2024-03-10_3d38faa66bee687573986cc228eaa01d_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-10_3d38faa66bee687573986cc228eaa01d_magniber
Size

3.3MB
MD5

3d38faa66bee687573986cc228eaa01d
SHA1

ba359ebec71313a6f3bc5840ec1106832e2f8d12
SHA256

e56d3551e6e2faeb41a2ee18e1de9d58e6ab8bd3c552973a359d637b9253c4c8
SHA512

2ece5b8e697ad8ae232a2c88e156319a2e1bd1ed1be208cb32221da54daba59058a1fcbb901ebe29d5c9a2e8b230dc25d79a75feabdebdf19d5237c3d59c21ab
SSDEEP

98304:xkuvvKxE621h13y4Do+1px3H70BRYoNHdlm+zf3yJLimmzLWHDWun7ht5Q0m+I9C:1vMEB1h13TDoMpQ0F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-10_3d38faa66bee687573986cc228eaa01d_magniber

Files

2024-03-10_3d38faa66bee687573986cc228eaa01d_magniber
.exe windows:5 windows x86 arch:x86

70b09f154e55603340221fae062697ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\!work\s22\trunk\live\build\game\FarmFrenzy_HeaveHo.pdb

Imports

kernel32

SetCurrentDirectoryW
GetLastError
GetModuleHandleW
GetModuleFileNameW
InterlockedCompareExchange
SetLastError
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
SetEnvironmentVariableA
GetTimeZoneInformation
SetEndOfFile
SetStdHandle
FlushFileBuffers
LoadLibraryExW
GetConsoleCP
ReadConsoleW
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
OutputDebugStringW
LoadLibraryW
GetProcAddress
FreeLibrary
GetFileSize
FindFirstFileW
SetFilePointer
MapViewOfFile
UnmapViewOfFile
WriteFile
GetFileAttributesW
ReadFile
CreateFileW
GetTempPathW
GetCurrentDirectoryW
FindClose
CreateFileMappingW
RemoveDirectoryW
FindNextFileW
CloseHandle
DeleteFileW
QueryPerformanceCounter
Sleep
CreateMutexW
SetThreadExecutionState
GetCurrentThreadId
SetUnhandledExceptionFilter
GetCurrentThread
GetLocalTime
GetCurrentProcessId
GetLocaleInfoA
GetSystemInfo
GetUserDefaultUILanguage
WaitForSingleObject
SetEvent
SetThreadPriority
CreateEventW
CreateThread
GetTickCount
LocalFree
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
DeleteCriticalSection
GlobalLock
GlobalAlloc
GlobalUnlock
FindResourceW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetEnvironmentVariableW
GetThreadContext
ReadProcessMemory
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
OutputDebugStringA
GetVersionExA
SuspendThread
ResumeThread
GetStringTypeW
EncodePointer
HeapFree
HeapAlloc
GetCommandLineA
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
GetFileType
GetModuleHandleExW
WriteConsoleW
GetSystemTimeAsFileTime
AreFileApisANSI
HeapReAlloc
SetFilePointerEx
ExitProcess
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
ExitThread

dbghelp

SymInitialize
SymFromAddr
MiniDumpWriteDump

gdi32

StretchBlt
GetDeviceCaps
CreateDIBSection
DeleteDC
DeleteObject
SelectObject
SetStretchBltMode
CreateCompatibleDC

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

shlwapi

PathRemoveFileSpecW
PathIsRelativeW

d3d9

Direct3DCreate9

d3dx9_43

D3DXCompileShader

openal32

alDeleteSources
alcDestroyContext
alSourceStop
alListenerfv
alGenBuffers
alSourcei
alcGetString
alSourcef
alcOpenDevice
alcCreateContext
alGenSources
alSourceUnqueueBuffers
alDeleteBuffers
alGetSourcef
alcGetError
alGetBufferi
alSourcePause
alBufferData
alcMakeContextCurrent
alGetSourcei
alSourceQueueBuffers
alGetError
alSourcePlay

user32

GetDC
PostMessageW
GetCursorPos
DispatchMessageW
GetWindowThreadProcessId
DefWindowProcW
SetWindowTextW
AdjustWindowRect
RegisterClassW
CreateWindowExW
ShowWindow
SetWindowPos
SetWindowLongW
PeekMessageW
GetAsyncKeyState
BringWindowToTop
SetCursorPos
GetWindowPlacement
LoadIconW
GetForegroundWindow
TranslateMessage
BeginPaint
ReleaseDC
EnumDisplaySettingsExW
LoadCursorW
AttachThreadInput
SetForegroundWindow
UnregisterClassW
RegisterWindowMessageW
GetWindowRect
ScreenToClient
SystemParametersInfoW
DestroyWindow
ClientToScreen
EndPaint
ReleaseCapture
SetCapture
SetClipboardData
OpenClipboard
EmptyClipboard
GetClipboardData
IsClipboardFormatAvailable
CloseClipboard
DestroyIcon
DrawIconEx
LoadImageW
MessageBoxA
ClipCursor
GetClientRect
SetCursor

advapi32

AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
GetUserNameA
SetNamedSecurityInfoW

shell32

ShellExecuteW
SHGetFolderPathW
SHCreateDirectoryExW

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 489KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70b09f154e55603340221fae062697ed

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

dbghelp

gdi32

winmm

wtsapi32

shlwapi

d3d9

d3dx9_43

openal32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 489KB - Virtual size: 488KB

.data Size: 63KB - Virtual size: 334KB

.rodata Size: 3KB - Virtual size: 2KB

.rsrc Size: 323KB - Virtual size: 322KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 489KB - Virtual size: 488KB

.data
Size: 63KB - Virtual size: 334KB

.rodata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 323KB - Virtual size: 322KB