2024-01-18_7558a0c9a5962d19d72380413d32d04a_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-18_7558a0c9a5962d19d72380413d32d04a_magniber
Size

11.2MB
MD5

7558a0c9a5962d19d72380413d32d04a
SHA1

ed4c6e67d69ac6c6bc45db397ed45c154b4a23b0
SHA256

fc1576712ffe9bbba61c5fa85ece7069e6cac74745a9009d75fc4a0efe6b02ce
SHA512

4c18af2b40d85ea9c8a9b14be05c4236972eb9f2a549dd90198c4e755a37f2a940efaa58df2d0747734a05a66db58553dde5f701eb9034aea533538cbdf9c3d6
SSDEEP

196608:EMSsbDCw3dkeTHXqVsSnopPOSxBCz3xYWHdeDH/UDKkunTwJTvhiTHa:EdsfX3TjXqmSIOPzqW9eDHsOk0Yca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-18_7558a0c9a5962d19d72380413d32d04a_magniber

Files

2024-01-18_7558a0c9a5962d19d72380413d32d04a_magniber
.exe windows:4 windows x86 arch:x86

86843ccfbbac45fac8eb9137df7cc44f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetTempPathW
GetWindowsDirectoryA
GetWindowsDirectoryW
IsBadReadPtr
GetVersionExA
IsValidCodePage
GetACP
GetOEMCP
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoA
GetLocaleInfoW
GetDateFormatA
GetDateFormatW
EnumDateFormatsA
EnumDateFormatsW
GetUserDefaultLCID
DecodePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LocalAlloc
OpenProcess
MulDiv
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
SetThreadPriority
ExitThread
TerminateThread
ResumeThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
ReleaseMutex
CreateMutexA
ExpandEnvironmentStringsA
CreateSemaphoreA
SetStdHandle
GetCPInfo
FindNextFileA
FindFirstFileExA
GetConsoleMode
GetConsoleCP
LCMapStringW
HeapAlloc
GetStringTypeW
HeapReAlloc
HeapFree
SetFilePointerEx
GetFileType
GetStdHandle
FreeLibraryAndExitThread
CreateThread
GetModuleHandleExW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
RtlUnwind
InterlockedPushEntrySList
OutputDebugStringW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
SetEvent
InitializeSListHead
GetEnvironmentVariableW
GetCommandLineW
GetCommandLineA
CreateProcessA
FormatMessageW
GetTickCount
SetLastError
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetExitCodeProcess
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
GetProcessHeap
HeapSize
LocalFree
ExpandEnvironmentStringsW
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
GetVolumeInformationA
MoveFileW
CopyFileW
FindNextFileW
FindFirstFileW
DeleteFileW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
GetDiskFreeSpaceA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTempFileNameW
WriteConsoleW
UnmapViewOfFile
SetFileTime
FindClose
SetFilePointer
SetEndOfFile
FlushFileBuffers
WriteFile
GetFileInformationByHandle
UnlockFile
GetLongPathNameW
GetShortPathNameW
SetUnhandledExceptionFilter
RaiseException
GetDriveTypeA
WaitForSingleObject
ResetEvent
GetSystemDirectoryW
GetSystemDirectoryA
FindResourceA
GetModuleFileNameW
GetModuleFileNameA
LoadLibraryExA
SizeofResource
LoadResource
LockResource
FileTimeToSystemTime
SystemTimeToFileTime
GetTimeZoneInformation
GetLocalTime
GetSystemTime
CompareStringW
CreateProcessW
LoadLibraryW
Sleep
GetCurrentThreadId
ExitProcess
GetProcAddress
FreeLibrary
CreateFileW
GetModuleHandleA
LoadLibraryA
CloseHandle
ReadFile

user32

GetParent
GetWindowLongA
FillRect
GetSysColor
ClientToScreen
SetCursor
GetWindowRect
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
SetWindowTextW
InvalidateRect
ReleaseDC
GetDC
SetForegroundWindow
SetActiveWindow
EnableMenuItem
EnableWindow
IsWindowUnicode
LoadImageA
SetFocus
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetDialogBaseUnits
SetDlgItemTextW
GetDlgItem
DialogBoxParamW
CreateDialogParamW
CreateDialogParamA
IsZoomed
IsIconic
SetWindowPlacement
GetWindowPlacement
MoveWindow
ShowWindow
FindWindowExA
GetClassNameA
GetWindowThreadProcessId
LoadCursorA
GetSystemMenu
DestroyIcon
LoadImageW
SendMessageA
IsWindow
CreateWindowExA
PostMessageA
DialogBoxParamA
EndDialog
SendDlgItemMessageA
SetTimer
KillTimer
MessageBoxW
DestroyCaret
SetWindowLongA
MapDialogRect
SystemParametersInfoA
GetWindowInfo
EnumWindows
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
SetDlgItemTextA
SetWindowTextA
MessageBoxA
RegisterClassA
RegisterClassExW
CreateWindowExW
SetWindowPos
BeginPaint
EndPaint
GetClientRect
GetSystemMetrics
ExitWindowsEx
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageW
DefWindowProcA
DefWindowProcW
DestroyWindow

gdi32

GetStockObject
GetTextExtentPoint32W
SelectObject
SetBkColor
SetBkMode
StretchDIBits
SetStretchBltMode
SetTextColor
SetTextJustification
GdiAlphaBlend
CreateDIBSection
TextOutW
SetBrushOrgEx
EnumFontFamiliesExA
DeleteDC
DeleteObject
CreateSolidBrush
AddFontResourceW
GetDeviceCaps
RemoveFontResourceW
CreateCompatibleDC
CreateFontA

advapi32

GetUserNameW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExW
RegEnumKeyW
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

shell32

SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteA
SHFileOperationW
ShellExecuteW

ole32

OleInitialize
CoTaskMemFree
CoInitializeSecurity
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance

ws2_32

__WSAFDIsSet
select
bind
WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
gethostname
gethostbyname
socket
shutdown
setsockopt
sendto
send
closesocket
recvfrom
recv
htons
getsockopt
ioctlsocket
connect

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

Sections

.text
Size: 499KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 558KB - Virtual size: 557KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.setup
Size: 9.9MB - Virtual size: 9.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86843ccfbbac45fac8eb9137df7cc44f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

version

Sections

.text Size: 499KB - Virtual size: 498KB

.rdata Size: 155KB - Virtual size: 154KB

.data Size: 17KB - Virtual size: 27KB

.rsrc Size: 558KB - Virtual size: 557KB

.reloc Size: 30KB - Virtual size: 29KB

.setup Size: 9.9MB - Virtual size: 9.9MB

.text
Size: 499KB - Virtual size: 498KB

.rdata
Size: 155KB - Virtual size: 154KB

.data
Size: 17KB - Virtual size: 27KB

.rsrc
Size: 558KB - Virtual size: 557KB

.reloc
Size: 30KB - Virtual size: 29KB

.setup
Size: 9.9MB - Virtual size: 9.9MB