2024-03-14_341e999d2463814826b4f9164e8c0c79_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-14_341e999d2463814826b4f9164e8c0c79_magniber
Size

5.6MB
MD5

341e999d2463814826b4f9164e8c0c79
SHA1

7ef2617f6d69d9eee48c3f946773b5b348f3f6a4
SHA256

16e7669ad3b0331f0b08da104da65903254cf2e278097971239202d51d0fe970
SHA512

306ebd25ee211ba11273e9ea8f238db25b94e39c6a700b45ea7c0ade5164704c245bc819d51df14b8573952cb7caf12e54ef90b4798eedbbcc596b5b2d7ea25b
SSDEEP

98304:/+PiPo+8TXO5F/f/RxkWxyKZYD0z/gIF2XRcGeZxuYAAhCC407QWwzOu:/6Z+r/f/RxtYgz/gIFvG2wYAZCazL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-14_341e999d2463814826b4f9164e8c0c79_magniber

Files

2024-03-14_341e999d2463814826b4f9164e8c0c79_magniber
.exe windows:6 windows x86 arch:x86

d02e33f4b9ded3e07ea3331683ba8492

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Sources\Fall Windmills\Fall Windmills 3D Settings\Release\Fall Windmills 3D Screensaver.pdb

Imports

d3d9

Direct3DCreate9

kernel32

LoadResource
LockResource
SizeofResource
LoadLibraryA
GlobalAlloc
GlobalLock
lstrcpyA
FindResourceA
QueryPerformanceCounter
QueryPerformanceFrequency
GetThreadTimes
GetCurrentThread
GetCommandLineW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFileSizeEx
GetConsoleOutputCP
FlushFileBuffers
GetTimeZoneInformation
SetConsoleCtrlHandler
GetProcAddress
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapQueryInformation
FreeResource
LeaveCriticalSection
SetFilePointerEx
ReadConsoleW
GetConsoleMode
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
ReadFile
LoadLibraryExW
TlsFree
EnumSystemLocalesW
GetModuleFileNameA
FreeLibrary
FlushInstructionCache
CreateProcessA
EnterCriticalSection
InitializeCriticalSection
GetProcessHeap
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
CreateProcessW
GetExitCodeProcess
DeleteFileW
GetTempPathW
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
GetSystemTimeAsFileTime
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
GetCurrentProcess
WaitForSingleObject
HeapSize
DeleteCriticalSection
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapFree
HeapAlloc
HeapDestroy
SetLastError
GetLastError
RaiseException
CloseHandle
GetFileAttributesA
GetCurrentDirectoryA
GetCommandLineA
MoveFileExW
GetFileAttributesExW
HeapReAlloc
InitializeSListHead
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
Sleep
CreateDirectoryA
OutputDebugStringA
MoveFileA
DeleteFileA
EnumResourceTypesA
EnumResourceNamesA
FindClose
DebugBreak
WriteConsoleW
SetEndOfFile
OutputDebugStringW
SetEnvironmentVariableW
FindNextFileA
FindFirstFileA
GetFullPathNameA
GetLocalTime
FreeEnvironmentStringsW
FormatMessageA
LocalFree
GetLocaleInfoEx
InitializeCriticalSectionEx
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
CompareStringEx
GetCPInfo
GetModuleHandleA
GetSystemDirectoryA
GetLocaleInfoA
lstrlenA
lstrcmpA
LoadLibraryW
GetEnvironmentStringsW

user32

GetWindowRect
SetTimer
GetForegroundWindow
GetCursorPos
GetKeyState
EnumWindows
FindWindowA
EnumChildWindows
GetParent
GetClassNameA
GetWindow
GetTopWindow
GetWindowTextA
RegisterWindowMessageA
SetCursorPos
wsprintfA
ShowCursor
GetMessageA
GetMonitorInfoA
MonitorFromRect
EnumDisplayDevicesA
EnumDisplaySettingsA
DestroyIcon
LoadIconA
LoadCursorA
SetWindowLongA
GetWindowLongA
MessageBoxA
AdjustWindowRect
GetClientRect
SetWindowTextA
EndPaint
BeginPaint
ReleaseDC
GetDC
EnableWindow
GetActiveWindow
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
OpenClipboard
GetDlgItem
EndDialog
DialogBoxParamA
ShowWindow
DestroyWindow
CreateWindowExA
GetClassInfoExA
RegisterClassExA
CallWindowProcA
PostQuitMessage
DefWindowProcA
PostMessageA
SendMessageA
PeekMessageA
DispatchMessageA
TranslateMessage

gdi32

GetDeviceCaps

comdlg32

CommDlgExtendedError
GetOpenFileNameA

advapi32

RegFlushKey
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyA
RegEnumValueA
RegQueryValueExA
RegDeleteValueA
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CoInitialize

oleaut32

VariantInit
CreateErrorInfo
SetErrorInfo
VariantChangeType
SysAllocString
SysFreeString
VariantClear
OleLoadPicture
GetErrorInfo
SysAllocStringLen

comctl32

InitCommonControlsEx

dinput8

DirectInput8Create

d3dx9_43

D3DXOptimizeVertices
D3DXOptimizeFaces
D3DXVec3TransformNormal
D3DXAssembleShader
D3DXCompileShader
D3DXMatrixRotationZ
D3DXLoadSurfaceFromFileInMemory
D3DXMatrixTransformation
D3DXGetFVFVertexSize
D3DXMatrixRotationY
D3DXMatrixRotationAxis
D3DXMatrixTranslation
D3DXMatrixRotationX
D3DXVec3TransformCoord
D3DXMatrixOrthoLH
D3DXMatrixReflect
D3DXMatrixLookAtLH
D3DXMatrixScaling
D3DXSaveSurfaceToFileA
D3DXCreateTextureFromResourceA
D3DXPlaneFromPoints
D3DXCreateTextureFromFileA
D3DXCreateTextureFromFileExA
D3DXCreateTextureFromFileInMemory
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateCubeTexture
D3DXCreateTexture
D3DXMatrixPerspectiveFovLH
D3DXVec3Normalize
D3DXMatrixInverse
D3DXMatrixTranspose
D3DXCreateCubeTextureFromFileInMemory
D3DXVec3Transform
D3DXMatrixMultiply
D3DXCreateTextureFromResourceExA

winmm

timeGetDevCaps
timeBeginPeriod
timeEndPeriod
timeGetTime

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 842KB - Virtual size: 842KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d02e33f4b9ded3e07ea3331683ba8492

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d9

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

dinput8

d3dx9_43

winmm

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 842KB - Virtual size: 842KB

.data Size: 86KB - Virtual size: 556KB

_RDATA Size: 10KB - Virtual size: 9KB

.rsrc Size: 210KB - Virtual size: 209KB

.reloc Size: 212KB - Virtual size: 211KB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 842KB - Virtual size: 842KB

.data
Size: 86KB - Virtual size: 556KB

_RDATA
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 210KB - Virtual size: 209KB

.reloc
Size: 212KB - Virtual size: 211KB