2024-04-16_7a5b01c85d7bf1e44e5f7dd2ecba03e4_magniber_metamorfo

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_7a5b01c85d7bf1e44e5f7dd2ecba03e4_magniber_metamorfo
Size

7.5MB
MD5

7a5b01c85d7bf1e44e5f7dd2ecba03e4
SHA1

3fc81f37c80141c16df7d2b65e00724bfd0cf462
SHA256

a5eaf913b8c00ccf55d8fb1e6aa976fde2bfa910f27e1a6554900f1f506d5c38
SHA512

80be94ec346d055864f648cbb5be19b2fe155604f54951dabd527273cbfcb9bc4097ba544c1c94b93c4cc2cd44ae2bb1c027a29167152b4dd6782410b2d6cf1d
SSDEEP

98304:Y3McRZ8GtLfypzbHmh4mtHQzW6sRVSkfBDgbTLhfBDNJds9o36QewdE:Y9ReqyWQzW6sRVS8BclBviue

Score

1^/10

Malware Config

Signatures

Files

2024-04-16_7a5b01c85d7bf1e44e5f7dd2ecba03e4_magniber_metamorfo
.exe windows:6 windows x86 arch:x86

9125f1ffef58cb9bd207cc3962a70524

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

08:94:a1:11:8b:07:2a:65:46:75:49:a4:f7:77:06:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11/08/2022, 00:00

Not After

06/09/2024, 23:59

Subject

CN=暴风集团股份有限公司,O=暴风集团股份有限公司,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b3:c5:e3:9d:0b:91:f4:28:99:2b:d3:37:f3:0c:c1:6f:90:b1:77:50
Signer

Actual PE Digest

b3:c5:e3:9d:0b:91:f4:28:99:2b:d3:37:f3:0c:c1:6f:90:b1:77:50

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
CreateThread
SetEvent
SetThreadPriority
VirtualQuery
WideCharToMultiByte
CopyFileW
GetModuleHandleW
CreateProcessW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetSystemInfo
DeleteFileW
GlobalFlags
GetFileAttributesExW
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExW
GetFileAttributesW
WaitForSingleObject
FindClose
GetCurrentProcess
FindNextFileW
GetCommandLineW
SetLastError
FindFirstFileW
ReadFile
CreateDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
FindResourceW
LoadResource
LockResource
FreeResource
GetCurrentThreadId
InitializeCriticalSection
GlobalReAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
TryEnterCriticalSection
GetProcessHandleCount
TerminateProcess
OpenProcess
GetCurrentProcessId
GetLocalTime
WriteFile
ExitProcess
IsDebuggerPresent
CreateEventW
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetModuleFileNameW
GetTickCount
CloseHandle
CreateFileW
Sleep
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
LCMapStringW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
EnterCriticalSection
SizeofResource
LocalFree
FormatMessageW
GetTickCount64
OutputDebugStringA
GetCurrentThread
GetModuleHandleA
LoadLibraryExW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
CompareStringA
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
lstrcpyW
CompareStringW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
EncodePointer
LoadLibraryA
GlobalFindAtomW
GlobalGetAtomNameW
VerSetConditionMask
VerifyVersionInfoW
GetFileSize
GetThreadLocale
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiW
VirtualProtect
SearchPathW
GetTempPathW
GetProfileIntW
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileTime
SetErrorMode
FindResourceExW
GetTempFileNameW
GetWindowsDirectoryW
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
GetStartupInfoW
OutputDebugStringW
RaiseException
RtlUnwind
GetCommandLineA
GetModuleHandleExW
ExitThread
FreeLibraryAndExitThread
VirtualAlloc
QueryPerformanceFrequency
HeapQueryInformation
SetStdHandle
GetFileType
GetStdHandle
SetFilePointerEx
GetConsoleOutputCP
GetConsoleMode
HeapFree

user32

GetCapture
GetMenu
SetMenu
TrackPopupMenu
UpdateWindow
GetForegroundWindow
BeginPaint
EndPaint
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
MapWindowPoints
EqualRect
PtInRect
SetWindowLongW
GetClassLongW
GetClassNameW
GetTopWindow
SetScrollInfo
GetScrollInfo
WinHelpW
ShowWindow
BringWindowToTop
ReleaseCapture
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
CreatePopupMenu
DestroyMenu
InsertMenuItemW
InvalidateRect
SetRectEmpty
IntersectRect
DestroyIcon
UnpackDDElParam
ReuseDDElParam
SetParent
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateW
IsRectEmpty
TrackMouseEvent
CharUpperW
GetAsyncKeyState
SetCapture
KillTimer
GetSystemMenu
DeleteMenu
SetWindowRgn
WindowFromPoint
NotifyWinEvent
ModifyMenuW
ClientToScreen
PostThreadMessageW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
EnumChildWindows
LockWindowUpdate
SetClassLongW
CheckDlgButton
SetWindowTextW
SetFocus
CharNextW
InvalidateRgn
SetRect
GetDlgCtrlID
GetNextDlgTabItem
RealChildWindowFromPoint
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
UnionRect
GetIconInfo
GetMenuItemInfoW
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
GetKeyNameTextW
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetDoubleClickTime
CreateMenu
DestroyCursor
GetComboBoxInfo
DrawIcon
GetWindowRgn
HideCaret
InvertRect
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExW
CallWindowProcW
GetMessageTime
GetMessagePos
GetSysColorBrush
UnhookWindowsHookEx
MonitorFromPoint
InflateRect
CopyRect
FillRect
GetSysColor
ScreenToClient
IsWindow
RegisterWindowMessageW
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
ShowOwnedPopups
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PostQuitMessage
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
RegisterClipboardFormatW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetKeyState
GetWindowThreadProcessId
MonitorFromWindow
SetActiveWindow
WaitForInputIdle
OpenClipboard
GetMonitorInfoW
CloseClipboard
EmptyClipboard
MoveWindow
SetClipboardData
SetForegroundWindow
CopyImage
GetWindowLongW
DefWindowProcW
PostMessageW
DestroyWindow
GetPropW
CreateWindowExW
SendMessageW
RemovePropW
LoadStringW
GetActiveWindow
GetClassInfoW
SetTimer
RegisterClassW
SetPropW
LoadIconW
LoadCursorW
GetDesktopWindow
GetParent
LoadImageW
GetWindowRect
GetDC
GetSystemMetrics
GetWindowDC
GetClientRect
ReleaseDC
MessageBoxW
UnregisterClassW
GetNextDlgGroupItem
IsDialogMessageW

gdi32

CreatePen
CreatePatternBrush
CreateRectRgnIndirect
CreateSolidBrush
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
CombineRgn
CreateRectRgn
SetTextColor
PatBlt
SetPixel
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetTextColor
GetBkColor
CreateHatchBrush
CreateDIBitmap
SetBkColor
CreateBitmap
CreateDCW
GetPixel
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
SetPixelV
CopyMetaFileW
GetTextFaceW
GetNearestPaletteIndex
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetPaletteEntries
RoundRect
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
DPtoLP
SetRectRgn
GetMapMode
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
DeleteDC
DeleteObject
GetObjectW
CreatePalette
SelectPalette
GetSystemPaletteEntries
GetDeviceCaps
GetDIBits
GetStockObject
RealizePalette
StretchBlt
CreateCompatibleDC
SetDIBColorTable
CreateDIBSection
SelectObject
CreateCompatibleBitmap
BitBlt
CreateFontIndirectW
GetTextExtentPoint32W

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW

shell32

ShellExecuteW
SHGetDesktopFolder
DragQueryFileW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
DragFinish
SHBrowseForFolderW
SHGetFileInfoW
SHAppBarMessage

ole32

CoInitialize
CoDisconnectObject
CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
DoDragDrop
OleGetClipboard
OleUninitialize
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleInitialize
CoFreeUnusedLibraries
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal

oleaut32

SysStringLen
SafeArrayDestroy
VarBstrFromDate
VariantClear
VariantChangeType
VariantCopy
SysAllocString
OleCreateFontIndirect
SysFreeString
LoadTypeLi
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControlsEx

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDrawImageRectI
GdipDrawImageI
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipSetCompositingMode
GdipGetImagePalette
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipFree
GdipGetImagePixelFormat
GdipDisposeImage
GdipSetInterpolationMode

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

GetWindowTheme
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetThemeSysColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed

oledlg

OleUIBusyW

ws2_32

WSACleanup

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

Exports

Exports

?get_active_implementation@simdutf@@YAAAV?$atomic_ptr@$$CBVimplementation@simdutf@@@internal@1@XZ
?get_available_implementations@simdutf@@YAABVavailable_implementation_list@internal@1@XZ

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9125f1ffef58cb9bd207cc3962a70524

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

08:94:a1:11:8b:07:2a:65:46:75:49:a4:f7:77:06:fcCertificate

Extended Key Usages

Key Usages

b3:c5:e3:9d:0b:91:f4:28:99:2b:d3:37:f3:0c:c1:6f:90:b1:77:50Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

msimg32

shlwapi

uxtheme

oledlg

ws2_32

oleacc

imm32

winmm

winspool.drv

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 349KB - Virtual size: 348KB

.data Size: 25KB - Virtual size: 43KB

.rsrc Size: 5.4MB - Virtual size: 5.4MB

.reloc Size: 148KB - Virtual size: 148KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

08:94:a1:11:8b:07:2a:65:46:75:49:a4:f7:77:06:fc
Certificate

b3:c5:e3:9d:0b:91:f4:28:99:2b:d3:37:f3:0c:c1:6f:90:b1:77:50
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 349KB - Virtual size: 348KB

.data
Size: 25KB - Virtual size: 43KB

.rsrc
Size: 5.4MB - Virtual size: 5.4MB

.reloc
Size: 148KB - Virtual size: 148KB