2024-03-07_7cc17acf9c594d7c867fa2b9cf3b040e_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-07_7cc17acf9c594d7c867fa2b9cf3b040e_magniber
Size

4.8MB
MD5

7cc17acf9c594d7c867fa2b9cf3b040e
SHA1

a090043a1cc18cfb63cf2f2a574879bc08616a49
SHA256

8c718d126e47e3d6cfdc2c83dc400088d6a4cd32a7fb63ecffccb8737f15d954
SHA512

da119b1253cec439d0f5d885f003e028a7cc8b1fdba4c37b7a3ed12c3212dde326a75135348f751a8b6dbbd3aceac9b2d353897f6be7d8f80a9b3cdc4a830ea3
SSDEEP

49152:6D/jACsNUvioGT/oJQDMh+yyeALXWMIypIkzrAMmTrR/NrcD5XN/Cdp15J3:6DjfcqynzIypIknAME/hcD9k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-07_7cc17acf9c594d7c867fa2b9cf3b040e_magniber

Files

2024-03-07_7cc17acf9c594d7c867fa2b9cf3b040e_magniber
.exe windows:6 windows x86 arch:x86

aff79ab5f227617efc46fa649f46a9d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\NMC\CURRENT260IL3nightlyBuild15203_final\previewer\w32prod\WzPreviewer32.pdb

Imports

shlwapi

ord176
PathIsUNCW
StrRetToStrW
ord199
SHDeleteValueW
SHDeleteKeyW
SHGetValueW
SHDeleteEmptyKeyW
ord219

comctl32

ord412
ImageList_Remove
_TrackMouseEvent
InitCommonControlsEx
ImageList_SetBkColor
ImageList_Destroy
ImageList_Create
ImageList_GetIcon
ImageList_GetImageCount
ord410
ImageList_ReplaceIcon
ord328
ord334
ord336
ord386
ord385
ord413

kernel32

GetLocaleInfoA
GetACP
GetLocalTime
GlobalMemoryStatus
FormatMessageA
GetProcAddress
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetThreadUILanguage
GetUserDefaultUILanguage
FreeLibrary
LoadLibraryExW
WaitForSingleObjectEx
CreateSemaphoreA
ReleaseSemaphore
OpenEventA
ResetEvent
GetCurrentProcess
DuplicateHandle
WaitForMultipleObjectsEx
FileTimeToLocalFileTime
GetCurrentDirectoryW
CreateFileW
GetFileInformationByHandle
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
SetFileTime
WriteFile
GetStdHandle
CompareStringW
CompareStringA
GetFullPathNameW
FoldStringW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCPInfo
IsDBCSLeadByte
LocalFileTimeToFileTime
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetDriveTypeW
DeviceIoControl
MoveFileW
SetLastError
Sleep
GetCurrentThread
SetThreadPriority
GetSystemDirectoryW
GetWindowsDirectoryW
LoadLibraryW
SetThreadExecutionState
FlushFileBuffers
GetFileType
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
CreateSemaphoreW
GetProcessAffinityMask
ExpandEnvironmentStringsW
GetLongPathNameW
GetShortPathNameW
RemoveDirectoryW
CreateIoCompletionPort
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
GetTempPathW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetLocaleInfoW
SetCurrentDirectoryW
GetDiskFreeSpaceW
GetTempFileNameW
GetVolumeInformationW
LockFile
SetFilePointerEx
UnlockFile
OutputDebugStringW
SetErrorMode
LocalFree
FormatMessageW
SetVolumeLabelW
GetDateFormatW
GetTimeFormatW
LoadResource
LockResource
SizeofResource
FindResourceW
FindResourceExW
GlobalUnlock
GetFileSizeEx
FreeResource
GlobalAlloc
GlobalSize
GlobalLock
GlobalFree
GetSystemInfo
InitializeCriticalSectionAndSpinCount
MulDiv
lstrcmpiW
FindNextChangeNotification
GetEnvironmentStringsW
GetCommandLineA
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
SetEnvironmentVariableW
FreeLibraryAndExitThread
ExitThread
FindFirstFileExW
PeekNamedPipe
MoveFileExW
GetFileAttributesExW
WriteConsoleW
GetModuleHandleExW
ExitProcess
VirtualQuery
InterlockedPushEntrySList
RtlUnwind
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateWaitableTimerA
GetModuleHandleA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
GetStringTypeW
LCMapStringEx
EncodePointer
SearchPathW
GetVersionExW
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
GetSystemDefaultUILanguage
PostQueuedCompletionStatus
FindFirstChangeNotificationW
WaitForSingleObject
GetQueuedCompletionStatus
GetTickCount
CreateThread
DeleteFileW
SetWaitableTimer
CreateDirectoryW
FindCloseChangeNotification
SetFileAttributesW
GetFileAttributesW
FindClose
GetModuleFileNameA
FindNextFileW
FindFirstFileW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
CreateEventA
GetCurrentProcessId
CloseHandle
Process32FirstW
SetEvent
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
GetModuleFileNameW
TerminateProcess
GetCommandLineW
FreeEnvironmentStringsW
CreateHardLinkW
InitOnceExecuteOnce

user32

DrawIconEx
DrawTextExW
GetComboBoxInfo
SetClassLongW
GetClassLongW
AppendMenuW
CreatePopupMenu
GetClassInfoExW
ReleaseCapture
SetCapture
IsDlgButtonChecked
CheckDlgButton
MapDialogRect
AnimateWindow
TrackMouseEvent
CharNextW
GetPropW
InflateRect
FrameRect
FillRect
DrawFocusRect
GetClientRect
SetPropW
EndPaint
BeginPaint
IsWindowEnabled
GetKeyState
LoadCursorW
SetCursor
GetMenuItemInfoW
TrackPopupMenu
GetSubMenu
DestroyMenu
LoadMenuW
CallWindowProcW
GetWindowDC
DialogBoxIndirectParamW
DialogBoxParamW
CreateDialogIndirectParamW
GetLastActivePopup
SetForegroundWindow
BringWindowToTop
GetMonitorInfoW
MonitorFromRect
MonitorFromPoint
SystemParametersInfoW
LoadImageW
GetDesktopWindow
IsRectEmpty
SetRectEmpty
GetCursorPos
GetSystemMetrics
IsIconic
SetFocus
RegisterClassExW
SetGestureConfig
GetGestureInfo
GetScrollInfo
SetScrollInfo
GetWindow
GetClassNameW
PtInRect
ReleaseDC
TranslateMessage
RegisterClassW
IsChild
DispatchMessageW
IsWindow
CreateWindowExW
DestroyWindow
DefWindowProcW
GetMessageW
MessageBoxW
PostMessageW
UnregisterClassW
KillTimer
SetParent
SetTimer
GetFocus
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
GetParent
LoadIconW
DestroyIcon
SendMessageW
SetWindowTextW
IsWindowVisible
GetWindowRect
GetWindowLongW
UpdateWindow
GetSysColorBrush
GetDlgItem
SetWindowLongW
MoveWindow
ShowWindow
SetWindowPos
GetDC
MessageBoxA
CharNextA
MessageBeep
EndDialog
CharUpperW
CharLowerW
OemToCharBuffA
CharToOemA
OemToCharA
CharToOemBuffW
GetSysColor
ScreenToClient
ClientToScreen
InvalidateRect
DrawTextW
EnableWindow
GetDlgCtrlID
SendDlgItemMessageW
CreateDialogParamW
IsCharAlphaNumericW
IsCharAlphaNumericA
LoadStringW
GetWindowTextLengthW
GetWindowTextW

gdi32

CreateSolidBrush
DeleteObject
SetBkMode
SetTextColor
DeleteDC
GetBkColor
GetStockObject
GetObjectW
BitBlt
GetTextExtentExPointW
SetDCBrushColor
GetTextExtentPoint32W
TextOutW
Ellipse
SetBkColor
MoveToEx
LineTo
CreatePen
CreateCompatibleBitmap
CreateFontIndirectW
SetDIBits
SelectObject
GetDIBits
GetDeviceCaps
CreateCompatibleDC

advapi32

RegCreateKeyW
RegOpenKeyW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
AllocateAndInitializeSid
RegDeleteKeyW
CheckTokenMembership
FreeSid
OpenProcessToken
AdjustTokenPrivileges
SetFileSecurityW
LookupPrivilegeValueW
RegEnumKeyExW
RegQueryValueW
RegDeleteValueW
RegEnumValueW

shell32

SHGetKnownFolderPath
SHGetFolderPathW
SHFileOperationW
SHGetMalloc
SHGetFileInfoW
SHGetDesktopFolder
SHChangeNotify
ShellExecuteExW
ShellExecuteW

msimg32

AlphaBlend

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdiplus

GdipFillPolygonI
GdipCreateHBITMAPFromBitmap
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromStream
GdipDeleteGraphics
GdipCreateFromHDC
GdipFlush

ole32

CoUninitialize
CoRegisterClassObject
CoInitializeEx
CoRevokeClassObject
CoInitialize
StringFromGUID2
CoAddRefServerProcess
CoReleaseServerProcess
CoTaskMemFree
CoCreateInstance
CoCreateGuid
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

VarUI4FromStr
SysAllocString
VariantClear

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 574KB - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 135KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aff79ab5f227617efc46fa649f46a9d5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

comctl32

kernel32

user32

gdi32

advapi32

shell32

msimg32

version

gdiplus

ole32

oleaut32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 574KB - Virtual size: 574KB

.data Size: 135KB - Virtual size: 177KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 203KB - Virtual size: 204KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 574KB - Virtual size: 574KB

.data
Size: 135KB - Virtual size: 177KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 203KB - Virtual size: 204KB