2024-04-09_359476395f6a29d84040118866747635_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-09_359476395f6a29d84040118866747635_magniber
Size

4.3MB
MD5

359476395f6a29d84040118866747635
SHA1

63c0f0a6bf90bfd485abc424d5254d870248f045
SHA256

605aed487f7d25eef888b67c844e677d1975a38180312f702b8ef990ca55cd7a
SHA512

5eecb6e9ce12dee74433703813724c2787a040d53813ad77123538878a6fe89d9182725d02774e9a386061d62745a676b4d860228ce64c25b344354d370a85ef
SSDEEP

98304:fwkpBqUpmMIMqWnhJqXGEyWf3bLvZ4drfgYOfC:fnpBq2WMzhJ+pfLLadbkK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-09_359476395f6a29d84040118866747635_magniber

Files

2024-04-09_359476395f6a29d84040118866747635_magniber
.exe windows:6 windows x86 arch:x86

d167f1318e445056d8f4cc9b2a4d902f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Dev2022\VS2022\Game\bin\WeCat.pdb

Imports

kernel32

GetFileAttributesExW
SetFileAttributesW
FormatMessageA
LocalFree
CompareFileTime
FreeLibrary
GlobalLock
GlobalUnlock
GlobalAlloc
InitializeCriticalSectionAndSpinCount
GetLocalTime
WriteConsoleW
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapAlloc
HeapFree
GetCurrentThread
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
WideCharToMultiByte
GetCPInfo
CompareStringEx
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
InitOnceExecuteOnce
CreateSymbolicLinkW
GetFileInformationByHandleEx
CreateHardLinkW
CreateDirectoryExW
DeviceIoControl
SystemTimeToFileTime
DosDateTimeToFileTime
GetCurrentProcess
DuplicateHandle
SetFileTime
GetFileType
MulDiv
ExitProcess
LoadLibraryW
GetProcAddress
GetTickCount
SetCurrentDirectoryW
GetACP
MultiByteToWideChar
CopyFileW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleW
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
CreateThread
GetCurrentProcessId
CreateMutexW
ReleaseMutex
GetTempPathW
ReadFile
GetFileSizeEx
GetFileSize
GetFileAttributesW
GetDiskFreeSpaceExW
DeleteFileW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
MoveFileA
GetLastError
CloseHandle
OutputDebugStringW
AreFileApisANSI
SetFileInformationByHandle
GetFullPathNameW
GetFinalPathNameByHandleW
GetFileInformationByHandle
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
GetLocaleInfoEx
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
TryAcquireSRWLockExclusive
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThreadId
SwitchToThread
RaiseException
VerifyVersionInfoW
VerSetConditionMask
SleepEx
WaitForMultipleObjects
PeekNamedPipe
GetStdHandle
GetEnvironmentVariableA
WaitForSingleObjectEx
MoveFileExW
Sleep
GetModuleHandleA
QueryPerformanceFrequency
CreateEventW
WaitForSingleObject
SetEvent
DeleteCriticalSection
CreateFileA
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
FormatMessageW
SetLastError
OutputDebugStringA
WriteFile
SetFilePointerEx
GetSystemTime
SetFilePointer
SetEndOfFile
DeleteFileA
UnhandledExceptionFilter

user32

DispatchMessageW
SendMessageW
CreateWindowExW
IsWindow
DestroyWindow
IsWindowVisible
IsIconic
CharNextW
SetFocus
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
GetWindowRect
GetCursorPos
ScreenToClient
MapWindowPoints
IntersectRect
IsRectEmpty
PtInRect
GetWindowLongW
SetWindowLongW
GetParent
GetWindow
TranslateMessage
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
GetSystemMetrics
GetMenu
SetPropW
GetPropW
AdjustWindowRectEx
LoadImageW
MonitorFromWindow
GetMonitorInfoW
SetWindowRgn
CreateCaret
GetCaretBlinkTime
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
GetSysColor
CharPrevW
DrawTextW
FillRect
SetRect
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
MoveWindow
CreateAcceleratorTableW
InvalidateRgn
GetGUIThreadInfo
GetMessageW
LoadCursorW
OffsetRect
UnionRect
wsprintfW
wvsprintfW
MessageBoxW
IsZoomed
BringWindowToTop
SetWindowPos
ShowWindow
PostQuitMessage
PostMessageW
SetCursor
InflateRect

gdi32

CreateDIBSection
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
SetBkColor
ExtSelectClipRgn
SelectClipRgn
RoundRect
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
GdiFlush
MoveToEx
GetObjectA
CreateRoundRectRgn
SetWindowOrgEx
GetObjectW
GetTextMetricsW
SelectObject
SaveDC
RestoreDC
Rectangle
GetStockObject
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
TextOutW
CreatePatternBrush
GetDeviceCaps
ExtTextOutW
CombineRgn

shell32

SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
ShellExecuteW

ole32

CLSIDFromString
CLSIDFromProgID
OleLockRunning
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantClear
SysAllocStringLen
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantInit

gdiplus

GdipImageGetFrameDimensionsCount
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipAlloc
GdipFree
GdipImageGetFrameDimensionsList
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipDeleteBrush
GdipSetStringFormatLineAlign
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipGetFamily
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipCreateLineBrushI
GdipImageGetFrameCount
GdipDeleteFontFamily
GdipDrawImageRectI
GdipDrawImage
GdipGraphicsClear
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipGetImageHeight
GdipCreateFromHDC
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetImageWidth
GdipGetPropertyItemSize
GdipSetCompositingQuality

ws2_32

WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSASetEvent
WSAWaitForMultipleEvents
closesocket
WSASetLastError
WSAGetLastError
ntohs
WSAStartup
WSACleanup
htons
socket
setsockopt
WSAIoctl
__WSAFDIsSet
select
accept
getsockopt
bind
connect
getsockname
htonl
listen
recv
getaddrinfo
freeaddrinfo
recvfrom
sendto
getpeername
ioctlsocket
gethostname
send

wldap32

ord145
ord219
ord46
ord14
ord216
ord208
ord41
ord117
ord27
ord127
ord167
ord142
ord79
ord133
ord147
ord301
ord26

imm32

ImmSetCompositionFontW
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

comctl32

ord17
_TrackMouseEvent

bcrypt

BCryptGenRandom

advapi32

CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d167f1318e445056d8f4cc9b2a4d902f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

gdiplus

ws2_32

wldap32

imm32

comctl32

bcrypt

advapi32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 273KB - Virtual size: 272KB

.data Size: 13KB - Virtual size: 21KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.reloc Size: 58KB - Virtual size: 57KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 273KB - Virtual size: 272KB

.data
Size: 13KB - Virtual size: 21KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.reloc
Size: 58KB - Virtual size: 57KB