2024-02-03_b593756ea41c7acc7b3fe34427f92737_mafia_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-03_b593756ea41c7acc7b3fe34427f92737_mafia_magniber
Size

6.2MB
MD5

b593756ea41c7acc7b3fe34427f92737
SHA1

cc7c8ccded5d0af758f4e7a85234fc9cf3683708
SHA256

fc175f8e97488fd609b3f6f04317a692827b43893daa937e22482817c3abe113
SHA512

4289d149852724d594bdb0f98faca9d764faebbcf865fe1f06994bf3033f1c609aa2c49685e12f6ff566cf986c56271996b056bb4f9f2d6488248bee7c121bc9
SSDEEP

98304:dkwkwrKrm4i15m1pHWOQjqu3xW5f/PLGEcwUtlSvcYE3Xc:dkw9re8qB5fKEcwUtlSkZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-03_b593756ea41c7acc7b3fe34427f92737_mafia_magniber

Files

2024-02-03_b593756ea41c7acc7b3fe34427f92737_mafia_magniber
.exe windows:5 windows x86 arch:x86

82e65493deccd07ec3465daaadb8ffcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\dvs\p4\build\sw\rel\gpu_drv\r340\r340_00\drivers\ui\Sedona\Sedona\Win32\Release\bin\nvCplUI.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

rpcrt4

UuidFromStringW

gdiplus

GdipSetStringFormatAlign
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipDrawString
GdipMeasureString
GdipDrawImageRectI
GdipCreateFontFromDC
GdipCreateFontFromLogfontW
GdipCreateFont
GdipGetLogFontW
GdipCreateSolidFill
GdipGetDpiY
GdipGetFontHeightGivenDPI
GdipLoadImageFromStream
GdipDisposeImage
GdipCloneImage
GdipDeleteFontFamily
GdiplusStartup
GdipGetFontHeight
GdipGetImageHeight
GdipGetImageWidth
GdipCloneBrush
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipAlloc
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipDeleteBrush
GdipFree

wtsapi32

WTSUnRegisterSessionNotification
WTSQueryUserToken
WTSRegisterSessionNotification

shlwapi

PathFindFileNameW
PathFileExistsW
SHGetValueW
SHSetValueW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

comctl32

ImageList_GetIconSize
ImageList_Add
ImageList_Create
ord17
InitCommonControlsEx

msimg32

TransparentBlt
AlphaBlend

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW

kernel32

GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
lstrlenA
lstrcpyW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetNumberFormatW
FileTimeToSystemTime
VirtualProtect
GetCommandLineW
HeapSetInformation
GetStartupInfoW
DecodePointer
EncodePointer
RtlUnwind
HeapAlloc
HeapFree
GetTimeFormatW
GetDateFormatW
GetTimeFormatA
GetDateFormatA
HeapReAlloc
ExitThread
ExitProcess
HeapSize
HeapQueryInformation
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
IsProcessorFeaturePresent
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetConsoleCP
GetConsoleMode
LCMapStringW
GetTimeZoneInformation
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetFileAttributesExW
GetTempPathW
GetProfileIntW
SearchPathW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GlobalGetAtomNameW
GetShortPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
MoveFileW
DeleteFileW
GetStringTypeExW
GetDiskFreeSpaceW
GetTempFileNameW
GetFileTime
SetFileTime
ReplaceFileW
SystemTimeToFileTime
GetUserDefaultLCID
GlobalReAlloc
ResumeThread
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
ReleaseActCtx
CreateActCtxW
CopyFileW
GlobalSize
LoadLibraryA
ExpandEnvironmentStringsA
lstrcmpA
VerSetConditionMask
VerifyVersionInfoW
GetFullPathNameW
CreateProcessA
CreateProcessW
lstrcpynW
FindResourceExW
FreeResource
GetModuleHandleExA
OpenMutexW
GetVersionExW
WideCharToMultiByte
WriteFile
GetFileSizeEx
QueryPerformanceFrequency
QueryPerformanceCounter
InterlockedExchangeAdd
SetEvent
ExpandEnvironmentStringsW
CreateEventA
InterlockedCompareExchange
GetProcessTimes
GetSystemTimeAsFileTime
GetSystemDirectoryW
SetThreadLocale
SetThreadUILanguage
GetCurrentThread
LocalAlloc
InterlockedExchange
GetLocalTime
CreateFileW
GetComputerNameW
GetTickCount
CreateMutexW
ReleaseMutex
OutputDebugStringW
OpenEventW
GetUserDefaultLangID
CreateThread
GetLocaleInfoW
lstrcmpW
WaitForSingleObject
FindFirstFileW
FindClose
GetFileAttributesW
IsWow64Process
GetEnvironmentVariableW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrcatW
LoadLibraryExW
FreeLibrary
GetModuleFileNameW
MulDiv
InterlockedIncrement
ActivateActCtx
DeactivateActCtx
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetModuleHandleW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
GetCurrentThreadId
IsBadReadPtr
GetThreadLocale
GetLastError
SetLastError
LoadLibraryW
GetProcAddress
GetSystemDefaultLCID
GetCurrentProcessId
ProcessIdToSessionId
GetUserDefaultUILanguage
CloseHandle
FormatMessageW
MultiByteToWideChar
InterlockedDecrement
FindResourceW
LoadResource
LockResource
SizeofResource
LocalFree
TlsGetValue
LocalFileTimeToFileTime
FileTimeToLocalFileTime
InterlockedPushEntrySList
VirtualFree
InterlockedPopEntrySList
RemoveDirectoryW
CreateDirectoryW
FormatMessageA
Sleep

user32

HideCaret
InvertRect
GetAsyncKeyState
GetMenuDefaultItem
CreateMenu
GetTabbedTextExtentW
IsClipboardFormatAvailable
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetLayeredWindowAttributes
RealChildWindowFromPoint
UnregisterClassW
UnionRect
MonitorFromPoint
LockWindowUpdate
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
IsZoomed
UnregisterClassA
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
CharUpperW
MapVirtualKeyW
GetKeyNameTextW
GetMessageW
GetActiveWindow
ValidateRect
CheckDlgButton
SendDlgItemMessageA
GetCapture
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetLastActivePopup
MessageBoxW
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
GetMenuState
GetMenuStringW
SetRectEmpty
GetWindowThreadProcessId
PeekMessageW
DispatchMessageW
TranslateMessage
GetShellWindow
DrawFocusRect
GetUpdateRect
DestroyCursor
GetClassLongW
BeginDeferWindowPos
EndDeferWindowPos
ReleaseCapture
SetCapture
GetDCEx
GetSystemMenu
SystemParametersInfoW
IsDlgButtonChecked
GetKeyboardLayout
EnableScrollBar
SendDlgItemMessageW
MapWindowPoints
SetWindowPos
FillRect
LoadImageW
DrawIcon
SetParent
IsIconic
SetForegroundWindow
EnumWindows
FindWindowExW
GetDlgItem
SetWindowTextW
EnumDisplayDevicesW
GetCursorPos
OffsetRect
IsChild
InflateRect
GetKeyState
GetClassNameW
SetFocus
DestroyMenu
LoadMenuIndirectW
GetMenuItemInfoW
DeleteMenu
WindowFromPoint
ScreenToClient
EnumDisplayMonitors
GetMonitorInfoW
DialogBoxParamW
IsWindowEnabled
CharLowerW
NotifyWinEvent
GetIconInfo
CopyImage
CreateWindowExW
LockSetForegroundWindow
GetNextDlgTabItem
GetFocus
UpdateWindow
LoadMenuW
RemoveMenu
InsertMenuW
GetSubMenu
GetMenuItemID
GetMenuItemCount
AppendMenuW
CreatePopupMenu
SendNotifyMessageW
FindWindowW
EnumDisplaySettingsW
GetDesktopWindow
SetRect
GetWindow
wsprintfW
CopyRect
GetWindowTextLengthW
GetWindowTextW
DrawTextW
RegisterClassW
DefWindowProcW
BeginPaint
EndPaint
IsRectEmpty
GetDlgCtrlID
GetWindowLongW
GetParent
IntersectRect
TrackMouseEvent
SetCursor
DestroyIcon
GetSystemMetrics
WinHelpW
GetDC
ReleaseDC
GetDialogBaseUnits
IsDialogMessageW
MoveWindow
DestroyAcceleratorTable
SetClassLongW
GetWindowRgn
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
FrameRect
SetMenuDefaultItem
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsMenu
ShowWindow
CreateDialogParamW
SetWindowLongW
DestroyWindow
CharNextW
LoadCursorW
GetSysColorBrush
RegisterClassExW
GetSysColor
SetWindowsHookExW
CallNextHookEx
LoadIconW
DrawIconEx
ClientToScreen
UnhookWindowsHookEx
KillTimer
SetTimer
RedrawWindow
IsWindowVisible
GetClientRect
SetWindowRgn
DrawFrameControl
PtInRect
MessageBoxExW
IsWindow
PostMessageW
EnableWindow
InvalidateRect
GetWindowRect
SendMessageW
RegisterWindowMessageW
LoadBitmapW
ToUnicodeEx
DrawEdge
UpdateLayeredWindow
MapVirtualKeyExW
IsCharLowerW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
WaitMessage
SetCursorPos
CreateAcceleratorTableW
SetDlgItemTextW
GetKeyboardState
EndDialog
DrawStateW
CallWindowProcW
CreateDialogIndirectParamW

gdi32

CreatePolygonRgn
CreateRoundRectRgn
CombineRgn
GetRgnBox
FrameRgn
GetCurrentObject
DeleteObject
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
SetRectRgn
GetBkColor
CreateEllipticRgn
LPtoDP
Ellipse
GetCharWidthW
IntersectClipRect
CreateFontW
CreateSolidBrush
StartPage
EndPage
SetAbortProc
GetTextExtentPoint32W
EndDoc
CreateRectRgn
CreateDIBitmap
GetTextCharsetInfo
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
Polyline
Polygon
SetDIBColorTable
StretchBlt
SetPixel
OffsetRgn
EnumFontFamiliesExW
PtInRegion
FillRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetViewportOrgEx
CreateFontIndirectW
ExcludeClipRect
GetStockObject
BitBlt
SelectObject
GetDeviceCaps
CreateCompatibleDC
AbortDoc
GetObjectW
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetLayout
GetLayout
GetBitmapDimensionEx
SetBitmapDimensionEx
SetTextAlign
MoveToEx
LineTo
StretchDIBits
CreateBitmap
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CopyMetaFileW
CreateDCW
DPtoLP
GetMapMode
SetMapMode
SetBkColor
SetTextColor
CreateDIBSection
SetDIBitsToDevice
SetViewportOrgEx
PatBlt
Rectangle
CreatePen
GetTextColor
EnumFontFamiliesW
ExtTextOutW
CreateRectRgnIndirect
OffsetWindowOrgEx
SetBkMode
GetClipBox
CreateCompatibleBitmap
DeleteDC
GetTextFaceW
GetTextMetricsW
GetTextExtentPointW

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

RegEnumKeyW
GetFileSecurityW
SetFileSecurityW
RegSetValueW
RegOpenKeyExA
RegQueryValueExA
RegEnumValueW
TraceMessage
GetTokenInformation
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
ImpersonateLoggedOnUser
RevertToSelf
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegQueryValueW

shell32

ShellExecuteExW
SHGetFolderPathW
ShellExecuteW
DragFinish
SHGetFileInfoW
SHBrowseForFolderW
SHAppBarMessage
ExtractAssociatedIconW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
ExtractIconW
SHAddToRecentDocs
DragQueryFileW

ole32

StringFromCLSID
StringFromGUID2
CLSIDFromString
CreateStreamOnHGlobal
CoGetMalloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
CoUninitialize
CoInitializeEx
CoCreateGuid
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
DoDragDrop
OleGetClipboard
CoLockObjectExternal
CoRevokeClassObject
CoRegisterClassObject

oleaut32

VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
OleCreateFontIndirect
VariantCopy
VariantInit
VariantClear
VariantChangeType
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysAllocStringLen
VarUI4FromStr
SysAllocString
SysStringLen
SysFreeString

oledlg

OleUIBusyW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

winmm

PlaySoundW

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 780KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

82e65493deccd07ec3465daaadb8ffcc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

rpcrt4

gdiplus

wtsapi32

shlwapi

comctl32

msimg32

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

ole32

oleaut32

oledlg

oleacc

winmm

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 391KB - Virtual size: 390KB

.data Size: 44KB - Virtual size: 77KB

.rsrc Size: 3.4MB - Virtual size: 3.4MB

.reloc Size: 780KB - Virtual size: 784KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 391KB - Virtual size: 390KB

.data
Size: 44KB - Virtual size: 77KB

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

.reloc
Size: 780KB - Virtual size: 784KB