2024-02-22_edab465f8df6219419def4b97ad47f7a_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-22_edab465f8df6219419def4b97ad47f7a_magniber
Size

3.8MB
MD5

edab465f8df6219419def4b97ad47f7a
SHA1

807788f6e09073fa9e7219332a2a581b1a18bc8e
SHA256

4f96b610dd1cd46a6906c875e2ec9ad264f43f1bd3174ea1c587fed8fdb23d3e
SHA512

95e0884e722cd1ff4718e2798106b71ac709e0c06b8236de1e6d5d48a39a73dac16ab1758ff9f2e49eb72bfbc054e9348ec990cc389672cd05fc727fe6d2d153
SSDEEP

98304:tbGuQaQgNClic2bxMfOF3QBruMlk8XdcEoj9ghi1RebM390bYV5:8/iJxIW8ojD390bYV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-22_edab465f8df6219419def4b97ad47f7a_magniber

Files

2024-02-22_edab465f8df6219419def4b97ad47f7a_magniber
.exe windows:5 windows x86 arch:x86

6b81998167e015f4ed019e58c2b6f0fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\work\Whistl\Windows2000\Whistl2010.pdb

Imports

kernel32

GetStringTypeW
CreateFileA
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoA
GetStringTypeA
SetEnvironmentVariableA
GetDateFormatA
GetTimeFormatA
InterlockedCompareExchange
IsValidLocale
EnumSystemLocalesA
GetProcessHeap
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
QueryPerformanceCounter
VirtualFree
HeapCreate
SizeofResource
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
GetFileType
SetStdHandle
HeapSize
HeapReAlloc
CreateThread
ExitThread
RtlUnwind
RaiseException
ExitProcess
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetTempPathW
SearchPathW
SetErrorMode
FindResourceExW
GetProfileIntW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFlags
GetDiskFreeSpaceW
GetTempFileNameW
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
GetCurrentDirectoryW
GlobalReAlloc
InterlockedExchange
GetWindowsDirectoryW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
CreateFileW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GetStringTypeExW
GetModuleHandleA
lstrlenA
lstrcmpA
SystemTimeToFileTime
FileTimeToSystemTime
VirtualProtect
GetModuleFileNameW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SuspendThread
SetEvent
WaitForSingleObject
SetThreadPriority
CloseHandle
CopyFileW
GlobalSize
FormatMessageW
LocalFree
InterlockedDecrement
GlobalAlloc
GlobalFree
lstrcmpiW
InterlockedIncrement
FreeResource
GetCurrentThreadId
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
FreeLibrary
lstrcmpW
GetVersionExA
lstrlenW
GlobalLock
GlobalUnlock
GetCurrentProcessId
GlobalGetAtomNameW
GlobalAddAtomW
CreateEventW
GetVersion
WideCharToMultiByte
CreateDirectoryW
MoveFileW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DeleteFileW
MulDiv
Sleep
FindNextFileW
FindFirstFileW
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
lstrcpyW
ResumeThread
GetCurrentProcess
DuplicateHandle
GetExitCodeThread
GetVersionExW
SetFileAttributesW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
WriteConsoleW

user32

DrawIcon
ShowOwnedPopups
PostThreadMessageW
SetWindowContextHelpId
RegisterClipboardFormatW
WaitMessage
PostQuitMessage
FrameRect
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
CopyImage
GetIconInfo
IsMenu
GetMenuItemInfoW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
GetSysColorBrush
SetClassLongW
LockWindowUpdate
GetUpdateRect
UnionRect
NotifyWinEvent
WindowFromPoint
GetSystemMenu
DeleteMenu
CharUpperW
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
DrawStateW
MapVirtualKeyW
GetKeyNameTextW
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
MapDialogRect
GetAsyncKeyState
GetMessageW
TranslateMessage
ValidateRect
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
CopyAcceleratorTableW
SendNotifyMessageW
IsRectEmpty
InSendMessage
CountClipboardFormats
IsClipboardFormatAvailable
SetCapture
SetRect
MessageBeep
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
CheckDlgButton
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
SetCursorPos
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
SetWindowsHookExW
CallNextHookEx
SetPropW
GetPropW
RemovePropW
GetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
MessageBoxW
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
PtInRect
SystemParametersInfoA
GetWindowPlacement
UnpackDDElParam
ReuseDDElParam
DestroyMenu
EnableWindow
SendMessageW
SetCursor
LoadCursorW
GetCursorPos
WinHelpW
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongW
GetDlgCtrlID
GetKeyState
PeekMessageW
ReleaseCapture
LoadAcceleratorsW
InvalidateRect
IsIconic
InsertMenuItemW
CreateMenu
UnregisterClassW
GetMenuDefaultItem
CopyIcon
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
SubtractRect
GetDoubleClickTime
GetNextDlgGroupItem
DestroyCursor
GetTabbedTextExtentA
GetMenuItemCount
CreatePopupMenu
GetClassInfoW
IntersectRect
OffsetRect
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
ShowWindow
GetWindowLongW
InvalidateRgn
GetWindowRgn
MapVirtualKeyExW
IsCharLowerW
CharNextW
SetMenuItemBitmaps
ScreenToClient
SendMessageA
GetParent
SetRectEmpty
GetClientRect
GetWindowRect
InflateRect
GetSysColor
LoadBitmapW
wsprintfW
LoadIconW
LoadImageW
GetSystemMetrics
RedrawWindow
PostMessageW
GetDC
ReleaseDC
DestroyAcceleratorTable
GetTopWindow
GetWindow
IsWindow
DestroyWindow
IsWindowVisible
LoadMenuW
GetSubMenu
GetDesktopWindow
RegisterWindowMessageW
DestroyIcon
SetTimer
KillTimer
SetMenuDefaultItem
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
GetClassNameW
EnumChildWindows
SystemParametersInfoW
SetParent
SetActiveWindow
UpdateWindow
ClientToScreen
GetWindowDC
CopyRect
IsZoomed
SetWindowRgn
GetCapture
GetClassLongW
TranslateAcceleratorW
CreateAcceleratorTableW

gdi32

SetRectRgn
CombineRgn
GetMapMode
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
SetDIBColorTable
GetDIBits
RealizePalette
SetPixel
CreateDIBSection
Rectangle
RoundRect
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
LPtoDP
GetCharWidthW
CreateRoundRectRgn
EnumFontFamiliesExW
OffsetRgn
GetRgnBox
ExtFloodFill
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetNearestPaletteIndex
GetSystemPaletteEntries
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
SetPixelV
GetPixel
BitBlt
GetViewportExtEx
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
GetCurrentPositionEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetObjectW
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateSolidBrush
PatBlt
CreateRectRgnIndirect
CopyMetaFileW
GetWindowExtEx
GetWindowOrgEx
ScaleWindowExtEx
DPtoLP
CreateDCW
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
StretchBlt
GetCurrentObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
GetStockObject
GetTextExtentPoint32W
GetDeviceCaps
StartDocW

msimg32

TransparentBlt
AlphaBlend

comdlg32

ChooseFontW
GetFileTitleW

winspool.drv

GetJobW
OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

GetFileSecurityW
RegQueryValueExW
RegOpenKeyExW
RegSetValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
RegEnumKeyExW
RegCreateKeyW
RegCloseKey
SetFileSecurityW
RegQueryValueW

shell32

DragQueryFileW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetPathFromIDListW
ord152
SHBrowseForFolderW
ExtractIconW
DragAcceptFiles
SHGetDesktopFolder
DragFinish
SHAppBarMessage
Shell_NotifyIconW
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathFindExtensionW
PathStripToRootW
PathIsUNCW

oledlg

OleUIObjectPropertiesW
OleUIInsertObjectW
OleUIEditLinksW
OleUIPasteSpecialW
OleUIBusyW
OleUIAddVerbMenuW

ole32

GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleLockRunning
OleInitialize
OleSaveToStream
StringFromCLSID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleRegGetUserType
CoTaskMemFree
ReleaseStgMedium
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoUninitialize
CLSIDFromString
OleSetContainedObject
CreateBindCtx
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
StgCreateDocfile
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
OleRun
OleIsRunning
OleSetMenuDescriptor
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
ReadFmtUserTypeStg
ReadClassStg
OleSave
RevokeDragDrop
RegisterDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
CoGetClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
CoLockObjectExternal
GetRunningObjectTable
CoDisconnectObject
OleRegGetMiscStatus
OleRegEnumVerbs
WriteClassStm
CLSIDFromProgID
CoCreateInstance
OleDuplicateData
CoTreatAsClass
CreateStreamOnHGlobal
CoTaskMemAlloc

oleaut32

SysAllocString
VariantChangeType
VariantInit
SysFreeString
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
VariantClear
SafeArrayDestroy
OleCreateFontIndirect
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

gdiplus

GdipAlloc
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipFree

ws2_32

WSASetLastError
htons
gethostbyname
inet_addr
socket
__WSAFDIsSet
closesocket
WSAGetLastError
connect
ioctlsocket
recv
send
select
WSACleanup
WSAStartup

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

timeSetEvent
timeKillEvent
timeGetDevCaps
PlaySoundW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 464KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b81998167e015f4ed019e58c2b6f0fe

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 464KB - Virtual size: 464KB

.data Size: 95KB - Virtual size: 131KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 212KB - Virtual size: 211KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 464KB - Virtual size: 464KB

.data
Size: 95KB - Virtual size: 131KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 212KB - Virtual size: 211KB