2024-02-24_8780f979b783c30cbab8f8ac336896ad_magniber_silence

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-24_8780f979b783c30cbab8f8ac336896ad_magniber_silence
Size

3.7MB
MD5

8780f979b783c30cbab8f8ac336896ad
SHA1

7fb4eaafad4706e23a30f15c4be87e19b0dabb91
SHA256

41f5cfa9693949114cd675f1b76284b98db7a03eff3eb19368af43c5d35c1bc3
SHA512

e5dd3adfdb46dded3c3fdb570f60f792bf9c930014580f7c22cc95d13fce8d510a3863278cfb9eed9556c127f62208f7af669ab4c30fb5552e9764fa9af29cb2
SSDEEP

49152:Zp6cm5hdiqF5ixq8DlLqP/WYoq8JLpJMrUxhjKu0gvZTdeQnFF7YFqK9+dz:Zp6cmDdi3nJNJMCkCGQnFxHKo

Score

1^/10

Malware Config

Signatures

Files

2024-02-24_8780f979b783c30cbab8f8ac336896ad_magniber_silence
.exe windows:5 windows x86 arch:x86

ecdabc55b510c3127678c6d516b871f5

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

28:fe:c2:f3:c9:51:e3:31:cd:10:ad:25:d0:e6:61:92
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06/04/2012, 00:00

Not After

06/04/2014, 23:59

Subject

CN=Sublime HQ Pty Ltd,O=Sublime HQ Pty Ltd,POSTALCODE=2134,STREET=11/10-12 Grantham St,L=Burwood,ST=NSW,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:39:ac:6b:99:49:ce:cc:f4:d3:8a:9e:bf:3e:9a:c2:50:4e:58:3d
Signer

Actual PE Digest

33:39:ac:6b:99:49:ce:cc:f4:d3:8a:9e:bf:3e:9a:c2:50:4e:58:3d

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\jj\projects\zagato\build\x32\dist\sublime_text.pdb

Imports

kernel32

InterlockedDecrement
FreeLibrary
GetProcAddress
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
LocalFree
GetLongPathNameW
GetLastError
CreateMutexW
LoadLibraryW
GetModuleFileNameW
CreateProcessW
GetCommandLineW
MultiByteToWideChar
GetTempPathW
CopyFileW
WideCharToMultiByte
DuplicateHandle
GetCurrentThread
GetStringTypeW
InterlockedExchange
EncodePointer
DecodePointer
GetCommandLineA
HeapFree
SwitchToThread
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
ReadFile
SetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
HeapSize
ExitProcess
GetModuleHandleExW
GetCPInfo
TlsGetValue
CreateTimerQueueTimer
CreateTimerQueue
IsProcessorFeaturePresent
ExitThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CreateSemaphoreW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
WriteFile
GetProcessHeap
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
SetEvent
InterlockedIncrement
CreateEventW
InitializeSListHead
GetTickCount
UnregisterWaitEx
ChangeTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
SetThreadPriority
GetVersionExW
VirtualAlloc
VirtualFree
VirtualProtect
GetProcessAffinityMask
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointer
SetFilePointerEx
IsValidCodePage
GetACP
GetOEMCP
DeleteTimerQueueTimer
SetThreadAffinityMask
GetTimeZoneInformation
UnregisterWait
GetThreadPriority
WriteConsoleW
SignalObjectAndWait
SetEndOfFile
SetEnvironmentVariableA
LoadLibraryA
GetStringTypeExW
InterlockedCompareExchange
GetLocalTime
GetSystemInfo
FormatMessageW
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
CreateFileMappingW
MoveFileW
QueueUserWorkItem
RtlCaptureContext
VirtualQueryEx
GetProcessId
ResumeThread
ResetEvent
WaitForMultipleObjects
SetNamedPipeHandleState
TransactNamedPipe
WaitNamedPipeW
OutputDebugStringA
Sleep
WaitForSingleObject
IsDebuggerPresent
GetCurrentThreadId
CreateThread
RaiseException
SystemTimeToFileTime
ReplaceFileW
SetFileAttributesW
lstrlenW
LocalAlloc
ReadDirectoryChangesW
CancelIo
OpenFileMappingW
SetPriorityClass
OpenProcess
GlobalMemoryStatusEx
QueryPerformanceFrequency
GetSystemTime
GetCurrentProcess
GetProcessTimes
GetSystemTimeAsFileTime
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
MoveFileExW
FindNextFileW
FindFirstFileW
DeleteFileW
GetFileAttributesW
CreateFileW
RemoveDirectoryW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
CloseHandle
GetFileTime
FindClose
FlushFileBuffers
GetFileSizeEx
GetFileInformationByHandle
ReleaseSemaphore
OutputDebugStringW
VirtualQuery

user32

AdjustWindowRectEx
SetCursor
GetCursorPos
GetCaretBlinkTime
ClientToScreen
ScreenToClient
SetRect
GetWindowLongW
SetWindowLongW
EnumWindows
GetClassNameW
LoadCursorW
SetScrollInfo
SystemParametersInfoW
MonitorFromWindow
GetMonitorInfoW
EnumDisplayMonitors
LoadStringW
TrackPopupMenu
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
EnableMenuItem
CheckMenuItem
DestroyMenu
CreatePopupMenu
CreateMenu
SetMenu
GetMenu
EnableWindow
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
ReleaseCapture
SetCapture
GetKeyState
GetFocus
GetActiveWindow
SetFocus
EmptyClipboard
AdjustWindowRect
GetWindowRect
GetClientRect
SetWindowTextW
InvalidateRect
GetUpdateRgn
EndPaint
BeginPaint
TrackMouseEvent
GetDC
ReleaseDC
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
GetMessageTime
SendMessageTimeoutW
PostMessageW
MessageBoxW
SendMessageW
wsprintfW
GetSystemMetrics
PostThreadMessageW
GetClipboardFormatNameW
EnumClipboardFormats
RegisterClipboardFormatW
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
IsIconic
SetWindowPlacement
GetWindowPlacement
SetWindowPos
UpdateLayeredWindow
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
GetDoubleClickTime
PostQuitMessage
DefWindowProcW
SetForegroundWindow

gdi32

SelectObject
SetBkMode
SetTextColor
CreateDIBSection
GetDeviceCaps
TextOutW
SelectClipRgn
GetTextExtentPointW
GetTextMetricsW
GetCurrentObject
EnumFontFamiliesExW
DeleteObject
DeleteDC
IntersectClipRect
GetStockObject
CreateFontIndirectW
GetRegionData
CreateRectRgn
GetObjectW
BitBlt
CreateCompatibleDC

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathW
ord74
ExtractIconExW
CommandLineToArgvW
ShellExecuteW
DragAcceptFiles
DragQueryFileW

ole32

DoDragDrop
RevokeDragDrop
RegisterDragDrop
OleInitialize
CoCreateInstance
CoTaskMemFree
CoLockObjectExternal
ReleaseStgMedium

wininet

HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 635KB - Virtual size: 634KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecdabc55b510c3127678c6d516b871f5

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

28:fe:c2:f3:c9:51:e3:31:cd:10:ad:25:d0:e6:61:92Certificate

Extended Key Usages

Key Usages

33:39:ac:6b:99:49:ce:cc:f4:d3:8a:9e:bf:3e:9a:c2:50:4e:58:3dSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

wininet

comdlg32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 635KB - Virtual size: 634KB

.data Size: 274KB - Virtual size: 323KB

.tls Size: 512B - Virtual size: 13B

.rsrc Size: 184KB - Virtual size: 183KB

.reloc Size: 187KB - Virtual size: 187KB

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

28:fe:c2:f3:c9:51:e3:31:cd:10:ad:25:d0:e6:61:92
Certificate

33:39:ac:6b:99:49:ce:cc:f4:d3:8a:9e:bf:3e:9a:c2:50:4e:58:3d
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 635KB - Virtual size: 634KB

.data
Size: 274KB - Virtual size: 323KB

.tls
Size: 512B - Virtual size: 13B

.rsrc
Size: 184KB - Virtual size: 183KB

.reloc
Size: 187KB - Virtual size: 187KB