2024-04-25_67d305b2951cfabee2244dfac0898ee0_mafia_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-25_67d305b2951cfabee2244dfac0898ee0_mafia_magniber
Size

3.7MB
MD5

67d305b2951cfabee2244dfac0898ee0
SHA1

92d042f8fc72bb52a823ce8015e7373703bb53e5
SHA256

0e2fdf235aeded28f01f55ce2d1721985523154c2e16bdfb7b2cc8886d0f18ba
SHA512

044ec2cd1c542f6563417bd560b816825cb4cc5568845ae9e27797cf5aab3c3b01745aa82544079d33876268c57d2c53218cf6aba84a7ae6b14da298b1cdc7fb
SSDEEP

98304:Xut4CWskncYnl5O65bI7lBJJRTGKE+MT9KfyBX2lO7baoj9ghi1RebMIg9Cbk/V:X6kvkpJWQ6X2lO7baojDIg9Cbk/V8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-25_67d305b2951cfabee2244dfac0898ee0_mafia_magniber

Files

2024-04-25_67d305b2951cfabee2244dfac0898ee0_mafia_magniber
.exe windows:5 windows x86 arch:x86

2df73327350295ef5a84fda0650845f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\SourceControlProjects\FL\FL\LF\TrialRelease\LockFolder.pdb

Imports

fltlib

FilterSendMessage
FilterConnectCommunicationPort

libeay32

ord151
ord120
ord95
ord944
ord304
ord420
ord484
ord1882
ord93
ord78
ord52
ord315
ord3857
ord255
ord323
ord943
ord2081
ord66
ord400
ord486
ord150
ord161
ord3686
ord129
ord654
ord2034
ord298
ord224
ord3188
ord3212
ord469
ord1804
ord197
ord2415
ord2416
ord2412
ord490
ord493
ord497
ord2602
ord259
ord3019
ord3879
ord256
ord258
ord227
ord3873
ord3816
ord3836
ord223

ssleay32

ord74
ord183

kernel32

FindResourceExW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
HeapFree
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapAlloc
HeapReAlloc
ExitProcess
SetStdHandle
GetFileType
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapQueryInformation
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetConsoleCP
GetConsoleMode
LCMapStringW
GetTimeZoneInformation
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
GetWindowsDirectoryW
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
GetTempPathW
GlobalFlags
LocalReAlloc
InitializeCriticalSection
GlobalHandle
LocalAlloc
FileTimeToSystemTime
GlobalGetAtomNameW
ReleaseActCtx
CreateActCtxW
GlobalReAlloc
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileW
DeleteFileW
CreateFileW
GetThreadLocale
GetStringTypeExW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
ReplaceFileW
SystemTimeToFileTime
GetFileAttributesW
GetUserDefaultLCID
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringA
ResumeThread
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
FreeLibrary
CompareStringW
lstrcmpW
GetCurrentProcessId
GetModuleFileNameW
ActivateActCtx
DeactivateActCtx
FreeResource
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
InterlockedExchange
GetSystemTimeAsFileTime
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsGetValue
GetExitCodeThread
WaitForSingleObject
SetThreadPriority
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
lstrlenA
WideCharToMultiByte
SetLastError
GetCurrentDirectoryW
GetProcAddress
LoadLibraryW
Process32NextW
CreateToolhelp32Snapshot
GetCurrentProcess
GetProcessId
lstrlenW
lstrcpyW
InterlockedDecrement
InterlockedIncrement
CloseHandle
QueryDosDeviceW
GetLogicalDriveStringsW
Sleep
GetLastError
GetTickCount
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualProtect
GetNumberFormatW
lstrcmpiW
GetProfileIntW
SearchPathW

user32

GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
GetWindow
SetWindowsHookExW
UnhookWindowsHookEx
GetCursorPos
IsChild
IsCharLowerW
GetWindowRect
PtInRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
SendDlgItemMessageW
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetClassNameW
LoadBitmapW
InvalidateRect
FillRect
DrawStateW
PostMessageW
RedrawWindow
IsRectEmpty
ClientToScreen
GetClientRect
PostQuitMessage
UpdateWindow
SendMessageW
MessageBeep
SetForegroundWindow
EnableWindow
SetActiveWindow
WinHelpW
CallNextHookEx
SendDlgItemMessageA
HideCaret
ValidateRect
InvertRect
CharUpperBuffW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
FrameRect
CopyIcon
UnregisterClassW
SubtractRect
SetCursorPos
GetUpdateRect
GetDoubleClickTime
DrawIcon
DestroyCursor
GetIconInfo
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EnumChildWindows
SetClassLongW
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
GetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
RealChildWindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
LoadIconW
RegisterWindowMessageW
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
SetDlgItemTextW
IsDialogMessageW
SetWindowTextW
ReleaseCapture
WindowFromPoint
SetCapture
DrawFocusRect
DrawFrameControl
DrawEdge
SetParent
LockWindowUpdate
BringWindowToTop
DrawIconEx
DestroyIcon
MoveWindow
ShowWindow
GetWindowRgn
GetTabbedTextExtentW
CreateMenu
EndDialog
MapVirtualKeyExW
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
OpenClipboard
IsClipboardFormatAvailable
GetAsyncKeyState
IsMenu
GetMenuItemInfoW
LoadCursorW
KillTimer
SetTimer
GetSystemMenu
SetMenuDefaultItem
DeleteMenu
CreatePopupMenu
IntersectRect
DestroyAcceleratorTable
NotifyWinEvent
CharUpperW
MapVirtualKeyW
GetKeyNameTextW
IsIconic
SetRect
SetRectEmpty
ShowOwnedPopups
SetCursor
DestroyMenu
WaitMessage
PostThreadMessageW
LoadMenuW
GetSysColorBrush
MonitorFromPoint
GetSystemMetrics
SetWindowRgn
InflateRect
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
SystemParametersInfoW
OffsetRect
IsZoomed
GetMessageW
TranslateMessage
GetFocus
TranslateAcceleratorW

gdi32

CreateSolidBrush
GetObjectW
GetStockObject
GetDeviceCaps
SetPixelV
EnumFontFamiliesExW
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetWindowOrgEx
CopyMetaFileW
CreateDCW
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateRoundRectRgn
GetTextExtentPoint32W
CreateFontIndirectW
CreateCompatibleBitmap
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateRectRgnIndirect
PatBlt
GetTextMetricsW
SetDIBColorTable
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
GetMapMode
OffsetRgn
GetRgnBox
GetViewportOrgEx
LPtoDP
CreatePalette
GetPaletteEntries
GetCharWidthW
GetNearestPaletteIndex
GetSystemPaletteEntries
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
DeleteObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

GetJobW
OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyW
RegCreateKeyExW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatusEx
ControlService
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegSetValueW
GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegDeleteKeyW
StartServiceW

shell32

ExtractIconW
SHGetPathFromIDListW
SHBrowseForFolderW
DragAcceptFiles
SHChangeNotify
DragQueryFileW
SHGetFileInfoW
SHAppBarMessage
DragFinish
ShellExecuteW
SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation
SHAddToRecentDocs

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW

ole32

DoDragDrop
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoInitialize
CreateStreamOnHGlobal
OleGetClipboard
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
OleDestroyMenuDescriptor
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoTaskMemFree
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx

oleaut32

VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
SysStringLen
SysAllocString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageRectI

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 405KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2df73327350295ef5a84fda0650845f5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

fltlib

libeay32

ssleay32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 405KB - Virtual size: 405KB

.data Size: 35KB - Virtual size: 66KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 186KB - Virtual size: 186KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 405KB - Virtual size: 405KB

.data
Size: 35KB - Virtual size: 66KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 186KB - Virtual size: 186KB