2024-01-25_c51c91a7b0aab1227fa487386e5e4be7_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-25_c51c91a7b0aab1227fa487386e5e4be7_magniber
Size

8.1MB
MD5

c51c91a7b0aab1227fa487386e5e4be7
SHA1

ba7753f02bf9855f5aed26757346dbf83b90b970
SHA256

8eeaf5a35eb6496d019077f635cb07d968ee4db1ac08477d13a7f7dc626d3f8a
SHA512

4e48bd152daa0caf40372baa9fae5dff370e3281840fb695f7549ec256a891de44a73e86925e030316132c12438540c3279a7d09b9aca5feb12f772ee6f2fc51
SSDEEP

98304:H2NzFKdD492aLtAi6szQMDw67sXRldY7Bo7duFi6dhQ1HO+UG:WNRC492aLj6szUasXtYBo7dh6dQu

Score

10^/10

Malware Config

Signatures

Detects Windows executables referencing non-Windows User-Agents 1 IoCs

Processes:

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_NoneWindowsUA

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-01-25_c51c91a7b0aab1227fa487386e5e4be7_magniber

Files

2024-01-25_c51c91a7b0aab1227fa487386e5e4be7_magniber
.exe windows:6 windows x86 arch:x86

f2219bd89ed693055b587856f017d1a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipBitmapSetPixel
GdipCreateHBITMAPFromBitmap
GdipSetPenDashArray
GdipDeletePen
GdipCreatePen1
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipAddPathLineI
GdipDrawLineI
GdipDrawImageRectRect
GdipCreateLineBrushI
GdipAddPathArcI
GdipCreateSolidFill
GdipSetSolidFillColor
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipFillRectangleI
GdipFillPath
GdipFillRectangle
GdipDrawPath
GdipImageRotateFlip
GdipCloneBrush
GdipSetPageUnit
GdipDeleteBrush
GdipDrawRectangle
GdipCreatePath
GdipDeletePath
GdipResetPath
GdipClosePathFigure
GdipSetPenMode
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdiplusShutdown

kernel32

ReleaseMutex
CreateMutexW
IsWow64Process
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
SystemTimeToFileTime
GetSystemTime
LockResource
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
LocalFree
SetErrorMode
FormatMessageW
CopyFileW
SetEvent
WaitForSingleObject
CreateEventW
GetCurrentThreadId
SetThreadPriority
ResumeThread
GetCurrentThread
GetVersionExW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
WideCharToMultiByte
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
GetCurrentProcessId
GetTickCount
FreeResource
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
EncodePointer
GetSystemDirectoryW
GlobalFindAtomW
GlobalFlags
GetCurrentDirectoryW
RegisterApplicationRecoveryCallback
RegisterApplicationRestart
ApplicationRecoveryInProgress
ApplicationRecoveryFinished
CompareStringEx
GetThreadPreferredUILanguages
GetLocaleInfoEx
DeleteFileW
FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
GetCurrentProcess
GetThreadLocale
VerSetConditionMask
lstrcpyW
VerifyVersionInfoW
InitializeCriticalSectionAndSpinCount
GlobalGetAtomNameW
FileTimeToSystemTime
VirtualProtect
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
LocalFileTimeToFileTime
SetFileAttributesW
SetFileTime
SystemTimeToTzSpecificLocalTime
GetTempPathW
Sleep
GetProfileIntW
SearchPathW
FindResourceExW
GetUserDefaultUILanguage
GetTempFileNameW
GetUserDefaultLCID
GetWindowsDirectoryW
CreateDirectoryW
GetDriveTypeW
RemoveDirectoryW
DeviceIoControl
MoveFileExW
CompareStringW
FindNextFileW
lstrlenW
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
GlobalMemoryStatusEx
IsDebuggerPresent
SetUnhandledExceptionFilter
DosDateTimeToFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetThreadTimes
OutputDebugStringW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
TryEnterCriticalSection
GetStringTypeW
WaitForSingleObjectEx
SwitchToThread
QueueUserWorkItem
GetModuleHandleExW
GetSystemTimeAsFileTime
GetCPInfo
LCMapStringW
GetLocaleInfoW
SetCurrentDirectoryW
GetFileInformationByHandle
SetFilePointerEx
AreFileApisANSI
FormatMessageA
UnhandledExceptionFilter
TerminateProcess
ResetEvent
GetStartupInfoW
CreateTimerQueue
FreeLibraryAndExitThread
SignalObjectAndWait
CreateThread
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
ReleaseSemaphore
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
ExitThread
GetCommandLineA
HeapQueryInformation
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
SetConsoleCtrlHandler
PeekNamedPipe
GetStdHandle
ExitProcess
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
DeleteFileA
CloseHandle
WriteFile
SetFilePointer
ReadFile
GetFileTime
GetFileSize
GetFileAttributesW
GetDiskFreeSpaceExW
CreateFileW
MultiByteToWideChar
FindResourceW
LoadLibraryW
LoadLibraryA
lstrcmpiW
SizeofResource
LoadResource
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeLibrary
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RaiseException
OutputDebugStringA
GetCommandLineW
MulDiv

user32

CheckDlgButton
SetWindowTextW
IsDialogMessageW
ClientToScreen
GetDesktopWindow
RealChildWindowFromPoint
CopyImage
SystemParametersInfoW
DeleteMenu
ChangeWindowMessageFilter
SetTimer
KillTimer
InvalidateRect
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
DestroyIcon
CharUpperW
PostThreadMessageW
SetCapture
ReleaseCapture
CopyAcceleratorTableW
InvalidateRgn
SetRect
IntersectRect
GetNextDlgGroupItem
GetNextDlgTabItem
MessageBeep
SetLayeredWindowAttributes
SetRectEmpty
EnumDisplayMonitors
SetParent
MonitorFromPoint
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
LoadImageW
TrackMouseEvent
IsZoomed
GetAsyncKeyState
LoadMenuW
GetSystemMenu
WindowFromPoint
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
DestroyMenu
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuItemInfoW
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuW
DestroyAcceleratorTable
SetClassLongW
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
GetKeyNameTextW
GetMenu
GetUpdateRect
CharUpperBuffW
UpdateLayeredWindow
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
FrameRect
IsClipboardFormatAvailable
WaitMessage
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
PtInRect
DestroyCursor
GetWindowRgn
DrawIcon
HideCaret
InvertRect
wsprintfW
EnumDisplayDevicesW
RegisterClassExW
FindWindowExW
GetAncestor
CreateIconIndirect
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageW
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
SendMessageW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
EqualRect
CopyRect
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
LoadCursorW
ReleaseDC
GetDC
UnhookWindowsHookEx
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
UpdateWindow
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetWindowRect
GetClientRect
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassNameW
RedrawWindow
SetWindowRgn
DrawStateW
GetSystemMetrics
DrawFrameControl
DrawEdge
RegisterWindowMessageW
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
RegisterClipboardFormatW
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongW
GetClassLongW
CharLowerBuffW
TrackPopupMenu
MessageBoxW
IsWindowEnabled
SetWindowLongW
SetMenu
UnregisterClassW
IsWindow
MessageBoxExW
CharNextW
SubtractRect
EnableWindow

gdi32

GetWindowOrgEx
LPtoDP
GetViewportOrgEx
DeleteDC
GetSystemPaletteEntries
GetNearestPaletteIndex
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
RoundRect
EnumFontFamiliesExW
GetPaletteEntries
CreatePalette
OffsetRgn
Rectangle
CreateRoundRectRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
GetTextMetricsW
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
GetTextExtentExPointW
GetTextFaceW
CopyMetaFileW
GetClipBox
ExcludeClipRect
Escape
CreatePatternBrush
CreatePen
CreateCompatibleDC
BitBlt
DeleteObject
GetObjectW
DPtoLP
SetRectRgn
GetMapMode
CreateFontIndirectW
GetRgnBox
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
SetTextColor
SetBkColor
Polyline
Polygon
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
CreateBitmap
GetDeviceCaps
CreateDCW
SetPixelV

advapi32

RegCloseKey
CryptAcquireContextW
RegQueryValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
CryptReleaseContext
CryptGenRandom
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW

shell32

ShellExecuteW
SHGetFolderPathW
SHGetSpecialFolderPathW
ShellExecuteExW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragFinish
DragQueryFileW
SHAppBarMessage
SHGetFileInfoW
SHGetKnownFolderPath
SHCreateItemFromParsingName
InitNetworkAddressControl
CommandLineToArgvW

ole32

OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoCreateGuid
CoInitialize
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoDisconnectObject
CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoInitializeEx
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarBstrFromDate
GetErrorInfo
SysFreeString
VarUI4FromStr
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysStringLen
VariantChangeType
VariantClear
VariantInit
LoadTypeLi
SysAllocStringLen
SysAllocString

uxtheme

GetThemeSysColor
GetThemeMargins
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeTextEx
BufferedPaintInit
BufferedPaintUnInit
BeginBufferedPaint
EndBufferedPaint
DrawThemeParentBackground
IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetWindowTheme

dbghelp

MiniDumpWriteDump

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
ord12

comctl32

ImageList_Remove
ImageList_LoadImageW
ImageList_Destroy
ImageList_Create
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetImageCount
ord345
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Draw

msimg32

TransparentBlt
AlphaBlend

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

dwmapi

DwmSetIconicLivePreviewBitmap
DwmDefWindowProc
DwmSetWindowAttribute
DwmIsCompositionEnabled
DwmSetIconicThumbnail
DwmInvalidateIconicBitmaps

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

oledlg

OleUIBusyW

winmm

PlaySoundW

libcef

cef_string_utf16_to_utf8
cef_string_utf8_clear
cef_string_utf8_to_utf16
cef_string_multimap_free
cef_string_utf16_set
cef_string_multimap_alloc
cef_string_utf16_clear
cef_string_multimap_append
cef_string_multimap_value
cef_string_multimap_key
cef_string_multimap_size
cef_string_map_append
cef_string_map_value
cef_string_map_key
cef_string_map_size
cef_string_list_append
cef_string_list_value
cef_string_list_size
cef_browser_host_create_browser
cef_process_message_create
cef_command_line_create
cef_string_map_free
cef_string_map_alloc
cef_api_hash
cef_string_utf16_cmp
cef_log
cef_string_userfree_utf16_free
cef_string_list_alloc
cef_string_list_free
cef_currently_on
cef_post_task
cef_execute_process
cef_initialize
cef_shutdown
cef_do_message_loop_work
cef_enable_highdpi_support

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comdlg32

GetSaveFileNameW
GetFileTitleW
PrintDlgW
ChooseColorW
GetOpenFileNameW

ws2_32

htons
ntohs
htonl
ntohl

Sections

.text
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 425KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 876KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f2219bd89ed693055b587856f017d1a2

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

uxtheme

dbghelp

shlwapi

comctl32

msimg32

oleacc

dwmapi

imm32

oledlg

winmm

libcef

version

winspool.drv

comdlg32

ws2_32

Sections

.text Size: 5.1MB - Virtual size: 5.1MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 425KB - Virtual size: 458KB

_RDATA Size: 6KB - Virtual size: 6KB

.rsrc Size: 137KB - Virtual size: 137KB

.reloc Size: 876KB - Virtual size: 880KB

.text
Size: 5.1MB - Virtual size: 5.1MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 425KB - Virtual size: 458KB

_RDATA
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 137KB - Virtual size: 137KB

.reloc
Size: 876KB - Virtual size: 880KB