2024-04-20_f2d38077a5b6ce78e36340e3b1c46cc8_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-20_f2d38077a5b6ce78e36340e3b1c46cc8_magniber
Size

646KB
MD5

f2d38077a5b6ce78e36340e3b1c46cc8
SHA1

89deab36145b0ac7b1cd942272877860acc3e9e9
SHA256

0a06db36f49bbd56f615017b2ec52c8b66eb159d0cae5c713217cd890ee7a28d
SHA512

f0e55164b82fcee6aa0c8d5af481e4340190286c19f653d1296749000000903339eb98484601c9c4814368e352a37497349be0c932c0ca644646d45750846a1e
SSDEEP

12288:zstWBCE9vAKtb2mp3+EHbz31h6xqOezGJ4Vd30TTTIS9E:ItWwwvAKX7z3igOdJ4V90T3IS9E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-20_f2d38077a5b6ce78e36340e3b1c46cc8_magniber

Files

2024-04-20_f2d38077a5b6ce78e36340e3b1c46cc8_magniber
.exe windows:5 windows x86 arch:x86

2991280ae1f22ba4d14181a2e89fd361

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\vmagent_new\bin\joblist\240045\out\Release\360FileUnlock.pdb

Imports

kernel32

CreateThread
GetPrivateProfileIntW
ReadFile
FlushFileBuffers
WriteFile
GetFileSize
Sleep
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetModuleHandleA
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
InterlockedExchange
SetConsoleCtrlHandler
HeapSize
GetModuleFileNameA
CreateToolhelp32Snapshot
FatalAppExitA
HeapDestroy
HeapCreate
GetCurrentThread
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
GetStartupInfoW
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
WideCharToMultiByte
TlsFree
TlsAlloc
ReleaseMutex
HeapWalk
HeapLock
OpenThread
HeapUnlock
TlsSetValue
WaitForSingleObject
TlsGetValue
CreateMutexW
GetFileSizeEx
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
CreateFileA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
Process32FirstW
Process32NextW
GetSystemDirectoryW
GetPrivateProfileStringW
GetTickCount
GetCommandLineW
LockResource
OpenProcess
TerminateProcess
OutputDebugStringW
DebugBreak
GetCurrentDirectoryW
SetCurrentDirectoryW
FindNextFileW
GetTempPathW
GetTempFileNameW
DeleteFileW
FindFirstFileW
FindClose
lstrlenA
lstrcpynW
CloseHandle
GetFileAttributesW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
SetLastError
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenW
CreateProcessW
GetProcAddress
GetCurrentThreadId
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
LoadLibraryW
GetCurrentProcess
FlushInstructionCache
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetCurrentProcessId
CreateFileW
DeviceIoControl
GetStdHandle

user32

GetActiveWindow
DialogBoxParamW
DestroyWindow
CharNextW
UnregisterClassA
SetWindowLongW
GetDesktopWindow
OffsetRect
SetRect
GetDC
GetCapture
GetWindowDC
ReleaseDC
GetCursorPos
GetSystemMetrics
SetForegroundWindow
LoadIconW
CharLowerW
SendDlgItemMessageW
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
DefWindowProcW
EnableWindow
ShowWindow
BringWindowToTop
SetWindowTextW
PostMessageW
EndDialog
GetDlgItem
wvsprintfW
IsRectEmpty
SetWindowPos
MoveWindow
GetWindowTextW
LoadImageW
DestroyIcon
GetIconInfo
DrawIconEx
PtInRect
WindowFromPoint
ReleaseCapture
SetWindowRgn
GetParent
ChildWindowFromPoint
SetFocus
SetCapture
IsWindowEnabled
RedrawWindow
ClientToScreen
SetCursor
InvalidateRect
UpdateWindow
MessageBoxW
RegisterClassExW
CreateWindowExW
DrawTextW
GetWindowLongW
EndPaint
BeginPaint
LoadStringW
CopyRect
LoadCursorW
GetClassInfoExW
IsWindow
KillTimer
SetTimer
ScreenToClient
GetClientRect
GetWindowRect
CallWindowProcW
SendMessageW
SetDlgItemTextW

gdi32

CreatePatternBrush
LineTo
CreateBitmap
SetROP2
GetROP2
PatBlt
CreateFontIndirectW
GetObjectW
CreatePolygonRgn
CreateSolidBrush
CreatePen
RoundRect
Rectangle
BitBlt
DeleteDC
SetTextColor
DeleteObject
CreateCompatibleBitmap
SetViewportOrgEx
SelectObject
CreateCompatibleDC
CreateFontW
SetBkColor
ExtTextOutW
ExcludeClipRect
GetClipBox
SetBkMode
CreateDCW
MoveToEx

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegDeleteValueW

shell32

SHGetFileInfoW
ExtractIconW
SHFileOperationW
ShellExecuteW

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemAlloc

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocStringByteLen
SysStringLen
SetErrorInfo
VariantChangeType
GetErrorInfo
CreateErrorInfo
SysStringByteLen
SysAllocString
VarUI4FromStr

shlwapi

PathAppendW
PathFileExistsW
SHSetValueW
PathFindFileNameW
PathIsRelativeW
SHGetValueW
StrCmpW
StrCmpIW
StrCmpNW
StrRChrW
PathRemoveFileSpecW
PathCombineW

comctl32

ImageList_ReplaceIcon
ImageList_Create
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
InitCommonControlsEx

msimg32

GradientFill

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

crypt32

CertGetNameStringW

psapi

GetModuleFileNameExW
EnumProcessModules

Sections

.text
Size: 469KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2991280ae1f22ba4d14181a2e89fd361

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

wintrust

crypt32

psapi

Sections

.text Size: 469KB - Virtual size: 468KB

.rdata Size: 67KB - Virtual size: 66KB

.data Size: 15KB - Virtual size: 23KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 469KB - Virtual size: 468KB

.rdata
Size: 67KB - Virtual size: 66KB

.data
Size: 15KB - Virtual size: 23KB

.rsrc
Size: 80KB - Virtual size: 80KB