2024-04-21_893d2028eea374e42ce223305c090bd3_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-21_893d2028eea374e42ce223305c090bd3_magniber
Size

4.8MB
MD5

893d2028eea374e42ce223305c090bd3
SHA1

c16425548a03256ead202b6943f0393308ad26bd
SHA256

7c58da2c6b9333a6567d5656a4d70b97d126ef3dbd265a7887e574657451dd6c
SHA512

9b2ddf36d12005bf74247212f71c18e8569a10a291be5577ac9c26e46e483ab5bac4b5e269a124a9d772f2fc8b22e58f8b6436c471acf95e1981846eb0c7dfb9
SSDEEP

98304:3JsOnQW8hL2k7OBCwKaPjjUEawf6ZaGUyVDl:3JsOn+mCCPsgfMl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-21_893d2028eea374e42ce223305c090bd3_magniber

Files

2024-04-21_893d2028eea374e42ce223305c090bd3_magniber
.exe windows:5 windows x86 arch:x86

ce7c427a2ae0a0698197640b65cb2c40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\360Game\branches\360Game_IM_2.7\360Game\build\release\360Game.pdb

Imports

kernel32

GetExitCodeThread
TlsSetValue
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
SetCurrentDirectoryW
TlsGetValue
MoveFileExW
VirtualQuery
GetCurrentProcessId
GetLongPathNameW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleA
SetProcessWorkingSetSize
ExitProcess
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
DuplicateHandle
GetWindowsDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
VirtualQueryEx
GetCurrentThread
GetThreadContext
OpenThread
GlobalMemoryStatusEx
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
QueryPerformanceCounter
CreateFileMappingW
SystemTimeToFileTime
SetEndOfFile
SetFilePointer
GetFileType
DosDateTimeToFileTime
GetCurrentDirectoryW
SetFileTime
LocalFileTimeToFileTime
CreateFileA
GetModuleFileNameA
GetThreadPriority
GetPrivateProfileSectionNamesW
WaitForMultipleObjects
WriteProcessMemory
ReadProcessMemory
VirtualProtect
GetSystemDirectoryA
WritePrivateProfileStringA
DeleteFileA
GetPrivateProfileStringA
CopyFileA
CreateFileMappingA
TlsAlloc
CreateProcessA
Module32NextW
Module32FirstW
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
InterlockedCompareExchange
InterlockedExchangeAdd
TlsFree
LocalAlloc
SetThreadContext
DeleteAtom
FindAtomW
ReleaseMutex
AddAtomW
GetAtomNameW
FormatMessageW
OutputDebugStringW
GetFileSizeEx
SetFilePointerEx
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
FlushFileBuffers
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
SetHandleCount
SetStdHandle
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetStdHandle
HeapCreate
GetCPInfo
LCMapStringA
GetStartupInfoA
GetCommandLineA
ExitThread
IsDebuggerPresent
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapSize
HeapReAlloc
HeapDestroy
DisableThreadLibraryCalls
MulDiv
GetVolumeInformationW
GetTempFileNameW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
ReleaseSemaphore
CreateSemaphoreW
lstrlenA
WideCharToMultiByte
WriteFile
FreeResource
SetThreadPriority
ResumeThread
ResetEvent
Sleep
GetVersion
GetLocalTime
lstrcpynW
GetVersionExW
TerminateProcess
GetTickCount
GetSystemDirectoryW
lstrcmpW
GetShortPathNameW
GetFileSize
ReadFile
LCMapStringW
CreateThread
FindFirstFileW
FindNextFileW
FindClose
RemoveDirectoryW
GetTempPathW
OpenProcess
GetSystemTime
CreateProcessW
CreateEventW
SetLastError
CreateMutexW
InterlockedExchange
SetEvent
WaitForSingleObject
SuspendThread
RaiseException
TerminateThread
GetCurrentProcess
FlushInstructionCache
LocalFree
GetLogicalDriveStringsW
GetDriveTypeW
GetDiskFreeSpaceExW
DeviceIoControl
CreateFileW
CloseHandle
SetFileAttributesW
CreateDirectoryW
LoadLibraryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
DeleteFileW
CopyFileW
GetCommandLineW
GetModuleFileNameW
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenW
GetCurrentThreadId
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA

user32

FindWindowW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
SetWindowLongW
BringWindowToTop
ShowWindow
IsWindowVisible
SetTimer
KillTimer
IsWindow
GetClassInfoExW
GetDlgItem
UpdateWindow
RegisterClipboardFormatW
DestroyIcon
LockSetForegroundWindow
EnumThreadWindows
CharLowerW
SetRectEmpty
PostMessageW
RegisterWindowMessageW
DefWindowProcW
DestroyWindow
UnregisterClassA
CharNextW
GetIconInfo
FindWindowExW
EnableWindow
SetClassLongW
ReleaseDC
DrawTextW
GetDC
DrawIcon
DrawIconEx
GetWindowTextW
GetWindowTextLengthW
MoveWindow
ScreenToClient
RedrawWindow
GetKeyState
IsRectEmpty
SetRect
SubtractRect
UnionRect
IntersectRect
EnumDisplaySettingsW
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetFocus
SetCursor
GetSysColor
PtInRect
GetAsyncKeyState
GetMessagePos
SetParent
ReleaseCapture
SetCapture
CopyRect
GetActiveWindow
MessageBoxW
EndPaint
BeginPaint
EnumWindows
SetPropW
PrintWindow
LoadIconW
CallNextHookEx
LoadCursorW
SetForegroundWindow
RegisterClassExW
GetWindowLongW
CallWindowProcW
CreateWindowExW
SetWindowPos
GetClientRect
OffsetRect
GetWindowThreadProcessId
GetAncestor
WindowFromPoint
GetSystemMetrics
GetDesktopWindow
GetForegroundWindow
IsIconic
SendMessageW
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetWindow
GetParent
SetWindowTextW
SetFocus
AttachThreadInput
RegisterHotKey
UnregisterHotKey
SwitchToThisWindow
AnimateWindow
GetCursorPos
InvalidateRect
MsgWaitForMultipleObjects
SendMessageTimeoutW
ClientToScreen
IsZoomed
SetActiveWindow
SystemParametersInfoW
LoadImageW
SetWindowRgn
GetPropW
PostQuitMessage
RemovePropW
GetClassNameW
UnhookWindowsHookEx
SetWindowsHookExW
FillRect
IsChild
TrackMouseEvent
UpdateLayeredWindow

gdi32

SetBrushOrgEx
StretchBlt
GetDeviceCaps
SetBkColor
CreateDIBSection
RoundRect
Rectangle
CreatePen
MoveToEx
LineTo
SetStretchBltMode
CreateDCW
GetTextExtentPoint32W
CreateRoundRectRgn
CreateRectRgn
DeleteObject
CreateCompatibleDC
SelectObject
SetViewportOrgEx
CreateCompatibleBitmap
DeleteDC
BitBlt
GetObjectW
CreateSolidBrush
GetStockObject
GetBitmapBits
SetBitmapBits
SetTextColor
CreateFontIndirectW
CombineRgn
GetDIBits
GetPixel
ExtTextOutW
SetBkMode
GetObjectA
CreateFontW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyExW
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetNamedSecurityInfoW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExA
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteA
SHGetFolderPathA
SHGetDiskFreeSpaceExW
SHGetFolderPathW
SHGetFileInfoW
SHGetMalloc
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW
ord165
SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleCreate
OleSetContainedObject
CreateStreamOnHGlobal
RevokeDragDrop
OleInitialize
OleUninitialize
CoCreateGuid
StringFromCLSID
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleaut32

SysStringByteLen
SysAllocStringByteLen
VarBstrCmp
SysStringLen
VariantCopy
SysAllocStringLen
SysAllocString
VariantClear
VariantInit
SysFreeString
VarUI4FromStr
GetErrorInfo

shlwapi

StrRStrIW
StrStrW
StrToIntA
SHDeleteValueW
UrlCanonicalizeW
UrlEscapeW
StrStrIW
StrDupW
PathFindFileNameW
StrCmpIW
PathFindExtensionW
SHGetValueW
PathGetDriveNumberW
PathBuildRootW
SHSetValueW
UrlCompareW
StrCmpW
SHRegGetPathW
StrCmpNW
PathMatchSpecW
PathCanonicalizeW
StrTrimW
PathIsURLW
PathFileExistsA
PathCombineA
StrToIntW
PathAppendW
PathAddBackslashW
StrCmpNIW
PathIsRootW
PathCombineW
PathIsDirectoryW
PathFileExistsW
PathRemoveFileSpecW

comctl32

ImageList_Remove
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Draw
ImageList_Create
InitCommonControlsEx
ImageList_Destroy

msimg32

TransparentBlt
AlphaBlend

winmm

timeKillEvent
timeSetEvent
waveOutWrite
timeGetDevCaps
PlaySoundW
timeGetTime
timeBeginPeriod

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipClonePath
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipGetImageGraphicsContext
GdipGetDC
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipDrawRectangleI
GdipDrawLineI
GdipSetTextRenderingHint
GdipReleaseDC
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipAddPathArcI
GdipCreateTexture2I
GdipCreateSolidFill
GdipSetImageAttributesColorKeys
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImageRawFormat
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipCreatePath
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeletePen
GdipCreatePen1
GdipTranslateTextureTransform
GdipDeleteBrush
GdipCreateImageAttributes
GdipAlloc
GdipFree
GdipMeasureString
GdipDrawString
GdipFillPath
GdipFillRectangleI
GdipDrawPath
GdipAddPathLineI
GdipDisposeImageAttributes

psapi

GetProcessMemoryInfo
GetMappedFileNameW
GetModuleFileNameExW

ws2_32

recv
WSAStartup
select
ntohl
socket
inet_addr
htons
connect
closesocket
send
htonl

riched20

ord4

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA
VerQueryValueW

wininet

InternetCrackUrlW
InternetCloseHandle
InternetOpenUrlW
DeleteUrlCacheEntryW
InternetConnectA
InternetOpenA
HttpSendRequestA
InternetSetOptionA
InternetSetOptionExW
InternetSetOptionExA
InternetSetCookieA
InternetSetCookieW
HttpQueryInfoW
InternetReadFile
InternetSetOptionW
HttpOpenRequestA

urlmon

URLDownloadToFileW

dsound

ord12

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 556KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce7c427a2ae0a0698197640b65cb2c40

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

winmm

gdiplus

psapi

ws2_32

riched20

version

wininet

urlmon

dsound

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 556KB - Virtual size: 556KB

.data Size: 107KB - Virtual size: 346KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.reloc Size: 182KB - Virtual size: 181KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 556KB - Virtual size: 556KB

.data
Size: 107KB - Virtual size: 346KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

.reloc
Size: 182KB - Virtual size: 181KB