2024-02-23_d5f66f833638891d12bb7b0effd265dd_magniber_ramnit

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-23_d5f66f833638891d12bb7b0effd265dd_magniber_ramnit
Size

1.3MB
MD5

d5f66f833638891d12bb7b0effd265dd
SHA1

377bb793b4ecfc261281edd5384501f3782f20f5
SHA256

9a4d65119b18bf11d03dadb0f0427e7fbc36287ece9cc4936d8d6257771e2d9d
SHA512

9411cbb08fe16206007c5179e1a77ce1608c377c32725a656a464af500dad5e38852b0e8392712b641a6683d0d77ccaabca756a8c2e1166f4f0a6ae1c5b3ffa9
SSDEEP

24576:46xF5GTEEGbvvT/gojm7zjQN5JacMfp2X7uXGtF/lc4JqdTZZQccPev:DGTELvT/jK4T7MEqXcF78TZZQXev

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-23_d5f66f833638891d12bb7b0effd265dd_magniber_ramnit

Files

2024-02-23_d5f66f833638891d12bb7b0effd265dd_magniber_ramnit
.exe windows:5 windows x86 arch:x86

b4e2c5ddba915eb603fdebd2f424940d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

B:\matlab\toolbox\compiler\win32\setup.pdb

Imports

user32

SendMessageW
ShowWindow
MoveWindow
SetWindowPos
CreateDialogParamW
PeekMessageW
DispatchMessageW
TranslateMessage
GetDesktopWindow
DestroyWindow
GetDlgItem
SetDlgItemTextW
GetSystemMetrics
SetForegroundWindow
SetWindowTextW
GetWindowRect
MapWindowPoints
LoadIconW
SendMessageA
IsDialogMessageW
SystemParametersInfoW
MessageBoxA

wininet

InternetCrackUrlW
InternetOpenW
InternetCloseHandle
InternetReadFile
InternetQueryOptionW
InternetSetOptionW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetErrorDlg
InternetConnectW

comctl32

InitCommonControlsEx

shlwapi

PathAppendW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW

gdiplus

GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateHBITMAPFromBitmap
GdipAlloc

kernel32

SetEnvironmentVariableW
ReadConsoleW
SetEndOfFile
SetEnvironmentVariableA
FreeLibrary
LoadLibraryW
LoadLibraryExW
OutputDebugStringW
GetTimeZoneInformation
SetConsoleCtrlHandler
SetFilePointer
HeapReAlloc
GetOEMCP
GetACP
IsValidCodePage
GetSystemTimeAsFileTime
WriteConsoleW
QueryPerformanceCounter
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
MultiByteToWideChar
IsDebuggerPresent
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
IsProcessorFeaturePresent
CreateSemaphoreW
LocalFree
GetCommandLineW
CreateThread
TerminateThread
GetExitCodeThread
GetLastError
WaitForSingleObject
CloseHandle
GetModuleHandleW
LockResource
SetLastError
LoadResource
SizeofResource
GetStdHandle
WriteFile
FormatMessageA
GetModuleFileNameW
CreateProcessW
FindResourceW
GetTempPathW
CreateDirectoryW
CreateFileW
AttachConsole
GetProcAddress
GetStartupInfoW
TlsFree
TlsSetValue
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetFullPathNameA
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
Sleep
InterlockedExchange
EncodePointer
DecodePointer
RaiseException
RtlUnwind
FileTimeToLocalFileTime
FindClose
FindFirstFileExW
GetDriveTypeW
FileTimeToSystemTime
GetCPInfo
HeapFree
SetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
FatalAppExitA
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue

shell32

ord47
SHFileOperationW
CommandLineToArgvW

Exports

Exports

setup_build_date
setup_version

Sections

.text
Size: 410KB - Virtual size: 410KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 709KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b4e2c5ddba915eb603fdebd2f424940d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

wininet

comctl32

shlwapi

gdiplus

kernel32

shell32

Exports

Exports

Sections

.text Size: 410KB - Virtual size: 410KB

.rdata Size: 70KB - Virtual size: 70KB

.data Size: 11KB - Virtual size: 20KB

.rsrc Size: 709KB - Virtual size: 708KB

.text Size: 109KB - Virtual size: 112KB

.text
Size: 410KB - Virtual size: 410KB

.rdata
Size: 70KB - Virtual size: 70KB

.data
Size: 11KB - Virtual size: 20KB

.rsrc
Size: 709KB - Virtual size: 708KB

.text
Size: 109KB - Virtual size: 112KB