2024-02-25_9b8007af2fc8c853cbd7fdfcf04d6d6e_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-25_9b8007af2fc8c853cbd7fdfcf04d6d6e_magniber
Size

1.6MB
MD5

9b8007af2fc8c853cbd7fdfcf04d6d6e
SHA1

f5d015c811b49d23490183b137587232e319ef3f
SHA256

c2565a081ba6c6c667d93910b89bf9e587099b54da52c77f8464283e738b340f
SHA512

843b0aa8dcdb4e39a976ae4a5be9d46b0a48e05b571d5d4c4c0fc35ee839b65495a9029878fdbe6c32a3b05b2aabe0a9cc8d7ede612cd3837b0853acb866b144
SSDEEP

24576:kCI1xB6B9YNgqe1xTVIlz7X9zOo4PjnikEpx/nLWvJ+YiGw:4K0eqkSR7Xgo4TiRPnLWvJSGw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-25_9b8007af2fc8c853cbd7fdfcf04d6d6e_magniber

Files

2024-02-25_9b8007af2fc8c853cbd7fdfcf04d6d6e_magniber
.exe windows:5 windows x86 arch:x86

4b83772a0b9225dc561d3a4bc21e9bbd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Data\svn\autoit\branch_3.3.16\bin\Aut2Exe\Aut2Exe.pdb

Imports

comctl32

CreateStatusWindowW
InitCommonControlsEx

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wsock32

gethostname
WSAStartup
gethostbyname
inet_addr
WSACleanup

winmm

mciSendStringW
timeGetTime

kernel32

GetTempPathW
GetTempFileNameW
DeleteFileW
CopyFileW
CreateFileW
SetFileTime
CloseHandle
LoadLibraryA
GetProcAddress
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetSystemTimeAsFileTime
SystemTimeToFileTime
GetFileSize
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSection
IsDebuggerPresent
lstrcmpiW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameW
lstrlenW
ReadFile
CreateProcessW
GetExitCodeProcess
Sleep
WideCharToMultiByte
CompareStringW
CompareStringA
GetCommandLineW
FindResourceW
EnumResourceNamesW
BeginUpdateResourceW
SetFilePointer
UpdateResourceW
EndUpdateResourceW
GetVersionExW
IsWow64Process
GetCurrentProcess
GetSystemInfo
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
WriteFile
DuplicateHandle
GetStdHandle
CreatePipe
CreateThread
InterlockedExchange
TerminateThread
WaitForSingleObject
SetFilePointerEx
SetEndOfFile
FlushFileBuffers
GetLastError
GetCurrentThread
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
SizeofResource
Process32NextW
GetFileAttributesW
FindFirstFileW
FindClose
GetLongPathNameW
GetShortPathNameW
FindNextFileW
CopyFileExW
MoveFileW
CreateDirectoryW
RemoveDirectoryW
SetSystemPowerState
QueryPerformanceCounter
QueryPerformanceFrequency
OutputDebugStringW
DeviceIoControl
LoadLibraryW
GetLocalTime
GetFileTime
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
GetFileType
GetConsoleCP
HeapAlloc
ReadConsoleW
GetConsoleMode
HeapFree
GetACP
GetModuleFileNameA
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
HeapReAlloc
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RaiseException
RtlUnwind
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadResource
FindResourceExW
FreeLibrary
LoadLibraryExW
MultiByteToWideChar
GetCurrentThreadId
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetProcessHeap
SetConsoleCtrlHandler
OutputDebugStringA
WriteConsoleW
LockResource
DecodePointer
HeapSize
Process32FirstW

user32

DialogBoxParamW
EnableMenuItem
GetClassNameW
EndDialog
GetSystemMenu
SetActiveWindow
CharLowerBuffW
EnumThreadWindows
FindWindowExW
IsWindow
EnumChildWindows
ExitWindowsEx
mouse_event
CreateIconFromResourceEx
MonitorFromRect
MonitorFromPoint
GetDC
ReleaseDC
LoadCursorW
MessageBeep
GetDlgItemTextW
ChildWindowFromPointEx
DefWindowProcW
SetCursor
PostQuitMessage
RegisterClassExW
LoadIconW
LoadImageW
GetDlgItem
DispatchMessageW
TranslateMessage
IsDialogMessageW
TranslateAcceleratorW
GetMessageW
SetFocus
UpdateWindow
SendDlgItemMessageW
CheckMenuItem
GetMenu
CheckMenuRadioItem
SetDlgItemTextW
CreateDialogParamW
LoadAcceleratorsW
MessageBoxA
DestroyIcon
LoadStringW
MessageBoxW
CharUpperBuffW
IsWindowEnabled
IsWindowVisible
PostMessageW
ShowWindow
EnableWindow
MoveWindow
ScreenToClient
GetWindowRect
InvalidateRect
SendMessageW
GetParent
GetWindowLongW
GetWindowThreadProcessId
AttachThreadInput
SendMessageTimeoutW

gdi32

GetTextExtentPoint32W
GetStockObject
GetDeviceCaps

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCreateKeyExW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
InitiateSystemShutdownExW
LookupPrivilegeValueW
OpenProcessToken
OpenThreadToken
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
AdjustTokenPrivileges

shell32

SHFileOperationW
SHGetFolderPathW
DragQueryPoint
DragQueryFileW
DragFinish

ole32

CreateStreamOnHGlobal

oleaut32

SafeArrayGetVartype
SysFreeString
VarR8FromDec
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SafeArrayCreateVector
SysAllocString
VariantCopy
VariantClear
VariantInit

Sections

.text
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4b83772a0b9225dc561d3a4bc21e9bbd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

version

wsock32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 366KB - Virtual size: 366KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 5KB - Virtual size: 16KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 366KB - Virtual size: 366KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 5KB - Virtual size: 16KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB