2024-04-16_de052878edf77f33dabf511b788387a1_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_de052878edf77f33dabf511b788387a1_magniber
Size

14.3MB
MD5

de052878edf77f33dabf511b788387a1
SHA1

3ee54063940204be6c45a9690f6f8ce64d17112d
SHA256

ca1f5156d04b7f2686aceb0161947af80b3b42e3687ef93eca36c86c725fbf24
SHA512

610ba454dc491ba4efe82bb8f711e19a6edcdc052173f67c6ab290aaa6eb0e0e1f6e47e30974d4cb5f9d1f205b18f61465a216bc180c32f6f1f926724a238655
SSDEEP

196608:kEMaNsuK7xPj2QyZUQ4VyJcQe1CrKqBcSJaojTa6Drb71CBvlN:kEMaNsbRiQ7QJ71KqBphjTzb71CBvl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_de052878edf77f33dabf511b788387a1_magniber

Files

2024-04-16_de052878edf77f33dabf511b788387a1_magniber
.exe windows:6 windows x86 arch:x86

4edc13c9ff872f0c612cf4608671d36f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

d3d9

Direct3DCreate9

d3dx9_43

D3DXCompileShader
D3DXCreateTexture
D3DXGetShaderConstantTableEx
D3DXMatrixMultiply
D3DXMatrixOrthoOffCenterLH
D3DXMatrixRotationZ
D3DXMatrixScaling
D3DXMatrixTranslation
D3DXSaveSurfaceToFileW

gdi32

GetDeviceCaps
GetStockObject

kernel32

AcquireSRWLockExclusive
AreFileApisANSI
CloseHandle
CloseThreadpoolTimer
CloseThreadpoolWait
CompareStringEx
CompareStringW
CopyFileW
CreateDirectoryExW
CreateDirectoryW
CreateEventExW
CreateFileA
CreateFileW
CreatePipe
CreateProcessW
CreateSemaphoreExW
CreateSymbolicLinkW
CreateThread
CreateThreadpoolTimer
CreateThreadpoolWait
DecodePointer
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FlushFileBuffers
FlushProcessWriteBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeLibraryWhenCallbackReturns
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceExW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoEx
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount64
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InterlockedFlushSList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LocalFree
MoveFileExW
MultiByteToWideChar
OutputDebugStringW
PeekNamedPipe
ProcessIdToSessionId
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
RemoveDirectoryW
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetFileAttributesW
SetFileInformationByHandle
SetFilePointer
SetFilePointerEx
SetFileTime
SetLastError
SetPriorityClass
SetStdHandle
SetThreadExecutionState
SetThreadpoolTimer
SetThreadpoolWait
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SuspendThread
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolTimerCallbacks
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

openal32

alBufferData
alDeleteBuffers
alDeleteSources
alGenBuffers
alGenSources
alGetBufferi
alGetEnumValue
alGetSource3f
alGetSourcef
alGetSourcei
alGetString
alIsExtensionPresent
alListener3f
alListenerf
alListenerfv
alSource3f
alSourcePause
alSourcePlay
alSourceQueueBuffers
alSourceStop
alSourceUnqueueBuffers
alSourcef
alSourcei
alcCloseDevice
alcCreateContext
alcDestroyContext
alcGetCurrentContext
alcIsExtensionPresent
alcMakeContextCurrent
alcOpenDevice

psapi

EnumProcessModules

shell32

SHGetFolderPathW
ShellExecuteW
ord175

user32

BeginPaint
ClientToScreen
ClipCursor
CloseClipboard
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
EmptyClipboard
EndPaint
EnumDisplaySettingsW
FillRect
GetAsyncKeyState
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetForegroundWindow
GetKeyState
GetKeyboardState
GetSystemMetrics
GetWindowLongW
GetWindowRect
IsClipboardFormatAvailable
LoadCursorW
LoadIconW
MapWindowPoints
MessageBeep
MessageBoxW
OpenClipboard
PeekMessageW
PostQuitMessage
PtInRect
RegisterClassW
ReleaseCapture
ReleaseDC
ScreenToClient
SendInput
SendMessageW
SetCapture
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
ToAscii
UnregisterClassW
WindowFromPoint

winmm

auxGetDevCapsW
auxGetNumDevs
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
waveOutGetDevCapsW
waveOutGetNumDevs

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 480KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text1
Size: 704KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Geddon
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4edc13c9ff872f0c612cf4608671d36f

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

d3d9

d3dx9_43

gdi32

kernel32

openal32

psapi

shell32

user32

winmm

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 480KB - Virtual size: 480KB

.reloc Size: 228KB - Virtual size: 228KB

.text1 Size: 704KB - Virtual size: 704KB

.adata Size: 64KB - Virtual size: 64KB

.data1 Size: 128KB - Virtual size: 128KB

.reloc1 Size: 64KB - Virtual size: 64KB

.pdata Size: 6.5MB - Virtual size: 6.5MB

.rsrc Size: 212KB - Virtual size: 212KB

.Geddon Size: 8KB - Virtual size: 8KB

.text
Size: 4.7MB - Virtual size: 4.7MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 480KB - Virtual size: 480KB

.reloc
Size: 228KB - Virtual size: 228KB

.text1
Size: 704KB - Virtual size: 704KB

.adata
Size: 64KB - Virtual size: 64KB

.data1
Size: 128KB - Virtual size: 128KB

.reloc1
Size: 64KB - Virtual size: 64KB

.pdata
Size: 6.5MB - Virtual size: 6.5MB

.rsrc
Size: 212KB - Virtual size: 212KB

.Geddon
Size: 8KB - Virtual size: 8KB