2024-04-19_d21cf5a5e0508cae4bd6083e7067f19e_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-19_d21cf5a5e0508cae4bd6083e7067f19e_magniber
Size

1.3MB
MD5

d21cf5a5e0508cae4bd6083e7067f19e
SHA1

a91e6b810215be8246ed5b6596210fc48051b60a
SHA256

e3e878086bd06897adbf9b7b2dff3cc04a1d0134d26604e90e765b649c73ef03
SHA512

4436489a8d3ea8bf50e8673a8c03ce4776e32870e3dcdbfa0fd678c76bf5f8b5bdf860ae691d5362787089270d897c464e6b375a187fd1f3bfaba10cb6e488a8
SSDEEP

24576:VImLkrV9riAvpqrJ0M+t2merBm/1GkMjV4hkPRT+RHppiUIMvhI9+ngWY:2Sxyt2merBm/1IOhkR0HpUUN5I9+n3Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-19_d21cf5a5e0508cae4bd6083e7067f19e_magniber

Files

2024-04-19_d21cf5a5e0508cae4bd6083e7067f19e_magniber
.exe windows:6 windows x86 arch:x86

46763bedb6d6357aa56d5a15bd990bf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\dvs\p4\build\sw\gcomp\dev\src\NvContainer\_out\x86\release\container\NvContainer.pdb

Imports

shlwapi

PathIsRelativeW

kernel32

VerSetConditionMask
ExpandEnvironmentStringsW
CreateFileW
GetFileAttributesW
GetFullPathNameW
OutputDebugStringW
SetLastError
CreateProcessA
CreateProcessW
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryExW
lstrcmpA
lstrcmpW
VerifyVersionInfoW
FileTimeToSystemTime
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
OutputDebugStringA
Sleep
GetCurrentThreadId
ProcessIdToSessionId
GetSystemTime
GetSystemTimeAsFileTime
CreateTimerQueueTimer
DeleteTimerQueueTimer
GetModuleHandleExW
MoveFileW
MultiByteToWideChar
WideCharToMultiByte
CreateToolhelp32Snapshot
RemoveVectoredContinueHandler
Process32NextW
CreateDirectoryW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
GetCurrentDirectoryW
GetErrorMode
SetErrorMode
GetCommandLineW
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
RemoveDirectoryW
DeviceIoControl
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetStringTypeW
GetFileSizeEx
ReadConsoleW
ReadFile
SetStdHandle
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetConsoleCtrlHandler
GetCurrentThread
EnumSystemLocalesW
AddVectoredContinueHandler
RemoveVectoredExceptionHandler
DecodePointer
AddVectoredExceptionHandler
SetUnhandledExceptionFilter
RtlCaptureStackBackTrace
GetModuleHandleW
WaitForMultipleObjects
OpenEventW
LocalFree
LocalAlloc
OpenProcess
CreateThread
GetCurrentProcessId
CreateEventW
WaitForSingleObject
SetEvent
GetLastError
CloseHandle
GetCurrentProcess
GetProcessTimes
SetDefaultDllDirectories
HeapReAlloc
Process32FirstW
FormatMessageA
SetCurrentDirectoryW
FindFirstFileExW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
SetEndOfFile
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetFileTime
GetTempPathW
AreFileApisANSI
CreateDirectoryExW
CopyFileW
MoveFileExW
CreateHardLinkW
GetFileInformationByHandleEx
CreateSymbolicLinkW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetFileType
GetStdHandle
WriteConsoleW
GetCPInfo
WriteFile
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID

user32

PeekMessageW
GetMessageW
ShutdownBlockReasonDestroy
ShutdownBlockReasonCreate
SetWindowLongW
GetWindowLongW
LoadStringW
UnregisterClassW
RegisterClassW
DefWindowProcW
PostMessageW
DispatchMessageW
TranslateMessage
DestroyWindow
PostThreadMessageW
CreateWindowExW

shell32

CommandLineToArgvW

advapi32

LookupAccountSidW
RegSetKeyValueW
RegOpenKeyExW
GetUserNameW
BuildExplicitAccessWithNameW
SetSecurityInfo
GetSecurityInfo
SetEntriesInAclW
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerExW
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
ChangeServiceConfigW
RegGetValueW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
CreateWellKnownSid
OpenProcessToken

Exports

Exports

NvOptimusEnablement

Sections

.text
Size: 527KB - Virtual size: 527KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 588KB - Virtual size: 592KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46763bedb6d6357aa56d5a15bd990bf0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

shell32

advapi32

Exports

Exports

Sections

.text Size: 527KB - Virtual size: 527KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 8KB - Virtual size: 20KB

.didat Size: 512B - Virtual size: 24B

.rsrc Size: 134KB - Virtual size: 134KB

.reloc Size: 588KB - Virtual size: 592KB

.text
Size: 527KB - Virtual size: 527KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 8KB - Virtual size: 20KB

.didat
Size: 512B - Virtual size: 24B

.rsrc
Size: 134KB - Virtual size: 134KB

.reloc
Size: 588KB - Virtual size: 592KB