2024-02-19_f49a2f8aadcb8df20412da16e0a48fee_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-19_f49a2f8aadcb8df20412da16e0a48fee_magniber
Size

3.8MB
MD5

f49a2f8aadcb8df20412da16e0a48fee
SHA1

98116d405c7ad8d02890039e04b156c0b8f48917
SHA256

0a8e46292423f570d349a4d4075e2d0b04a367c3e078f0bbc9c0ede2241d1061
SHA512

6ce0a22c287093c0931863833ae3588170541f36afe50199045a285f557d5f52c859ae41c0258d4aa7c1e0655f87065df4ebbacbad456d2b4b83fad088e174e7
SSDEEP

98304:/TgNv5QiVxgbtIM/0cKZP5Cj0qhvcGx6OEKG0cC6g6v66666ES66666E6kD6666p:Q/kykj0qh0Gx6gG0cC6g6v66666ES66N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-19_f49a2f8aadcb8df20412da16e0a48fee_magniber

Files

2024-02-19_f49a2f8aadcb8df20412da16e0a48fee_magniber
.exe windows:6 windows x86 arch:x86

24d0b3967f7bf3f9e2dd2da304263ec9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\Frame\build\Release\uchecker.exe.pdb

Imports

kernel32

GetSystemInfo
VirtualQuery
LoadLibraryExA
CreateMutexW
GetLastError
CloseHandle
EndUpdateResourceW
UpdateResourceW
BeginUpdateResourceW
LoadLibraryW
GetModuleHandleW
FreeLibrary
GetLogicalDriveStringsW
GetDriveTypeW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetProcessHeap
CreateFileW
DeleteFileW
SetFilePointer
WriteFile
OutputDebugStringA
SetLastError
ReleaseMutex
WaitForSingleObject
GetCurrentProcessId
CreateProcessW
GetTickCount
GetModuleFileNameW
GetModuleHandleA
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceW
GetCurrentDirectoryW
GetFileAttributesW
GetFileAttributesExW
GetLongPathNameW
GetTempFileNameW
ReadFile
RemoveDirectoryW
GetTempPathW
GetCurrentProcess
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
MoveFileExW
FindClose
FindFirstFileW
FindNextFileW
GetFileSize
GetStdHandle
ResumeThread
AssignProcessToJobObject
GetCommandLineW
LocalFree
SetUnhandledExceptionFilter
GetVersionExW
GetNativeSystemInfo
GetProcAddress
ExpandEnvironmentStringsW
CreateEventW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
IsDebuggerPresent
DuplicateHandle
RaiseException
Sleep
CreateThread
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
GetModuleHandleExA
GetSystemDirectoryW
GetWindowsDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FlushFileBuffers
SetEndOfFile
SetFilePointerEx
TerminateProcess
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
UnregisterWaitEx
RegisterWaitForSingleObject
SetEvent
ResetEvent
WaitForMultipleObjects
GetThreadTimes
GetTickCount64
InitializeCriticalSectionEx
SleepEx
WaitForSingleObjectEx
GetFileType
PeekNamedPipe
ExpandEnvironmentStringsA
VerSetConditionMask
GetSystemDirectoryA
LoadLibraryA
VerifyVersionInfoA
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
InitializeSListHead
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
SignalObjectAndWait
SwitchToThread
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
UnregisterWait
FreeLibraryAndExitThread
LoadLibraryExW
VirtualAlloc
VirtualFree
VirtualProtect
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
CreateTimerQueue
RtlUnwind
GetConsoleCP
GetConsoleMode
GetFullPathNameW
ExitProcess
SetStdHandle
ExitThread
HeapAlloc
HeapFree
HeapReAlloc
GetACP
ReadConsoleW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
WriteConsoleW
HeapSize

user32

KillTimer
UnregisterDeviceNotification
RegisterDeviceNotificationW
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
CallMsgFilterW
PostQuitMessage
WaitMessage
PostMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
SetWindowLongW
GetWindowLongW
DestroyWindow
CreateWindowExW
RegisterClassExW
UnregisterClassW
DefWindowProcW
MessageBoxW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

ws2_32

socket
setsockopt
getaddrinfo
freeaddrinfo
recvfrom
sendto
accept
listen
ioctlsocket
gethostname
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSAStartup
WSACleanup
WSAGetLastError
__WSAFDIsSet
select
WSAIoctl
WSASetLastError

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

advapi32

CryptReleaseContext
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptEncrypt
CryptImportKey
CryptGetHashParam
CryptDestroyKey
CreateProcessAsUserW
CryptAcquireContextA

wldap32

ord32
ord33
ord35
ord79
ord30
ord27
ord26
ord22
ord41
ord50
ord45
ord211
ord46
ord143
ord301
ord200

ole32

CoInitializeEx
CoUninitialize

Sections

.text
Size: 898KB - Virtual size: 898KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oldres
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24d0b3967f7bf3f9e2dd2da304263ec9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

userenv

ws2_32

winmm

advapi32

wldap32

ole32

Sections

.text Size: 898KB - Virtual size: 898KB

.rdata Size: 2.8MB - Virtual size: 2.8MB

.data Size: 14KB - Virtual size: 26KB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

oldres Size: 2KB - Virtual size: 1KB

.reloc Size: 40KB - Virtual size: 39KB

.rsrc Size: 63KB - Virtual size: 63KB

.text
Size: 898KB - Virtual size: 898KB

.rdata
Size: 2.8MB - Virtual size: 2.8MB

.data
Size: 14KB - Virtual size: 26KB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

oldres
Size: 2KB - Virtual size: 1KB

.reloc
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 63KB - Virtual size: 63KB