2024-03-09_d57b627e3163fee1b1478627b216416a_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-09_d57b627e3163fee1b1478627b216416a_magniber
Size

21.6MB
MD5

d57b627e3163fee1b1478627b216416a
SHA1

83f90776fa912e57ede25e59ef6c9b99092d18a1
SHA256

2275419738c3cc9d9dc60b2ea35936c01803f91767908ad59628d0569e0bef36
SHA512

e52d0d4b71c62096c4a18fce61846720cc2d6ad303e9869548242b4c3c3a4d2fe0776110a168d19ec30961140d749d4d0c4e17357610099b0a6331008173c568
SSDEEP

393216:jQGhmmPhjrNYQtYFl4zItN5OmN4tvofUPysqogz0D/xej:zPKQtY1NtyoIysqogzh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-09_d57b627e3163fee1b1478627b216416a_magniber

Files

2024-03-09_d57b627e3163fee1b1478627b216416a_magniber
.exe windows:5 windows x86 arch:x86

9bb4f051341a1aa0afe12a19b7299069

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\MyGit\mylibrary\PeMemoryRun\Debug\PeMemoryRun.pdb

Imports

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
GetFileSecurityA
SetFileSecurityA
RegEnumValueA
RegOpenKeyExW
RegEnumKeyExA
RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA

kernel32

GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileA
GetDiskFreeSpaceA
SearchPathA
GetProfileIntA
GetTempFileNameA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
FindResourceExW
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpyA
GetACP
SetErrorMode
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetVersionExA
GetCurrentThread
GlobalFlags
GetStringTypeExA
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
FreeLibrary
GetSystemDirectoryW
EncodePointer
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameA
GlobalGetAtomNameA
lstrcmpA
CompareStringA
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventA
WaitForSingleObject
SetEvent
CloseHandle
MultiByteToWideChar
CopyFileA
QueryPerformanceCounter
MulDiv
GlobalSize
WideCharToMultiByte
FindResourceW
SizeofResource
LoadResource
GetModuleFileNameA
GetCurrentProcessId
LocalFree
LocalReAlloc
LocalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetTickCount
ExitProcess
LockResource
CreateFileA
GetTempPathA
Sleep
GetModuleHandleA
ReadFile
IsBadReadPtr
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
GetProcessHeap
WriteConsoleW
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetStringTypeW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
GetCommandLineW
GetCommandLineA
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
GetSystemInfo
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
OutputDebugStringW
HeapFree
InitializeCriticalSectionAndSpinCount
HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetSystemTimeAsFileTime
InitializeSListHead
FormatMessageA
CreateFileW

gdi32

GetTextFaceA
GetTextExtentPoint32W
GetTextExtentPointA
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
DeleteMetaFile
CreateMetaFileA
CloseMetaFile
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
StretchDIBits
GetCharWidthA
CreateFontA
GetCurrentObject
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetDIBits
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
CreateCompatibleBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExA
GetTextMetricsA
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CombineRgn
GetTextExtentPoint32A
CreateFontIndirectA
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutA
TextOutA
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocA
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
DeleteObject
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CopyMetaFileA
CreateDCA

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter
GetJobA

shell32

ShellExecuteExA
SHAppBarMessage
SHBrowseForFolderA
SHGetMalloc
ExtractIconA
SHGetFileInfoA
SHAddToRecentDocs
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish

shlwapi

PathRemoveExtensionA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindExtensionA
PathStripToRootA
PathFindFileNameA
PathIsUNCA

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme

ole32

CLSIDFromString
CoUninitialize
CoInitialize
CoCreateGuid
CoInitializeEx
CreateStreamOnHGlobal
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
OleRegGetUserType
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgOpenStorageOnILockBytes
StgIsStorageFile
CoCreateInstance
CoDisconnectObject
StringFromGUID2
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CreateFileMoniker
CreateILockBytesOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleQueryCreateFromData
OleQueryLinkFromData
CoGetMalloc
OleIsRunning
GetRunningObjectTable
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRun
GetHGlobalFromILockBytes
OleGetIconOfClass
SetConvertStg

oleaut32

SysAllocString
VariantInit
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantChangeType
VariantClear
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
SysAllocStringLen
SysStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantCopy

oledlg

ord8

winmm

PlaySoundA

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipDrawImageRectI
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 491KB - Virtual size: 491KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11.2MB - Virtual size: 11.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.6MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bb4f051341a1aa0afe12a19b7299069

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

msimg32

winspool.drv

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

winmm

gdiplus

oleacc

imm32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 491KB - Virtual size: 491KB

.data Size: 11.2MB - Virtual size: 11.2MB

.gfids Size: 137KB - Virtual size: 137KB

.giats Size: 512B - Virtual size: 28B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 7.6MB - Virtual size: 7.6MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 491KB - Virtual size: 491KB

.data
Size: 11.2MB - Virtual size: 11.2MB

.gfids
Size: 137KB - Virtual size: 137KB

.giats
Size: 512B - Virtual size: 28B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 7.6MB - Virtual size: 7.6MB