2024-02-20_265d762dfe1fc2ba291c4d75fb4db8d4_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_265d762dfe1fc2ba291c4d75fb4db8d4_magniber
Size

1.0MB
MD5

265d762dfe1fc2ba291c4d75fb4db8d4
SHA1

e6eb66352c7f6756fa9b4cba103572a61913de36
SHA256

ddd80c43c4ac177493ea800d66c68df7dd5f9c44777d078e88f3e26185fc8aef
SHA512

fda97cc1ec2d6b0490ea2971d9565c1951925711b399fed77ab53cbd15f2071cd206a25fa5dc6b5418e2ecb9c774a38db00a21e64d9ecc1a39e2abb3ce75e2c7
SSDEEP

24576:HqPpkQsz0Qb1PCSgWqRVJ/n3dlEqxHeikvJaWlLES7RTZEgc3Eg0g:zNoU1PCSgWqRVJ/ntrHIvJT9F/c3L0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-20_265d762dfe1fc2ba291c4d75fb4db8d4_magniber

Files

2024-02-20_265d762dfe1fc2ba291c4d75fb4db8d4_magniber
.exe windows:5 windows x86 arch:x86

4b9cb72455b74866196c39b1c1ec2805

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\workspace\qb10frame_release\chrome\src\out\Release_x86\QBDelayUpdate.pdb

Imports

kernel32

DecodePointer
MultiByteToWideChar
FindResourceW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
OpenMutexW
CreateMutexW
lstrcmpiW
CloseHandle
SizeofResource
LoadResource
Sleep
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
WriteConsoleW
ReadConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringA
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
GetTimeZoneInformation
SetConsoleCtrlHandler
SetStdHandle
GetFullPathNameA
HeapFree
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcessHeap
WideCharToMultiByte
GetSystemDefaultLangID
SetLastError
GetVersionExW
lstrlenW
FindFirstFileW
GetFullPathNameW
FindNextFileW
FindClose
MoveFileW
CopyFileW
RemoveDirectoryW
MoveFileExW
DeleteFileW
CreateDirectoryW
GetTickCount
GetTempPathW
ExpandEnvironmentStringsW
CreateFileW
FormatMessageW
WaitForSingleObject
OpenProcess
LoadLibraryW
CreateProcessW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
WTSGetActiveConsoleSessionId
ProcessIdToSessionId
LocalFree
DuplicateHandle
GetCurrentProcess
ReadProcessMemory
TerminateProcess
OutputDebugStringW
GetSystemDirectoryW
FindResourceExW
LockResource
GetLocalTime
SetFilePointer
WriteFile
GetSystemInfo
InterlockedCompareExchange
GetShortPathNameW
lstrcpynW
GetFileSize
ReadFile
GetPrivateProfileStringW
LocalAlloc
CreateEventW
VirtualProtect
VirtualAlloc
GetCurrentThreadId
SuspendThread
ResumeThread
GetCurrentThread
GetThreadContext
FlushInstructionCache
SetThreadContext
VirtualQuery
DeviceIoControl
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
IsDebuggerPresent
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleFileNameA
GetStdHandle
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetCurrentDirectoryW
GetCurrentDirectoryW

user32

PostThreadMessageW
CharUpperW
ReleaseDC
GetDC
PeekMessageW
GetMessageW
UnregisterClassW
CharNextW
IsWindow
GetActiveWindow
MessageBoxW
LoadStringW
FindWindowExW
PostMessageW

advapi32

RegNotifyChangeKeyValue
RegCloseKey
RegOpenKeyExA
RegQueryValueExW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
OpenProcessToken
GetTokenInformation
DuplicateTokenEx
SetTokenInformation
ConvertSidToStringSidW
LookupPrivilegeValueW
AdjustTokenPrivileges
IsValidSid
GetUserNameW
RegEnumValueW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExA
RegCreateKeyExW

ole32

CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
PropVariantClear
OleInitialize
OleUninitialize
CoCreateGuid
CoTaskMemFree
CoInitialize

oleaut32

VariantClear
SysAllocString
VariantInit
SysFreeString
VarUI4FromStr

shlwapi

PathFindFileNameW
StrRetToBufW
PathRemoveBlanksW
PathRemoveBackslashW
PathRemoveExtensionW
PathRenameExtensionW
PathFindExtensionW
SHDeleteKeyW
SHStrDupW
PathFileExistsW
PathCombineW
PathAppendW
PathRemoveFileSpecW
PathCanonicalizeW
PathIsDirectoryW

gdiplus

GdiplusShutdown

netapi32

NetGetJoinInformation
NetWkstaTransportEnum
Netbios
NetApiBufferFree

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

psapi

GetMappedFileNameW

gdi32

GetDeviceCaps
DeleteDC

shell32

SHGetFolderLocation
SHGetPathFromIDListW
ShellExecuteExW
SHGetDesktopFolder
SHFileOperationW
SHGetSpecialFolderPathW
SHGetFileInfoW
ord75

Sections

.text
Size: 665KB - Virtual size: 664KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4b9cb72455b74866196c39b1c1ec2805

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

gdiplus

netapi32

version

psapi

gdi32

shell32

Sections

.text Size: 665KB - Virtual size: 664KB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 7KB - Virtual size: 14KB

.gfids Size: 2KB - Virtual size: 2KB

.rsrc Size: 114KB - Virtual size: 114KB

.reloc Size: 101KB - Virtual size: 104KB

.text
Size: 665KB - Virtual size: 664KB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 7KB - Virtual size: 14KB

.gfids
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 114KB - Virtual size: 114KB

.reloc
Size: 101KB - Virtual size: 104KB