2024-03-06_7bf5a23e2485dde1f2277b2f5876a326_floxif_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-06_7bf5a23e2485dde1f2277b2f5876a326_floxif_magniber
Size

20.7MB
MD5

7bf5a23e2485dde1f2277b2f5876a326
SHA1

c5f1310731c7748db0b5c5ecf617a89416ea05b9
SHA256

fbc7ad5d884331a1589a47c20034f8852ace4a4e4e829c5f63049ffd7d045b72
SHA512

c75959c5c28dbf7a765109cb660fe2c613763bab75a11053223ea2790020f212fc28def2e5917c86dc4011564cab2ecba3226e42a7a62278cb0bfd926cebf9de
SSDEEP

393216:u2tkQuROJWyUPxywHTuJP5i+EZy3V5gaZ7fBkKBhQ8onjRABC65p65:umBWyMowHUxmVIWKTQLRurp0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-06_7bf5a23e2485dde1f2277b2f5876a326_floxif_magniber

Files

2024-03-06_7bf5a23e2485dde1f2277b2f5876a326_floxif_magniber
.exe windows:5 windows x86 arch:x86

468c2dfb1ef354971ef0de013145e6c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\grossi\Documents\Sviluppo\Overloud\TH3\app\build\win\Win32\Release-Full-Standalone\TH-U.pdb

Imports

kernel32

PeekNamedPipe
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateEventW
CreateFileMappingW
GetLogicalDriveStringsW
LoadLibraryW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
CreateProcessW
GetEnvironmentVariableW
OutputDebugStringW
GetDriveTypeW
GetSystemDirectoryW
GetTempPathW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetDiskFreeSpaceExW
CreateDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
GetFileAttributesExW
DeleteFileW
FindFirstFileW
FindNextFileW
CopyFileW
MoveFileW
ReplaceFileW
CreateNamedPipeW
GetVolumeInformationW
CancelIo
GetComputerNameW
QueryPerformanceCounter
QueryPerformanceFrequency
GetLogicalProcessorInformation
CreateSymbolicLinkW
GetLocaleInfoW
LocalFree
GetCommandLineW
AttachConsole
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GetCurrentProcessId
SetErrorMode
DeviceIoControl
CreateFileA
GetVolumeInformationA
GetUserDefaultLCID
GetSystemTime
GlobalMemoryStatus
VirtualAlloc
VirtualFree
HeapAlloc
HeapFree
GetProcessHeap
VirtualLock
VirtualUnlock
GetTickCount
FormatMessageA
GetSystemTimeAsFileTime
WideCharToMultiByte
SystemTimeToFileTime
GetFileSize
LockFileEx
CreateFileMappingA
UnlockFile
HeapDestroy
HeapCompact
GetSystemInfo
HeapReAlloc
DeleteFileA
GetVersionExA
WaitForSingleObjectEx
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapSize
DisconnectNamedPipe
GetVersionExW
UnlockFileEx
GetFullPathNameA
LockFile
SetHandleInformation
GetDiskFreeSpaceW
InterlockedCompareExchange
GetFullPathNameW
HeapCreate
AreFileApisANSI
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindNextFileA
FindFirstFileExW
FindFirstFileExA
SetFilePointerEx
SetConsoleCtrlHandler
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetOEMCP
IsValidCodePage
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileType
GetStdHandle
GetModuleFileNameA
GetACP
ResumeThread
ExitThread
GetTimeZoneInformation
VirtualQuery
RaiseException
RtlUnwind
WaitForMultipleObjectsEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
SetProcessAffinityMask
VirtualProtect
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
CreateThread
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
DecodePointer
EncodePointer
GetExitCodeThread
DuplicateHandle
ConnectNamedPipe
CreatePipe
FormatMessageW
GetNativeSystemInfo
SetPriorityClass
SetLocalTime
LoadLibraryA
Sleep
GetThreadPriority
SetThreadPriority
GetCurrentThread
GetCurrentProcess
GetProcAddress
WriteConsoleW
ReadDirectoryChangesW
CancelIoEx
CreateFileW
SetFileTime
FindClose
SetFilePointer
SetEndOfFile
FlushFileBuffers
ReadFile
WriteFile
GetFileInformationByHandle
WaitForMultipleObjects
WaitForSingleObject
ReleaseMutex
ResetEvent
SetEvent
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
IsDebuggerPresent
GetOverlappedResult
GetLastError
TerminateThread
SetThreadAffinityMask
GetCurrentThreadId
SetUnhandledExceptionFilter
GetExitCodeProcess
TerminateProcess
ExitProcess
GlobalMemoryStatusEx
RtlCaptureStackBackTrace
FreeLibrary
MultiByteToWideChar
OutputDebugStringA
GetPriorityClass
HeapValidate
CloseHandle

user32

CreateIconIndirect
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
GetWindowLongW
SetWindowLongW
GetDesktopWindow
AttachThreadInput
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageTimeoutW
PostMessageW
SetFocus
GetFocus
GetWindowTextW
EnumWindows
TrackMouseEvent
GetMessagePos
GetIconInfo
GetMessageExtraInfo
SendMessageW
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowPos
GetMonitorInfoW
IsWindowVisible
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
GetAsyncKeyState
GetKeyboardState
ToUnicode
SendInput
MapVirtualKeyW
GetCapture
SetCapture
ReleaseCapture
GetSystemMetrics
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRgn
InvalidateRect
GetMessageTime
SystemParametersInfoW
RedrawWindow
SetWindowTextW
GetClientRect
GetWindowRect
MessageBoxW
MessageBeep
SetCursorPos
SetCursor
GetCursorPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
ScreenToClient
WindowFromPoint
EnumDisplayMonitors
GetWindowInfo
CallWindowProcW
RegisterWindowMessageW
MoveWindow
GetAncestor
GetWindowPlacement
GetParent
EnumChildWindows
FindWindowW
LoadCursorW
DestroyCursor
DestroyIcon

gdi32

GetObjectW
CreateDIBSection
StretchDIBits
SaveDC
RestoreDC
GetRegionData
GetPixel
ExcludeClipRect
CreateRectRgnIndirect
CreateRectRgn
CreateBitmap
CombineRgn
BitBlt
GetKerningPairsW
GetTextMetricsW
SetMapMode
SetMapperFlags
SelectObject
RemoveFontMemResourceEx
AddFontMemResourceEx
GetGlyphIndicesW
GetOutlineTextMetricsW
GetGlyphOutlineW
GetDeviceCaps
EnumFontFamiliesExW
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
GdiFlush

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegEnumKeyW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExW
GetUserNameW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegCloseKey

shell32

CommandLineToArgvW
SHBrowseForFolderW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
Shell_NotifyIconW
ExtractAssociatedIconW
SHGetMalloc
SHGetPathFromIDListW

ole32

OleSetContainedObject
OleCreate
DoDragDrop
RevokeDragDrop
CoTaskMemAlloc
OleUninitialize
OleInitialize
CLSIDFromString
CoCreateInstance
CoInitialize
RegisterDragDrop

wininet

HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
HttpOpenRequestW
InternetCloseHandle
InternetSetOptionW
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenW
InternetCrackUrlW
FtpOpenFileW
InternetConnectW

ws2_32

recv
ntohs
listen
inet_ntoa
inet_addr
htons
htonl
getsockopt
getsockname
getpeername
ioctlsocket
connect
closesocket
bind
accept
__WSAFDIsSet
recvfrom
select
send
sendto
setsockopt
socket
WSAStartup
getaddrinfo
freeaddrinfo
WSAGetLastError

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

PathStripToRootW

winmm

midiInGetNumDevs
midiOutLongMsg
midiOutShortMsg
midiInGetDevCapsW
midiOutPrepareHeader
midiOutClose
midiOutOpen
midiOutGetDevCapsW
midiOutGetNumDevs
midiInOpen
midiInClose
midiInPrepareHeader
midiInUnprepareHeader
midiInAddBuffer
midiInStart
midiInStop
midiInReset
timeGetTime
timeSetEvent
timeKillEvent
timeGetDevCaps
timeBeginPeriod
midiOutUnprepareHeader

dbghelp

SymGetModuleInfo64
SymInitialize
SymFromAddr

imm32

ImmGetContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCandidateWindow
ImmReleaseContext

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
CM_Get_Device_IDA
CM_Get_Parent
SetupDiEnumDeviceInterfaces

Sections

.text
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12.2MB - Virtual size: 12.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

468c2dfb1ef354971ef0de013145e6c5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

wininet

ws2_32

version

shlwapi

winmm

dbghelp

imm32

setupapi

Sections

.text Size: 6.3MB - Virtual size: 6.3MB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.data Size: 12.2MB - Virtual size: 12.2MB

.gfids Size: 5KB - Virtual size: 5KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 6.3MB - Virtual size: 6.3MB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 12.2MB - Virtual size: 12.2MB

.gfids
Size: 5KB - Virtual size: 5KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 34KB - Virtual size: 34KB