2024-04-16_7ae03e6ac430b1594457e35592b9d556_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-16_7ae03e6ac430b1594457e35592b9d556_magniber
Size

11.7MB
MD5

7ae03e6ac430b1594457e35592b9d556
SHA1

79ab761dcde7e8833784b894d9bb908c7b044c25
SHA256

065eb7853a1664c6872b30f20d649877fa56108059462c22c5c533ece1996763
SHA512

391b3905f61132907592d917a97d8b97953d4e262072c11711f3dd2eb639cf8c4aaf0c543748f4b47517f9029c4b50e2b44e23d754ed9ea6f166e28eea5cad56
SSDEEP

196608:G5Hb2pguU8sEBO3NPPEgOwppK6PM2JOLRolrdGFX:G5HKpU8sE4dPPBK6PzqEdG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_7ae03e6ac430b1594457e35592b9d556_magniber

Files

2024-04-16_7ae03e6ac430b1594457e35592b9d556_magniber
.exe windows:6 windows x86 arch:x86

989430a101f65b1dee5f23bd6a6a94c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\workspace\work\yebaoplatform\outputzz\ZZ.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CloseThreadpoolTimer
CloseThreadpoolWait
CompareStringEx
CompareStringW
CreateDirectoryW
CreateEventExW
CreateEventW
CreateFileMappingW
CreateFileW
CreateMutexW
CreatePipe
CreateProcessW
CreateSemaphoreExW
CreateSymbolicLinkW
CreateThread
CreateThreadpoolTimer
CreateThreadpoolWait
CreateToolhelp32Snapshot
DebugBreak
DecodePointer
DeleteCriticalSection
DeleteFileW
DeviceIoControl
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FlushInstructionCache
FlushProcessWriteBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeLibraryWhenCallbackReturns
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoEx
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetTickCount64
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InterlockedDecrement
InterlockedFlushSList
InterlockedIncrement
InterlockedPopEntrySList
InterlockedPushEntrySList
IsBadReadPtr
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
K32EmptyWorkingSet
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenFileMappingW
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
Process32FirstW
Process32NextW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileInformationByHandle
SetFilePointerEx
SetLastError
SetPriorityClass
SetProcessWorkingSetSize
SetStdHandle
SetThreadpoolTimer
SetThreadpoolWait
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepConditionVariableSRW
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolTimerCallbacks
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcmpA
lstrlenA
lstrlenW

advapi32

CloseServiceHandle
ControlService
CryptAcquireContextW
CryptCreateHash
CryptDecrypt
CryptDeriveKey
CryptDestroyHash
CryptDestroyKey
CryptEncrypt
CryptGetKeyParam
CryptHashData
CryptReleaseContext
DeleteService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

shell32

SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteW
Shell_NotifyIconW

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize
CreateBindCtx
CreateOleAdviseHolder
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleRegEnumVerbs
OleRegGetUserType
OleSaveToStream
OleUninitialize
ReadClassStm
WriteClassStm

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

user32

AnimateWindow
AppendMenuW
BeginPaint
CallMsgFilterW
CallWindowProcW
CharLowerBuffW
CharNextW
CheckMenuItem
ClientToScreen
CloseClipboard
CopyRect
CreateCaret
CreateIconFromResource
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawIconEx
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndPaint
EnumWindows
EqualRect
GetActiveWindow
GetCapture
GetCaretBlinkTime
GetClassInfoExW
GetClassNameW
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetMenuInfo
GetMenuItemCount
GetMenuItemInfoW
GetMessageW
GetMonitorInfoW
GetParent
GetPropW
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuW
IntersectRect
InvalidateRect
InvertRect
IsChild
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadStringA
LoadStringW
MapVirtualKeyA
MapWindowPoints
MessageBoxA
MessageBoxW
MonitorFromRect
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PtInRect
RegisterClassExW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetMenuContextHelpId
SetMenuInfo
SetPropW
SetRect
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TrackMouseEvent
TrackPopupMenu
TranslateMessage
UnionRect
UnregisterClassW
UpdateLayeredWindow
UpdateWindow
WaitMessage

comdlg32

GetOpenFileNameW
GetSaveFileNameW

gdi32

AddFontMemResourceEx
BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontIndirectW
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
EnumFontFamiliesExW
EnumFontsW
ExtCreateRegion
ExtTextOutW
GdiFlush
GetCharABCWidthsW
GetClipBox
GetCurrentObject
GetDCOrgEx
GetDeviceCaps
GetFontData
GetFontUnicodeRanges
GetGlyphIndicesW
GetGlyphOutlineW
GetObjectW
GetOutlineTextMetricsW
GetRegionData
GetStockObject
GetTextExtentPointI
GetTextFaceW
GetTextMetricsW
GetViewportOrgEx
IntersectClipRect
LPtoDP
Rectangle
RemoveFontMemResourceEx
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SetBkMode
SetGraphicsMode
SetLayout
SetMapMode
SetROP2
SetTextAlign
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
SetWorldTransform
StretchBlt

oleaut32

CreateErrorInfo
GetErrorInfo
OleCreatePropertyFrame
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantChangeType
VariantClear
VariantInit

crypt32

CertAddCertificateContextToStore
CertCloseStore
CertCreateCertificateContext
CertDeleteCertificateFromStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringW
CertOpenStore
CryptDecodeObject
CryptMsgClose
CryptMsgGetParam
CryptQueryObject

shlwapi

PathFileExistsW
PathIsDirectoryW
PathRemoveFileSpecW
StrCmpW
StrToIntExW

ws2_32

WSAGetLastError
WSAStartup
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
getnameinfo
getpeername
getsockname
getsockopt
htons
inet_ntoa
inet_ntop
inet_pton
ioctlsocket
ntohl
ntohs
select
setsockopt
socket

iphlpapi

GetAdaptersInfo
GetIfTable
GetIpForwardTable
GetUniDirectionalAdapterInfo

dnsapi

DnsQueryConfig

wininet

InternetSetOptionW

wintrust

WinVerifyTrust

msimg32

AlphaBlend

imm32

ImmAssociateContext
ImmGetContext
ImmReleaseContext

gdiplus

GdipAlloc
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipDeleteGraphics
GdipDisposeImage
GdipDrawImageRectI
GdipFree
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageWidth
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGraphicsClear
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipSaveImageToFile
GdiplusShutdown
GdiplusStartup

rpcrt4

RpcStringFreeA
UuidToStringA

usp10

ScriptFreeCache
ScriptItemize
ScriptShape

opengl32

wglGetCurrentContext
wglGetProcAddress

Sections

.text
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 363KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

989430a101f65b1dee5f23bd6a6a94c1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

ole32

version

user32

comdlg32

gdi32

oleaut32

crypt32

shlwapi

ws2_32

iphlpapi

dnsapi

wininet

wintrust

msimg32

imm32

gdiplus

rpcrt4

usp10

opengl32

Sections

.text Size: 5.4MB - Virtual size: 5.4MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 363KB - Virtual size: 509KB

.00cfg Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 4.5MB - Virtual size: 4.5MB

.reloc Size: 440KB - Virtual size: 439KB

.text
Size: 5.4MB - Virtual size: 5.4MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 363KB - Virtual size: 509KB

.00cfg
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

.reloc
Size: 440KB - Virtual size: 439KB