General

Malware Config

Signatures

Files

• 2024-04-20_1375fc2aedd491481127b3d2c5c8e9ca_magniber_revil

  .exe windows:6 windows x86 arch:x86

  6b19ae794b3028e3e52b93f767b4397a

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  D:\Jenkins\.jenkins\workspace\MGame\Zipper\ZipperInstAndUinst\Inst\Install.pdb

  Imports

  kernel32

  GetCurrentProcessId

  CreateMutexW

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  GetLongPathNameW

  MoveFileExW

  MoveFileW

  lstrlenW

  FindResourceW

  SizeofResource

  LockResource

  LoadResource

  FindResourceExW

  GetWindowsDirectoryW

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  FreeLibrary

  GetModuleHandleW

  GetProcAddress

  LoadLibraryW

  WideCharToMultiByte

  MultiByteToWideChar

  CreateFileW

  GetFileSize

  GetLogicalDriveStringsW

  QueryDosDeviceW

  ReadFile

  GetCurrentProcess

  GetTickCount

  K32GetProcessImageFileNameW

  GetCurrentThreadId

  SearchPathW

  CreateDirectoryW

  FindCloseChangeNotification

  FindFirstChangeNotificationW

  CompareFileTime

  GetFileInformationByHandle

  RtlCaptureStackBackTrace

  DeleteCriticalSection

  SetEvent

  WaitForSingleObject

  CreateEventW

  Sleep

  WaitForMultipleObjects

  GetLocalTime

  lstrcpynW

  GetDriveTypeW

  WritePrivateProfileStringW

  lstrcmpiW

  LoadLibraryExW

  GetCommandLineW

  VerifyVersionInfoW

  VerSetConditionMask

  OpenProcess

  GetProcessHeap

  HeapSize

  HeapFree

  HeapReAlloc

  HeapAlloc

  HeapDestroy

  GetModuleFileNameW

  GetLastError

  GetTempPathW

  SetFileAttributesW

  RemoveDirectoryW

  GetFullPathNameW

  GetFileAttributesW

  FindNextFileW

  FindFirstFileW

  InitializeCriticalSectionEx

  RaiseException

  DecodePointer

  WriteConsoleW

  SetFilePointerEx

  ReadConsoleW

  SetStdHandle

  SetConsoleCtrlHandler

  SetEnvironmentVariableW

  SetEnvironmentVariableA

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineA

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  FindNextFileA

  FindFirstFileExW

  FindFirstFileExA

  GetConsoleMode

  GetConsoleCP

  GetTimeZoneInformation

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  GetTimeFormatW

  GetDateFormatW

  GetStringTypeW

  GetFileType

  GetStdHandle

  GetModuleFileNameA

  GetModuleHandleExW

  ExitThread

  RtlUnwind

  WaitForMultipleObjectsEx

  CreateTimerQueue

  UnregisterWaitEx

  QueryDepthSList

  FindClose

  DeleteFileW

  CloseHandle

  InterlockedFlushSList

  ReleaseSemaphore

  DuplicateHandle

  SetProcessAffinityMask

  VirtualProtect

  GetModuleHandleA

  FreeLibraryAndExitThread

  GetThreadTimes

  GetCurrentThread

  UnregisterWait

  RegisterWaitForSingleObject

  SetLastError

  K32GetModuleFileNameExW

  SetThreadAffinityMask

  GetProcessAffinityMask

  GetNumaHighestNodeNumber

  DeleteTimerQueueTimer

  ChangeTimerQueueTimer

  CreateTimerQueueTimer

  GetLogicalProcessorInformation

  GetTempFileNameA

  GetTempPathA

  WriteFile

  DeleteFileA

  CreateFileA

  GetFileAttributesExW

  SetFilePointer

  CreateFileMappingW

  MapViewOfFile

  UnmapViewOfFile

  TerminateProcess

  GetExitCodeProcess

  CopyFileW

  GetShortPathNameW

  OutputDebugStringA

  OutputDebugStringW

  GetFileSizeEx

  ResetEvent

  GetSystemInfo

  GetTempFileNameW

  LocalFree

  FormatMessageW

  GetEnvironmentVariableW

  GetVersionExW

  GetDiskFreeSpaceExW

  GetSystemDirectoryW

  LocalAlloc

  GetPrivateProfileStringW

  IsDebuggerPresent

  EncodePointer

  InitializeSListHead

  InterlockedPopEntrySList

  InterlockedPushEntrySList

  FlushInstructionCache

  IsProcessorFeaturePresent

  VirtualAlloc

  VirtualFree

  LoadLibraryExA

  TryEnterCriticalSection

  QueryPerformanceCounter

  QueryPerformanceFrequency

  InitializeCriticalSectionAndSpinCount

  SwitchToThread

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  GetSystemTimeAsFileTime

  FlushFileBuffers

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  GlobalFree

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  WaitForSingleObjectEx

  GetStartupInfoW

  InterlockedCompareExchange

  FreeResource

  GetSystemWindowsDirectoryW

  DeviceIoControl

  lstrcmpA

  lstrcmpiA

  GetACP

  MulDiv

  SetCurrentDirectoryW

  GetCurrentDirectoryW

  IsBadReadPtr

  ExitProcess

  lstrcmpW

  SetEndOfFile

  GetFileTime

  SetFileTime

  GetSystemTime

  SystemTimeToFileTime

  FileTimeToLocalFileTime

  LocalFileTimeToFileTime

  FileTimeToDosDateTime

  DosDateTimeToFileTime

  GetVersion

  InterlockedExchange

  ResumeThread

  InterlockedIncrement

  InterlockedDecrement

  SignalObjectAndWait

  CreateThread

  SetThreadPriority

  GetThreadPriority

  user32

  wvsprintfW

  InflateRect

  MonitorFromPoint

  IsChild

  IsZoomed

  GetKeyState

  GetUpdateRect

  GetCursorPos

  CreateCaret

  GetCaretBlinkTime

  SetCaretPos

  IntersectRect

  IsRectEmpty

  GetClassNameW

  RegisterClassW

  EnableWindow

  GetMenu

  SetPropW

  GetPropW

  AdjustWindowRectEx

  RemovePropW

  SetWindowRgn

  CopyImage

  CharPrevW

  SetRect

  DestroyIcon

  DrawIconEx

  GetIconInfo

  HideCaret

  ShowCaret

  ClientToScreen

  GetSysColor

  GetWindowDC

  CreateAcceleratorTableW

  InvalidateRgn

  IsWindowEnabled

  DrawFocusRect

  DestroyCursor

  EqualRect

  AttachThreadInput

  LoadImageW

  GetSystemMetrics

  GetActiveWindow

  DialogBoxParamW

  IsIconic

  IsWindowVisible

  PostQuitMessage

  FindWindowW

  CharNextW

  PeekMessageW

  DispatchMessageW

  TranslateMessage

  UnregisterClassA

  RegisterWindowMessageW

  FillRect

  ScreenToClient

  GetWindowTextLengthW

  GetWindowTextW

  SetWindowTextW

  DrawTextW

  GetAsyncKeyState

  GetFocus

  UpdateLayeredWindow

  ShowWindow

  IsWindow

  CreateWindowExW

  GetClassInfoExW

  RegisterClassExW

  UnregisterClassW

  CallWindowProcW

  DefWindowProcW

  DestroyWindow

  IsDialogMessageW

  LoadCursorW

  GetWindow

  GetParent

  SetWindowLongW

  GetWindowLongW

  OffsetRect

  MapWindowPoints

  SetCursor

  GetClientRect

  InvalidateRect

  EndPaint

  BeginPaint

  ReleaseDC

  GetDC

  ReleaseCapture

  SetCapture

  SetFocus

  EndDialog

  SendMessageW

  GetMonitorInfoW

  MonitorFromWindow

  UnionRect

  SendNotifyMessageW

  SetWindowPos

  BringWindowToTop

  GetForegroundWindow

  SetForegroundWindow

  GetWindowRect

  CopyRect

  SystemParametersInfoW

  MessageBoxW

  wsprintfW

  SendMessageTimeoutW

  GetMessageW

  GetShellWindow

  CharLowerBuffW

  LoadStringW

  GetWindowThreadProcessId

  FindWindowExW

  PostMessageW

  KillTimer

  SetTimer

  MoveWindow

  PtInRect

  gdi32

  RestoreDC

  EnumFontFamiliesW

  RectVisible

  OffsetViewportOrgEx

  GetObjectW

  CreateDIBSection

  SetTextColor

  SetBkMode

  SetBkColor

  SelectClipRgn

  SaveDC

  GetStockObject

  CreateSolidBrush

  CreateRectRgnIndirect

  CreateFontW

  SetViewportOrgEx

  SelectObject

  DeleteObject

  DeleteDC

  CreateCompatibleDC

  CreateCompatibleBitmap

  BitBlt

  GetDeviceCaps

  CreateFontIndirectW

  CreatePen

  Rectangle

  GetTextMetricsW

  SetWindowOrgEx

  CreateRoundRectRgn

  CombineRgn

  GetCharABCWidthsW

  GetClipBox

  GetTextExtentPoint32W

  ExtSelectClipRgn

  StretchBlt

  SetStretchBltMode

  SetDIBColorTable

  TextOutW

  ExtTextOutW

  GdiFlush

  CreateDCW

  GetDIBits

  SetDIBitsToDevice

  advapi32

  GetUserNameW

  RegSetKeySecurity

  SetSecurityDescriptorDacl

  IsValidSid

  InitializeSecurityDescriptor

  GetSidSubAuthorityCount

  GetSidSubAuthority

  RegCreateKeyW

  CryptDestroyHash

  RegQueryInfoKeyW

  RegEnumKeyExW

  RegDeleteValueW

  RegDeleteKeyW

  RegCreateKeyExW

  RegSetValueExW

  RegEnumValueW

  LookupPrivilegeValueW

  DuplicateTokenEx

  AdjustTokenPrivileges

  OpenProcessToken

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  CryptHashData

  RegDeleteKeyValueW

  RegDeleteTreeW

  AllocateAndInitializeSid

  CheckTokenMembership

  FreeSid

  DeleteAce

  EqualSid

  LookupAccountSidW

  LookupAccountNameW

  SetEntriesInAclW

  GetExplicitEntriesFromAclW

  GetNamedSecurityInfoW

  SetNamedSecurityInfoW

  BuildExplicitAccessWithNameW

  GetTrusteeNameW

  CryptAcquireContextW

  CryptReleaseContext

  CryptDestroyKey

  CryptSetKeyParam

  CryptGenRandom

  CryptImportKey

  CryptEncrypt

  CryptDecrypt

  CryptContextAddRef

  GetTokenInformation

  RegEnumKeyExA

  RegOpenKeyExA

  RegQueryValueExA

  CryptGetHashParam

  CryptCreateHash

  ConvertSidToStringSidW

  shell32

  SHFileOperationW

  ord165

  ShellExecuteExW

  SHChangeNotify

  SHCreateDirectoryExW

  SHGetSpecialFolderPathW

  SHGetFolderPathW

  SHGetPathFromIDListW

  SHBrowseForFolderW

  ShellExecuteW

  ole32

  CoSetProxyBlanket

  CLSIDFromString

  OleLockRunning

  StringFromGUID2

  CoInitializeSecurity

  CoInitializeEx

  CreateStreamOnHGlobal

  OleRun

  CLSIDFromProgID

  CoTaskMemFree

  CoCreateGuid

  CoUninitialize

  CoCreateInstance

  CoInitialize

  CoTaskMemAlloc

  CoTaskMemRealloc

  oleaut32

  VarUI4FromStr

  VariantCopy

  SafeArrayPutElement

  SafeArrayCreate

  CreateErrorInfo

  SetErrorInfo

  GetErrorInfo

  VarBstrCmp

  VariantClear

  SysStringByteLen

  SysFreeString

  VariantChangeType

  VariantInit

  SysStringLen

  SysAllocStringByteLen

  SysAllocString

  shlwapi

  PathIsRootW

  SHSetValueA

  AssocQueryStringW

  PathIsDirectoryW

  StrTrimA

  StrStrIA

  StrStrIW

  StrCmpIW

  SHGetValueW

  SHGetValueA

  SHAutoComplete

  PathCompactPathW

  PathIsRelativeW

  PathFindFileNameA

  PathRenameExtensionA

  PathAppendW

  PathCombineW

  PathFileExistsW

  PathIsPrefixW

  SHDeleteKeyW

  SHDeleteValueW

  PathFindExtensionW

  PathFindFileNameW

  SHSetValueW

  PathRemoveFileSpecW

  wnsprintfW

  StrToIntExW

  StrCmpNIW

  comctl32

  ord17

  ImageList_DrawEx

  InitCommonControlsEx

  _TrackMouseEvent

  gdiplus

  GdipGetPropertyItemSize

  GdipImageSelectActiveFrame

  GdipImageGetFrameCount

  GdipGetPropertyItem

  GdiplusStartup

  GdipImageGetFrameDimensionsList

  GdipImageGetFrameDimensionsCount

  GdipAlloc

  GdipFree

  GdipCreateFontFamilyFromName

  GdipDeleteFontFamily

  GdipCreateFont

  GdipCloneBrush

  GdipDeleteBrush

  GdipCreateSolidFill

  GdipCreatePen1

  GdipDeletePen

  GdipGetImageWidth

  GdipGetImageHeight

  GdipCreateImageAttributes

  GdipDisposeImageAttributes

  GdipSetImageAttributesColorMatrix

  GdipCreateFromHDC

  GdipDeleteGraphics

  GdipSetTextRenderingHint

  GdipDrawRectangleI

  GdipFillRectangleI

  GdipDrawImagePointRectI

  GdipDrawImageRectRect

  GdipDrawImageRectRectI

  GdipDeleteFont

  GdipDrawString

  GdipMeasureString

  GdipCreateStringFormat

  GdipDeleteStringFormat

  GdipSetStringFormatFlags

  GdipSetStringFormatAlign

  GdipSetStringFormatLineAlign

  GdipSetStringFormatTrimming

  GdipCloneImage

  GdipDisposeImage

  GdipCreateBitmapFromStream

  GdipCreateBitmapFromFile

  GdipCreateBitmapFromStreamICM

  GdipCreateBitmapFromFileICM

  GdiplusShutdown

  GdipDeletePath

  GdipAddPathLineI

  GdipAddPathArcI

  GdipSetPenMode

  GdipSetPenDashStyle

  GdipSetSmoothingMode

  GdipDrawLineI

  GdipDrawPath

  GdipFillEllipseI

  GdipClosePathFigure

  GdipCreateTexture

  GdipSaveImageToFile

  GdipGetImageGraphicsContext

  GdipCreateBitmapFromScan0

  GdipCreateHBITMAPFromBitmap

  GdipCloneBitmapAreaI

  GdipBitmapLockBits

  GdipBitmapUnlockBits

  GdipSetInterpolationMode

  GdipGraphicsClear

  GdipFillPath

  GdipDrawImagePointsI

  GdipGetImageEncodersSize

  GdipGetImageEncoders

  GdipAddPathArc

  GdipDrawEllipseI

  GdipLoadImageFromFile

  GdipLoadImageFromFileICM

  GdipGetImagePixelFormat

  GdipDrawImageRectI

  GdipLoadImageFromStreamICM

  GdipCreatePath

  psapi

  EnumProcesses

  GetProcessImageFileNameW

  GetModuleFileNameExW

  version

  GetFileVersionInfoW

  GetFileVersionInfoSizeW

  VerQueryValueW

  iphlpapi

  GetAdaptersInfo

  wininet

  InternetGetConnectedState

  urlmon

  URLDownloadToCacheFileW

  URLDownloadToFileW

  setupapi

  SetupIterateCabinetW

  crypt32

  CryptStringToBinaryW

  CryptBinaryToStringA

  CryptBinaryToStringW

  CryptStringToBinaryA

  msimg32

  GradientFill

  AlphaBlend

  Exports

  Exports

  InstallEntryW

  _BasicEntry@12

  _CreateApp@0

  _Start@4

  _Uninst@4

  Sections

  .text

  Size: 1.9MB - Virtual size: 1.9MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 416KB - Virtual size: 415KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 36KB - Virtual size: 62KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2.7MB - Virtual size: 2.7MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 107KB - Virtual size: 107KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ