2024-04-15_0b9c80f082652c3c092e25a879a9ee42_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-15_0b9c80f082652c3c092e25a879a9ee42_magniber
Size

248KB
MD5

0b9c80f082652c3c092e25a879a9ee42
SHA1

c0068e89c1bf28be9e5ee557a50d79c572a7baf2
SHA256

3496859d8709172b1a37403f9980d84ca676804cb97ad2a60132ab41f19c455e
SHA512

699df0b6b9baa655239e52296ff6bde9fe51f7379427ccf6da80c95df5d043d01eed92897907a1e25c5e973fa940e726ff5a3b647e6ec47b65f53ca73f0c587c
SSDEEP

6144:b+ctJ0t0peL/UVhsjSurGa6xvwQKzbImVV0p+rlcM833BQLIXgM3bbt:yctit0peLm3BQLIXZd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-15_0b9c80f082652c3c092e25a879a9ee42_magniber

Files

2024-04-15_0b9c80f082652c3c092e25a879a9ee42_magniber
.exe windows:5 windows x86 arch:x86

f95ba240c6112122c25e895278f619ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt
GradientFill

winhttp

WinHttpOpen
WinHttpConnect
WinHttpCloseHandle

kernel32

RemoveVectoredExceptionHandler
lstrlenA
GetCPInfo
LocalCompact
GetTickCount
LocalFlags
LoadLibraryW
LocalShrink
GetSystemTimeAdjustment
TerminateProcess
GetLastError
GetProcAddress
VirtualAllocEx
LoadLibraryA
AddVectoredExceptionHandler
OutputDebugStringA
LocalFree
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
ReadFile
MultiByteToWideChar
LocalAlloc
EnterCriticalSection
GetProcessHeap
SetEndOfFile
SetFilePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetCurrentProcess
IsDebuggerPresent
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapAlloc
HeapFree
GetModuleHandleA
LeaveCriticalSection
CloseHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
VirtualAlloc
HeapReAlloc
CreateFileA
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA

user32

CharPrevExA
CharPrevA
IsCharUpperW
GetMonitorInfoA
GetDC
AnimateWindow
WindowFromDC
IsWindowVisible
UpdateWindow
GetMessageExtraInfo
ShowWindow

gdi32

GetPath
GetCharWidthW
StretchBlt
CloseFigure

shell32

DragAcceptFiles
DragQueryPoint

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f95ba240c6112122c25e895278f619ab

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

winhttp

kernel32

user32

gdi32

shell32

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 22KB

.rsrc Size: 172KB - Virtual size: 176KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 22KB

.rsrc
Size: 172KB - Virtual size: 176KB