2024-01-19_6832ead8e7b4194422c9a3e4f6f1cfba_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-19_6832ead8e7b4194422c9a3e4f6f1cfba_magniber
Size

3.8MB
MD5

6832ead8e7b4194422c9a3e4f6f1cfba
SHA1

39e0d11dd25dd796b9aaa33201e6a91f3b4cd0bf
SHA256

b405ea9819fca473cc011e205c76ca6152ff0207f3888d3220cd7a7d5afe3a72
SHA512

cf1be113a6ea843a70253f560a5a84a61eae0c4b283dd2734bc17fe7b1e4841e0242d357c5face0f01013883b0c447e5570765d6d1efcd6f612c2d8acaabe813
SSDEEP

98304:wIh9002oIWlYDEbZRlgQdayUHbQ7CwY6aIn7b7mm:K6NK23wb3x1IHym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-19_6832ead8e7b4194422c9a3e4f6f1cfba_magniber

Files

2024-01-19_6832ead8e7b4194422c9a3e4f6f1cfba_magniber
.exe windows:5 windows x86 arch:x86

c45da6333955a84552f14f21a0cf7c02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32FirstW
CreateToolhelp32Snapshot
FindClose
FindNextFileW
FindFirstFileW
CreateMutexW
SetUnhandledExceptionFilter
OutputDebugStringW
GetPrivateProfileStringW
MoveFileExW
MoveFileW
GetPrivateProfileSectionNamesW
GetFileAttributesExW
SetLastError
FlushInstructionCache
GlobalReAlloc
GlobalAlloc
QueueUserWorkItem
SwitchToFiber
CreateFiber
ConvertThreadToFiber
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
LoadLibraryExW
lstrcmpiW
HeapFree
HeapAlloc
GetProcessHeap
GetExitCodeThread
DeviceIoControl
GetLogicalDrives
SetCurrentDirectoryW
GetCurrentDirectoryW
GetDriveTypeW
GetVolumeInformationW
VirtualAlloc
VirtualFree
FreeResource
GetCurrentProcess
GetPrivateProfileIntW
lstrcmpiA
lstrcmpA
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
Process32NextW
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
WritePrivateProfileStringW
GetTimeZoneInformation
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
SetHandleCount
GetStdHandle
HeapCreate
DeleteFileW
GetCurrentThread
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
GetFileAttributesW
IsDebuggerPresent
UnhandledExceptionFilter
RtlUnwind
ExitThread
VirtualQuery
GetSystemInfo
VirtualProtect
TlsFree
DeleteAtom
FindAtomW
TlsAlloc
ReleaseMutex
AddAtomW
OpenThread
GetAtomNameW
TlsSetValue
TlsGetValue
FormatMessageW
GetFileSizeEx
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
CreateFileA
InterlockedExchange
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
SetFileTime
GetCurrentProcessId
OpenProcess
GetShortPathNameW
GlobalFree
GetLocalTime
SuspendThread
ResumeThread
FileTimeToSystemTime
CreateThread
CreateProcessW
GetModuleFileNameA
SetFileAttributesW
WriteFile
TerminateProcess
WaitForSingleObject
TerminateThread
DeleteFileA
lstrlenA
CreateFileW
GetFileSize
ReadFile
GetTempFileNameW
IsBadWritePtr
IsBadReadPtr
WideCharToMultiByte
CopyFileW
GetLocaleInfoA
lstrlenW
GetTempPathW
LocalFree
FreeLibrary
LoadLibraryW
CreateDirectoryW
GetModuleHandleA
GetProcAddress
ExitProcess
GetSystemDirectoryW
GetModuleFileNameW
GetCommandLineW
MultiByteToWideChar
GetTickCount
CloseHandle
GetCurrentThreadId
SystemTimeToFileTime
DeleteCriticalSection
InitializeCriticalSection
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
DosDateTimeToFileTime
UnmapViewOfFile
DuplicateHandle
CreateFileMappingW
MapViewOfFile
GetFileType
GetFileInformationByHandle
GetSystemTime
SetFilePointer
FileTimeToDosDateTime
FatalAppExitA
Sleep
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetVersionExW
GetLastError
LocalAlloc
SetConsoleCtrlHandler
DebugBreak

user32

DrawTextW
DispatchMessageW
TranslateMessage
GetMessageW
UnregisterClassA
PeekMessageW
ShowWindow
AdjustWindowRectEx
GetWindowLongW
SetWindowPos
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetWindow
GetParent
FillRect
IntersectRect
SetCapture
GetCapture
ReleaseCapture
SendMessageW
PostMessageW
UpdateWindow
InvalidateRect
OffsetRect
ReleaseDC
GetDC
BeginPaint
EndPaint
GetClassLongW
PtInRect
GetCursorPos
ScreenToClient
SetFocus
GetDlgCtrlID
CharNextW
CreateWindowExW
WindowFromPoint
GetClassInfoExW
GetDlgItem
CallWindowProcW
CreateDialogIndirectParamW
DialogBoxIndirectParamW
DestroyWindow
GetClassInfoW
RegisterClassW
DefWindowProcW
SetWindowRgn
EndDialog
SetWindowLongW
TrackMouseEvent
SetActiveWindow
IsIconic
SetForegroundWindow
EnableWindow
RegisterDeviceNotificationW
PostQuitMessage
FindWindowW
IsWindow
RegisterClassExW
LoadCursorW
SetCursor
RedrawWindow
PostThreadMessageW
GetSystemMetrics
LoadImageW
SetWindowTextW
LoadIconW
GetActiveWindow
DrawIconEx
RegisterWindowMessageW
IsDialogMessageW
KillTimer
SetTimer

gdi32

CombineRgn
CreateRectRgn
CreateCompatibleBitmap
GetTextExtentPoint32W
CreateCompatibleDC
SetBkColor
ExtTextOutW
DeleteDC
CreateRoundRectRgn
DeleteObject
CreateDIBSection
GetObjectW
SetStretchBltMode
StretchBlt
GetClipBox
IntersectClipRect
SetViewportOrgEx
OffsetViewportOrgEx
BitBlt
ExcludeClipRect
GetStockObject
SetBkMode
GetTextColor
SelectObject
SetTextColor
TextOutW
CreateFontIndirectW

advapi32

LookupAccountNameW
RegEnumKeyExA
RegQueryValueExA
LookupAccountSidW
DeleteAce
GetExplicitEntriesFromAclW
SetNamedSecurityInfoW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetEntriesInAclW
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetFileInfoW
CommandLineToArgvW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetMalloc

ole32

CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString
VarUI4FromStr

shlwapi

SHGetValueA
StrCmpIW
PathRemoveFileSpecW
StrRChrIW
SHGetValueW
PathFileExistsA
PathRenameExtensionW
PathFindFileNameW
StrCmpW
PathAppendA
UrlUnescapeW
PathIsDirectoryW
PathFindExtensionW
StrToIntExW
StrToIntW
PathAppendW
PathFileExistsW
StrStrIW
StrTrimW
SHSetValueA

comctl32

ImageList_Duplicate
ImageList_Remove
ImageList_Create
InitCommonControlsEx
ImageList_Destroy
ImageList_ReplaceIcon

msimg32

AlphaBlend

gdiplus

GdipSaveImageToFile
GdipDisposeImage
GdipFree
GdipCloneImage
GdipCreateBitmapFromScan0
GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipAlloc

psapi

GetModuleFileNameExW

wininet

HttpQueryInfoW
InternetOpenUrlW
HttpAddRequestHeadersW
InternetReadFile
InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetQueryOptionW
InternetSetOptionW
InternetCrackUrlW
HttpOpenRequestW
InternetConnectW
HttpSendRequestW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

setupapi

SetupIterateCabinetW

ws2_32

WSACleanup
ntohs
WSAStartup

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

crypt32

CertGetNameStringW

netapi32

Netbios

Exports

Exports

EngSectionRestore

Sections

.text
Size: 916KB - Virtual size: 915KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c45da6333955a84552f14f21a0cf7c02

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

psapi

wininet

version

setupapi

ws2_32

wintrust

crypt32

netapi32

Exports

Exports

Sections

.text Size: 916KB - Virtual size: 915KB

.rdata Size: 121KB - Virtual size: 120KB

.data Size: 21KB - Virtual size: 43KB

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.reloc Size: 102KB - Virtual size: 104KB

.text
Size: 916KB - Virtual size: 915KB

.rdata
Size: 121KB - Virtual size: 120KB

.data
Size: 21KB - Virtual size: 43KB

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

.reloc
Size: 102KB - Virtual size: 104KB