2024-03-29_6838869876b6613bb7648cab782c167e_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-29_6838869876b6613bb7648cab782c167e_magniber
Size

4.8MB
MD5

6838869876b6613bb7648cab782c167e
SHA1

af7ffbd661b8378b4424259268c6fa1bd19c7cdf
SHA256

62286f46ce8f2991444a9a7d2089789f03ecab8d4a2c5d6aca18a4a0ffeaa4f0
SHA512

f859c8368fb7f051760789c3284b0c041b6f0c3a38afc20512f1b282d9f1b93711035da9b997f99d8180890a49851977f566538eae7295f9b905f3678768efca
SSDEEP

98304:T+hOh4Q1wgDUkwpksbI+q+5HPpEOrf82X37dnzLoaeoB8xh:bqYx9sbI+Z9SOrU2H5zLoGBSh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-29_6838869876b6613bb7648cab782c167e_magniber

Files

2024-03-29_6838869876b6613bb7648cab782c167e_magniber
.exe windows:5 windows x86 arch:x86

66c58fd3c0a9dd14dc1786671a55e080

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\mra.icq8.marketalert\Installer\Release\magentsetup.pdb

Imports

winhttp

WinHttpGetIEProxyConfigForCurrentUser

shlwapi

PathIsRootW
SHStrDupW
PathFindFileNameW
PathFindExtensionW
PathRemoveExtensionW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathIsRelativeW
AssocQueryStringW
PathIsDirectoryW
SHDeleteKeyW
SHDeleteValueW

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameW
GetModuleFileNameExW
GetProcessImageFileNameW

ws2_32

send
recv
WSAGetLastError
setsockopt
select
connect
WSAEventSelect
WSACreateEvent
getnameinfo
socket
ioctlsocket
closesocket
ntohl
ntohs
inet_addr
gethostbyname
inet_ntoa
htons
htonl
WSAEnumNetworkEvents

msimg32

AlphaBlend

wininet

FindFirstUrlCacheEntryA
InternetGetCookieExW
FindCloseUrlCache
InternetQueryOptionW
InternetSetCookieExW
DeleteUrlCacheEntryA
FindNextUrlCacheEntryA

kernel32

HeapFree
GetProcessHeap
FindFirstFileExW
SetLastError
GetVersionExA
lstrcmpW
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FormatMessageW
GlobalSize
GetModuleHandleA
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
SetThreadPriority
ResumeThread
SuspendThread
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GlobalGetAtomNameW
GetAtomNameW
GetThreadLocale
FileTimeToSystemTime
SystemTimeToFileTime
lstrlenA
MoveFileW
GetStringTypeExW
lstrcmpiW
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
FileTimeToLocalFileTime
GetFileAttributesExW
LocalFileTimeToFileTime
SetFileTime
GetFileTime
SetErrorMode
GetStartupInfoW
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
FindFirstFileA
FindNextFileA
GetConsoleCP
GetConsoleMode
HeapAlloc
ExitThread
CreateThread
HeapReAlloc
GetDriveTypeW
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
SetStdHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FatalAppExitA
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
SetCurrentDirectoryA
LCMapStringW
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetDriveTypeA
GetFullPathNameA
SetEnvironmentVariableA
ExitProcess
GetStringTypeW
WaitForMultipleObjects
GetTickCount
TryEnterCriticalSection
WritePrivateProfileStringW
GetCurrentThreadId
GetShortPathNameW
CreatePipe
SetHandleInformation
GetExitCodeProcess
CreateProcessW
GetFileSizeEx
GetModuleHandleW
GetCurrentThread
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
CompareStringW
MultiByteToWideChar
FindResourceExW
CreateEventW
ResetEvent
GetSystemTimeAsFileTime
TerminateThread
SetEvent
RemoveDirectoryW
FindFirstFileW
FindNextFileW
FindClose
GetCurrentProcess
GetTempPathW
MoveFileExW
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetWindowsDirectoryW
OpenFile
_lclose
_lwrite
CopyFileA
LoadLibraryW
GetProcAddress
GetEnvironmentVariableW
GetSystemDefaultLCID
GetUserDefaultLCID
CopyFileW
SetFileAttributesW
DeleteFileW
_lread
_llseek
WaitForSingleObject
GetCurrentProcessId
LoadLibraryExW
FreeLibrary
OpenProcess
TerminateProcess
GlobalAlloc
GlobalFree
LocalAlloc
LocalFree
GetFileSize
ReadFile
SetFilePointer
SetEndOfFile
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GetPrivateProfileIntW
CreateDirectoryW
CreateFileW
WriteFile
FreeResource
lstrlenW
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCommandLineW
Sleep
GetVersionExW
CreateSemaphoreW
GetModuleFileNameW
GetLastError
OpenSemaphoreW
GetFileAttributesW
MulDiv
GetSystemDefaultLangID
CloseHandle
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersion
GlobalMemoryStatus
FlushConsoleInputBuffer
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetCurrentDirectoryW

user32

BringWindowToTop
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
WindowFromPoint
GetSystemMenu
SetParent
GetDCEx
LockWindowUpdate
IsDialogMessageW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
GetMenuState
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetFocus
SetFocus
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
ScrollWindow
TrackPopupMenuEx
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetClassInfoW
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SystemParametersInfoA
GetWindow
GetClassLongW
SetClassLongW
EnumDisplayMonitors
SubtractRect
UnionRect
IntersectRect
RegisterClassW
GetSysColor
IsWindowEnabled
DrawTextW
SetCapture
GetUpdateRect
BeginPaint
EndPaint
TrackMouseEvent
CallWindowProcW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetClassInfoExW
RegisterClassExW
GetClassInfoExA
RegisterClassExA
TranslateAcceleratorW
GetForegroundWindow
SetWindowPlacement
CreateWindowExW
IsZoomed
IsWindowVisible
SetActiveWindow
MonitorFromRect
MonitorFromWindow
GetMonitorInfoW
UpdateLayeredWindow
LoadIconW
GetMenu
AdjustWindowRectEx
InvalidateRect
GetWindowDC
SetWindowLongW
GetParent
GetCursorPos
FillRect
OffsetRect
PtInRect
GetShellWindow
EnumChildWindows
GetDlgCtrlID
GetWindowTextLengthW
GetWindowTextW
EndDialog
SetDlgItemTextW
CreateDialogParamW
GetWindowLongW
DialogBoxParamW
DestroyWindow
SetPropW
SetRectEmpty
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
GetPropW
SetForegroundWindow
RemovePropW
GetClipboardData
CharUpperW
OpenClipboard
EmptyClipboard
SetClipboardData
CharToOemW
CloseClipboard
PostMessageW
GetMessageW
PostThreadMessageW
MessageBoxW
GetWindowThreadProcessId
SendNotifyMessageW
EnumWindows
IsWindow
SendMessageTimeoutW
GetClassNameW
CopyImage
CharLowerW
MapWindowPoints
SetWindowPos
GetSystemMetrics
GetClientRect
IsIconic
DrawIcon
LoadStringW
RegisterWindowMessageW
LoadCursorW
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
DestroyIcon
DeleteMenu
UnregisterClassW
GetDialogBaseUnits
GetSysColorBrush
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
SetTimer
KillTimer
WaitMessage
SetCursor
UpdateWindow
ReleaseCapture
GetDesktopWindow
GetDC
ReleaseDC
EnableWindow
LoadImageW
SetWindowTextW
ScreenToClient
IsDlgButtonChecked
CheckDlgButton
SendMessageW
GetWindowRect
CopyRect
GetDlgItem
ShowWindow
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
ShowOwnedPopups
TranslateMessage
ValidateRect
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxA
LoadMenuW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
ScrollWindowEx
GetWindowPlacement
MoveWindow
DefWindowProcW
TrackPopupMenu

gdi32

SetICMMode
CreateCompatibleBitmap
SetDIBitsToDevice
StretchDIBits
SetStretchBltMode
CreateRectRgn
CreateRoundRectRgn
SetBkColor
GetTextMetricsW
GdiAlphaBlend
GetDCOrgEx
GetWindowExtEx
StartDocW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetColorSpace
SetDIBits
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetBkColor
GetRgnBox
GetCharWidthW
CreateFontW
GetCurrentPositionEx
GetDIBits
GetLogColorSpaceW
GetViewportExtEx
SelectClipPath
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
GetTextExtentPoint32W
GetPixel
BitBlt
GetBitmapBits
GetObjectA
CreateDCA
DeleteDC
CreateCompatibleDC
CreateDIBSection
GdiFlush
SetViewportOrgEx
GetStockObject
GetTextColor
SetBkMode
SetTextColor
CreateSolidBrush
AddFontResourceW
SelectObject
DeleteObject
GetDeviceCaps
GetObjectW
SetTextJustification
CreateFontIndirectW
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
GetClipBox
SetTextCharacterExtra

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegSetValueW
DuplicateTokenEx
GetLengthSid
SetTokenInformation
CreateProcessAsUserW
RegCreateKeyW
GetUserNameW
OpenThreadToken
LookupPrivilegeValueW
AdjustTokenPrivileges
EqualSid
OpenProcessToken
GetTokenInformation
RegQueryInfoKeyW
RegOpenKeyW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegEnumKeyW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
LookupAccountNameW
LookupAccountSidW
ConvertSidToStringSidW
ConvertStringSidToSidW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueW

shell32

ShellExecuteW
CommandLineToArgvW
SHGetSpecialFolderPathW
SHGetMalloc
ShellExecuteExW
SHGetFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
FindExecutableW
DragQueryFileW
DragFinish
SHGetFileInfoW
ExtractIconW
SHCreateDirectoryExW
ord680

oledlg

OleUIBusyW

ole32

StringFromCLSID
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitializeEx
PropVariantClear
CLSIDFromProgID
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
OleDuplicateData
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromString
CoDisconnectObject
StringFromGUID2
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
StgOpenStorageOnILockBytes

oleaut32

VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
VarBstrFromDec
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
VarDecFromStr
SysAllocStringByteLen
VarBstrFromDate
SafeArrayDestroyData
OleCreateFontIndirect
SafeArrayAllocDescriptor
SafeArrayDestroy
VariantClear
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysStringLen
SysAllocStringLen
CreateErrorInfo
SetErrorInfo
VariantChangeType
OleLoadPicture
SysAllocString
SysFreeString
VariantInit
SysStringByteLen
GetErrorInfo

urlmon

UrlMkGetSessionOption

wsock32

sendto
WSAStartup
WSACleanup
accept
bind
getsockname
getpeername
WSAAsyncSelect
recvfrom
shutdown
WSASetLastError

rpcrt4

RpcBindingSetOption
NdrClientCall2
RpcStringFreeW
RpcBindingFree
RpcStringBindingComposeW
RpcBindingFromStringBindingW

netapi32

NetUserGetInfo
NetApiBufferFree
NetUserEnum

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 433KB - Virtual size: 433KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 81B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29.8MB - Virtual size: 29.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66c58fd3c0a9dd14dc1786671a55e080

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winhttp

shlwapi

psapi

ws2_32

msimg32

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

oledlg

ole32

oleaut32

urlmon

wsock32

rpcrt4

netapi32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 433KB - Virtual size: 433KB

.data Size: 59KB - Virtual size: 155KB

.tls Size: 512B - Virtual size: 81B

.rsrc Size: 29.8MB - Virtual size: 29.8MB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 433KB - Virtual size: 433KB

.data
Size: 59KB - Virtual size: 155KB

.tls
Size: 512B - Virtual size: 81B

.rsrc
Size: 29.8MB - Virtual size: 29.8MB