2024-01-26_796f2015b2b598ce2982136f80358760_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-26_796f2015b2b598ce2982136f80358760_magniber
Size

3.3MB
MD5

796f2015b2b598ce2982136f80358760
SHA1

53303983f07bfc158026661d772befeaea082d5a
SHA256

39294f117b8632e6ba5e95fb90e8794e06e1d023b8e1853a1ccf3a6b90551179
SHA512

dbc152fe6cc0486cd1a2bbbfbf690dac8965a5705df4f23cc044fd1990c5a3285c87dee68f7e84405cb17bd9d182422e58af6c2c7ce8e889c217fc86653b689a
SSDEEP

49152:gxgYmzjdnrlHZ5876A/f2I7wvbA5hc6oHTDZdhU6YUSCfmzz9YVgY:gxgbzjtrUR32I7wvfhLSC+zzKi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-26_796f2015b2b598ce2982136f80358760_magniber

Files

2024-01-26_796f2015b2b598ce2982136f80358760_magniber
.exe windows:6 windows x86 arch:x86

36ee65b6c76966bdc59e4855bbf46d3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\JenkinsWorkspace\workspace\client_build_installer\client\build\working_directory\RelWithDebInfo\UbisoftGameLauncher.pdb

Imports

discord-rpc.x86

Discord_Shutdown
Discord_UpdatePresence
Discord_Initialize

steam_api

SteamAPI_GetHSteamUser
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult
SteamInternal_FindOrCreateUserInterface
SteamAPI_RegisterCallback
SteamInternal_CreateInterface
SteamInternal_ContextInit
SteamAPI_RunCallbacks
SteamAPI_Shutdown
SteamAPI_InitSafe
SteamAPI_UnregisterCallback

iphlpapi

GetAdaptersAddresses

shell32

SHCreateItemFromParsingName
CommandLineToArgvW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFolderPathW
SHBrowseForFolderW

propsys

PSGetPropertyKeyFromName

winhttp

WinHttpOpen
WinHttpCloseHandle
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

d3d9

Direct3DCreate9

advapi32

RegDeleteValueW
OpenProcessToken
AdjustTokenPrivileges
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetExplicitEntriesFromAclW
SetEntriesInAclW
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegEnumKeyExW
CreateProcessAsUserW
RegDeleteKeyExW
RegCreateKeyExW
RegCreateKeyW
RegCloseKey
GetTokenInformation
FreeSid
EqualSid
CreateWellKnownSid
AllocateAndInitializeSid
LookupPrivilegeValueW

user32

PostQuitMessage
WaitMessage
PostMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
AllowSetForegroundWindow
SetProcessDPIAware
EnumDisplayMonitors
MsgWaitForMultipleObjectsEx
GetWindowThreadProcessId
GetForegroundWindow
GetSystemMetrics
GetLastInputInfo
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
SendMessageW
RegisterRawInputDevices
GetRawInputData
GetAsyncKeyState
DestroyWindow
SetTimer
RegisterClassExW
DefWindowProcW
GetQueueStatus
SetWindowPos
GetWindowRect
GetParent
MonitorFromPoint
GetWindowInfo
GetMonitorInfoW
CreateWindowExW

kernel32

GetFileType
GetFileInformationByHandle
SetCurrentDirectoryW
SetEnvironmentVariableW
GetDriveTypeW
GetModuleHandleExW
ExitThread
RtlUnwind
UnregisterWaitEx
PeekNamedPipe
GetFileAttributesExW
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
GetStdHandle
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
QueryDepthSList
SystemTimeToTzSpecificLocalTime
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetConsoleCtrlHandler
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetProcessHeap
WriteConsoleW
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
SetProcessAffinityMask
VirtualFree
VirtualAlloc
LoadLibraryExW
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
OutputDebugStringW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
InitializeSListHead
LCMapStringW
CompareStringW
GetCPInfo
TlsFree
TlsSetValue
CloseHandle
GetLastError
CreateIoCompletionPort
GetQueuedCompletionStatus
OpenProcess
IsProcessInJob
CreateJobObjectW
AssignProcessToJobObject
HeapSize
QueryInformationJobObject
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentProcess
TerminateProcess
GetBinaryTypeW
SearchPathW
CreateFileW
GetFullPathNameW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryW
WaitForSingleObject
Sleep
GetModuleHandleExA
GetExitCodeProcess
OpenThread
ResumeThread
CreateProcessA
CreateProcessW
GetProcessId
GetVersionExW
GetNativeSystemInfo
VirtualProtect
IsWow64Process
SetLastError
GetExitCodeThread
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAllocEx
VirtualProtectEx
WriteProcessMemory
VirtualFreeEx
ReadFile
WriteFile
GetOverlappedResult
RtlCaptureStackBackTrace
CreateEventW
CreateThread
GetCurrentThreadId
GetCommandLineW
GetEnvironmentVariableW
GetDiskFreeSpaceExW
GetFileAttributesW
SetFileAttributesW
GetVolumeNameForVolumeMountPointW
GetCurrentProcessId
ExitProcess
GetSystemInfo
GetTickCount
GetPhysicallyInstalledSystemMemory
GetModuleHandleA
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
LocalFree
GetComputerNameA
FileTimeToSystemTime
SystemTimeToFileTime
GetTimeZoneInformation
GetLocaleInfoW
GetUserDefaultUILanguage
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileSizeEx
GetFileTime
GetTempFileNameW
GetVolumePathNameW
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
SetFileTime
SetErrorMode
CopyFileW
MoveFileExW
OutputDebugStringA
SetEvent
WaitForMultipleObjectsEx
RaiseException
GetTempPathW
GetCurrentDirectoryW
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
GetSystemTimeAsFileTime
LoadLibraryA
TlsGetValue
TlsAlloc
GetStringTypeW
DecodePointer
EncodePointer
FormatMessageW
SetInformationJobObject
ResetEvent
QueryPerformanceCounter
QueryPerformanceFrequency
DuplicateHandle
WaitForSingleObjectEx
SwitchToThread
GetCurrentThread

ole32

CoInitialize
CoCreateInstance
CoInitializeEx
CoUninitialize

comdlg32

GetSaveFileNameW

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 347KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 660KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

36ee65b6c76966bdc59e4855bbf46d3c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

discord-rpc.x86

steam_api

iphlpapi

shell32

propsys

winhttp

rpcrt4

d3d9

advapi32

user32

kernel32

ole32

comdlg32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 347KB - Virtual size: 347KB

.data Size: 39KB - Virtual size: 65KB

.rsrc Size: 193KB - Virtual size: 193KB

.reloc Size: 660KB - Virtual size: 664KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 347KB - Virtual size: 347KB

.data
Size: 39KB - Virtual size: 65KB

.rsrc
Size: 193KB - Virtual size: 193KB

.reloc
Size: 660KB - Virtual size: 664KB