2024-04-16_7daba79afc3b91a0d94dfa95b7155f0f_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_7daba79afc3b91a0d94dfa95b7155f0f_magniber
Size

2.0MB
MD5

7daba79afc3b91a0d94dfa95b7155f0f
SHA1

d064da11bae84e980445c9f8b9807f360503e4f8
SHA256

4ad3dfb512a778147fd72ad1eec8ec04754cf3587bbfdbabe3f3037cf4caed9a
SHA512

6616f5d682afe6ef7bfa4b7ced68767b22fa410ac22fba6880e760797da648d36a2f1eef58fad299f3211e80bcd1a44714a5d7f7508cd257a39ffa361e1b8bb5
SSDEEP

24576:hv2NJmZkZXHrcReNZOH/mI8jJJNbqNK0H6ACMQTiVY3ZImPG1RhkExbcPCaohj:8DmmBARO/JJNEho+YzO1RuERcfoh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_7daba79afc3b91a0d94dfa95b7155f0f_magniber

Files

2024-04-16_7daba79afc3b91a0d94dfa95b7155f0f_magniber
.exe windows:5 windows x86 arch:x86

a43d720103b6997a8cd41040930ad4c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\build\core_lib\hardware\ComputerzService\ComputerZService\Release\ComputerZService.pdb

Imports

kernel32

InterlockedExchange
InterlockedCompareExchange
GetCurrentThreadId
WaitForSingleObject
CloseHandle
GetLastError
SetLastError
LockResource
FreeLibrary
GetProcAddress
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
GetCurrentProcess
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
LoadResource
SizeofResource
LoadLibraryW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FindResourceExW
WideCharToMultiByte
DecodePointer
InterlockedIncrement
InterlockedDecrement
VirtualProtect
GetCurrentProcessId
RaiseException
SetUnhandledExceptionFilter
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrcmpiW
LoadLibraryExW
IsBadReadPtr
MultiByteToWideChar
GetFileSizeEx
WriteFile
ReadFile
WritePrivateProfileStringW
CreateFileW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
GetShortPathNameW
GetLongPathNameW
OpenProcess
CreateMutexW
GetCommandLineW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Sleep
GetTickCount
FlushFileBuffers
ConnectNamedPipe
DisconnectNamedPipe
SetNamedPipeHandleState
GetNamedPipeInfo
CreateNamedPipeW
GetNamedPipeHandleStateW
SetEvent
ResetEvent
WaitForMultipleObjects
CreateEventW
GetOverlappedResult
PeekNamedPipe
CancelIo
GetTimeZoneInformation
TlsGetValue
TlsSetValue
ReleaseSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentProcessorNumber
GetSystemInfo
FormatMessageA
TlsAlloc
VirtualAlloc
VirtualFree
InitializeSRWLock
AcquireSRWLockExclusive
SwitchToThread
GetSystemTimeAsFileTime
RtlCaptureStackBackTrace
GetSystemWindowsDirectoryW
FreeResource
GetLocalTime
OutputDebugStringA
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
ReadConsoleW
SetEndOfFile
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
WriteConsoleW
GetACP
GetFileSize
GetStdHandle
GetModuleFileNameA
ExitProcess
VirtualQuery
LoadLibraryExA
IsDebuggerPresent
OutputDebugStringW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
FormatMessageW
GetStringTypeW
TryEnterCriticalSection
TlsFree
QueryPerformanceCounter
QueryPerformanceFrequency
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
LocalFree
ReleaseMutex
GetVersionExW
SetFilePointer
UnhandledExceptionFilter
TerminateProcess
WaitForSingleObjectEx
GetStartupInfoW
FindClose
GetSystemDirectoryW
GetWindowsDirectoryW
FindFirstFileW
FindNextFileW
GetCurrentThread
OpenThread
SetThreadPriority
GetThreadPriority
GetThreadContext
SuspendThread
ResumeThread
GetThreadSelectorEntry
InterlockedExchangeAdd
DeviceIoControl
lstrcmpA
lstrcmpiA
CreateFileA
GetPrivateProfileIntW
SignalObjectAndWait
CreateThread
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
SetProcessAffinityMask
DuplicateHandle
ReleaseSemaphore
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
WaitForMultipleObjectsEx
RtlUnwind
ExitThread
GetModuleHandleExW
GetFileAttributesExW
SetConsoleCtrlHandler
GetFileType
SetFilePointerEx
GetConsoleCP
GetConsoleMode

user32

GetWindowLongW
KillTimer
SetTimer
CreateWindowExW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
PostMessageW
GetWindowThreadProcessId
SetWindowLongW
IsWindow
SendMessageTimeoutW
CharNextW
DestroyWindow
UnregisterClassW
DefWindowProcW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
wsprintfW
UnregisterClassA
LoadCursorW
PostQuitMessage
FindWindowExW

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit
VarUI4FromStr

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 175KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a43d720103b6997a8cd41040930ad4c5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

oleaut32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 245KB - Virtual size: 245KB

.data Size: 175KB - Virtual size: 231KB

.rsrc Size: 94KB - Virtual size: 94KB

.reloc Size: 144KB - Virtual size: 144KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 245KB - Virtual size: 245KB

.data
Size: 175KB - Virtual size: 231KB

.rsrc
Size: 94KB - Virtual size: 94KB

.reloc
Size: 144KB - Virtual size: 144KB