2024-03-07_f9c9c83df30028ba65d8f175112148e9_magniber_metamorfo

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-07_f9c9c83df30028ba65d8f175112148e9_magniber_metamorfo
Size

3.7MB
MD5

f9c9c83df30028ba65d8f175112148e9
SHA1

03866c2363ab53df7ec367dd87d8efbc6adb16ed
SHA256

85eade392423ec6fb8c4e5749d839a8eb20c911f7bda57b9973f19399ae9672a
SHA512

eaa47e7e67a48e7585a8595de912efc7d1c4ee5f68d1c4311b5aebd6d685eff9dca40719fcfdd87c5840c84c797550942f02fea33722a6746c49122047a03e3f
SSDEEP

24576:+FF+xs1CjYWBg+CHVbqrPENOIjiSSqg5nwV31xezCQYv7KF+61Y2dspxc/4rdLBQ:7YcgHBNOaiPqVhoMWY2dsE/u1ASVNQyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-07_f9c9c83df30028ba65d8f175112148e9_magniber_metamorfo

Files

2024-03-07_f9c9c83df30028ba65d8f175112148e9_magniber_metamorfo
.exe windows:6 windows x86 arch:x86

4e7e2fcaa8da37ec9afe99683faacef0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\NMC\CURRENT260IL3nightlyBuild15203_final\Libraries\WzAddonsManager\w32prod\WzAddonsManager32.pdb

Imports

kernel32

GetWindowsDirectoryW
LoadLibraryW
GetPrivateProfileIntW
GetLocaleInfoW
ExpandEnvironmentStringsW
SetCurrentDirectoryW
CreateDirectoryW
FindFirstFileW
FindNextFileW
FlushFileBuffers
GetDiskFreeSpaceW
GetDriveTypeW
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameW
GetShortPathNameW
GetTempFileNameW
GetVolumeInformationW
LockFile
RemoveDirectoryW
SetFileTime
UnlockFile
SetErrorMode
QueryPerformanceCounter
QueryPerformanceFrequency
DeviceIoControl
ResetEvent
OpenEventA
FormatMessageW
MoveFileW
SetVolumeLabelW
GetDateFormatW
GetTimeFormatW
MultiByteToWideChar
WideCharToMultiByte
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
FindResourceExW
GlobalUnlock
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
lstrcmpiW
DecodePointer
MulDiv
GlobalAlloc
GlobalLock
GlobalFree
FreeResource
GlobalSize
GetACP
GetSystemDirectoryW
GetTempPathW
WaitForSingleObjectEx
GetFileAttributesW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSection
SetThreadPriority
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetCurrentThread
HeapReAlloc
FreeLibraryAndExitThread
ExitThread
CreateThread
GetFileAttributesExW
MoveFileExW
WriteConsoleW
GetStdHandle
GetModuleHandleExW
ExitProcess
SetEnvironmentVariableW
InterlockedPushEntrySList
RtlUnwind
SearchPathW
GetSystemDefaultUILanguage
GetVersionExW
CreateFileMappingW
MapViewOfFile
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
CreateWaitableTimerA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
SetWaitableTimer
GetCPInfo
GetStringTypeW
LCMapStringEx
EncodePointer
InitializeCriticalSectionEx
WaitForMultipleObjectsEx
GetProcessHeap
HeapAlloc
HeapFree
GetModuleHandleW
GetPrivateProfileStringW
DeleteFileW
SetFileAttributesW
LoadLibraryExW
VerifyVersionInfoW
FreeLibrary
VerSetConditionMask
GetUserDefaultUILanguage
SetThreadUILanguage
OutputDebugStringW
FindResourceW
LoadResource
LockResource
SetFilePointer
SizeofResource
ReadFile
CreateFileW
GetCurrentThreadId
CreateEventA
CreateSemaphoreA
GetCurrentProcessId
GetCurrentDirectoryW
GetSystemInfo
CloseHandle
SetEvent
Sleep
CreateEventW
DuplicateHandle
OpenEventW
WaitForSingleObject
GetModuleFileNameW
ReleaseSemaphore
GetCurrentProcess
GetCommandLineW
GetProcessTimes
MapViewOfFileEx
GetTickCount
FormatMessageA
CreateDirectoryA
RemoveDirectoryA
LocalFree
CreateFileMappingA
SetFilePointerEx
GetProcAddress
SwitchToThread
CreateFileA
GetLastError
GetModuleHandleA
UnmapViewOfFile
ReleaseMutex
CreateMutexA
FindClose
SetEndOfFile
FindNextFileA
WriteFile
SetLastError
FindFirstFileA
GetFileSizeEx
InitOnceExecuteOnce
VirtualQuery

user32

DrawIconEx
DrawTextExW
GetComboBoxInfo
SetClassLongW
GetClassLongW
LoadCursorW
SetParent
TrackPopupMenu
DestroyMenu
CreatePopupMenu
GetClassInfoExW
RegisterClassExW
PostMessageW
ReleaseCapture
SetCapture
IsDlgButtonChecked
AppendMenuW
EnableWindow
SetForegroundWindow
TranslateMessage
GetWindowTextW
MessageBoxW
SetFocus
CheckDlgButton
MapDialogRect
AnimateWindow
GetForegroundWindow
AttachThreadInput
DispatchMessageW
SetActiveWindow
SetWindowPos
GetMessageW
GetWindowThreadProcessId
PostThreadMessageW
IsWindow
SendMessageW
LoadStringW
OemToCharA
OemToCharBuffA
TrackMouseEvent
DialogBoxIndirectParamW
DialogBoxParamW
CreateDialogIndirectParamW
GetPropW
InflateRect
FrameRect
FillRect
DrawFocusRect
GetClientRect
IsIconic
BringWindowToTop
GetSystemMetrics
GetDesktopWindow
GetParent
GetLastActivePopup
DestroyIcon
LoadImageW
DestroyWindow
ShowWindow
IsWindowVisible
GetDlgItem
GetDlgCtrlID
DrawTextW
UpdateWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
GetWindowRect
ScreenToClient
GetSysColor
GetWindowTextLengthW
SetPropW
GetWindowDC
IsWindowEnabled
GetWindowLongW
CreateDialogParamW
SetWindowLongW
DefWindowProcW
KillTimer
SetTimer
GetKeyState
GetFocus
CharNextW
GetMonitorInfoW
MonitorFromRect
MonitorFromPoint
SystemParametersInfoW
IsRectEmpty
SetRectEmpty
GetCursorPos
MoveWindow
SetGestureConfig
GetGestureInfo
GetScrollInfo
SetScrollInfo
GetWindow
GetClassNameW
PtInRect
ClientToScreen
EndDialog
CreateWindowExW

gdi32

GetDeviceCaps
GetDIBits
SetDIBits
GetBkColor
CreateCompatibleBitmap
CreateFontIndirectW
DeleteObject
DeleteDC
CreateCompatibleDC
BitBlt
SetTextColor
CreateSolidBrush
GetObjectW
SetBkMode
SetBkColor
SelectObject
GetStockObject
LineTo
MoveToEx
Ellipse
TextOutW
GetTextExtentPoint32W
SetDCBrushColor
CreatePen

advapi32

RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
CryptDestroyKey
CryptAcquireContextW
CryptVerifySignatureW
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptReleaseContext
OpenProcessToken
SetSecurityDescriptorDacl
RegCloseKey
ReadEventLogA
RegQueryValueExA
CloseEventLog
OpenEventLogA
InitializeSecurityDescriptor
RegEnumKeyExW
RegOpenKeyExA
GetTokenInformation
RegQueryValueW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetMalloc
SHGetFolderPathW
CommandLineToArgvW
SHFileOperationW
SHChangeNotify

ole32

CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateGuid
CoTaskMemFree

oleaut32

VarUI4FromStr

wininet

InternetGetConnectedState
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetCrackUrlW
InternetOpenW
InternetConnectW
InternetQueryOptionW
InternetSetOptionW
InternetGetLastResponseInfoW
InternetAutodial
InternetReadFile
InternetCloseHandle

msimg32

AlphaBlend

comctl32

ord410
ord413
_TrackMouseEvent
ImageList_Create
ImageList_Destroy
ImageList_GetIcon
ord412

gdiplus

GdipCreateLineBrushI
GdipCreateSolidFill
GdipDeleteBrush
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipCreateBitmapFromStream
GdipCloneImage
GdipFlush
GdipCreateFromHDC
GdipDeleteGraphics
GdipFillRectangleI
GdipFillPolygonI
GdipCloneBrush
GdipCreateHBITMAPFromBitmap

crypt32

CryptImportPublicKeyInfo
CryptStringToBinaryA
CryptDecodeObjectEx

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 461KB - Virtual size: 461KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 124KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 170KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e7e2fcaa8da37ec9afe99683faacef0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

msimg32

comctl32

gdiplus

crypt32

version

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 461KB - Virtual size: 461KB

.data Size: 124KB - Virtual size: 137KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 170KB - Virtual size: 172KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 461KB - Virtual size: 461KB

.data
Size: 124KB - Virtual size: 137KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 170KB - Virtual size: 172KB