdipSaveImageToFile

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcesses

iphlpapi

GetAdaptersInfo

wininet

InternetGetConnectedState

setupapi

SetupIterateCabinetW

crypt32

CryptStringToBinaryW
CryptBinaryToStringA
CryptBinaryToStringW
CryptStringToBinaryA

netapi32

Netbios

gdi32

CreateDCW
GetTextColor
ExtTextOutW
TextOutW
SetDIBColorTable
CreateDIBSection
SetStretchBltMode
StretchBlt
SetBkColor
ExtSelectClipRgn
SelectClipRgn
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateRectRgnIndirect
CombineRgn
GetDeviceCaps
SetTextColor
SetBkMode
CreateSolidBrush
CreateRoundRectRgn
SetWindowOrgEx
GetObjectW
GetTextMetricsW
SelectObject
SetDIBitsToDevice
GetDIBits
SaveDC
RestoreDC
Rectangle
GetStockObject
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GdiFlush

Exports

Exports

_start@12
start

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 942KB - Virtual size: 941KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d306c21dcaefbd0c25bea1b641d04054

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

version

msimg32

gdiplus

psapi

iphlpapi

wininet

setupapi

crypt32

netapi32

gdi32

Exports

Exports

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 381KB - Virtual size: 381KB

.data Size: 24KB - Virtual size: 62KB

.rsrc Size: 942KB - Virtual size: 941KB

.reloc Size: 97KB - Virtual size: 97KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 381KB - Virtual size: 381KB

.data
Size: 24KB - Virtual size: 62KB

.rsrc
Size: 942KB - Virtual size: 941KB

.reloc
Size: 97KB - Virtual size: 97KB