2024-04-29_1fff1dd1903716f442830769e4b799c8_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-29_1fff1dd1903716f442830769e4b799c8_magniber
Size

1.8MB
MD5

1fff1dd1903716f442830769e4b799c8
SHA1

0e4f40fbd1dfca7f30777dbe0108ab4b14e3e0e2
SHA256

6900831172f0513b8f8712f97c6b9ee7e84155b82fe5c68b720a00a908b8dcfc
SHA512

94a6a4cddaafcfbdfff9095dd09b688c5945641ddc2f92a968a48f670596907496990d880d476255a26a2aa41c60c52c90314a2016ccf9f6f1ab33925a2daefe
SSDEEP

24576:he29L6o5ycWyKij+zyjAAad3m6Fph3Z4f5zd3F7bX/ODU9Us3GaL0eAJ+xb2FzcP:he29L15yIJ7jAVPph3Z05zFd0DFc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-29_1fff1dd1903716f442830769e4b799c8_magniber

Files

2024-04-29_1fff1dd1903716f442830769e4b799c8_magniber
.exe windows:4 windows x86 arch:x86

5307139e040f486f85788a065be07eba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
HeapCreate
CreateMutexW
GetLastError
HeapDestroy
ExitProcess
InitializeSListHead
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcAddress
FreeLibrary
GetModuleHandleExW
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
HeapFree
SetLastError
GetCurrentThread
HeapAlloc
EnumSystemLocalesW
LoadLibraryExW
CompareStringW
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetDateFormatW
GetLocaleInfoW
GetTempPathW
GetTimeFormatW
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
IsValidLocale
LCMapStringW
OutputDebugStringW
GetFileType
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsValidCodePage
GetCommandLineA
GetCommandLineW
FindFirstFileExW
FindNextFileW
FindClose
MultiByteToWideChar
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
SetEnvironmentVariableW
SetConsoleCtrlHandler
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapSize
HeapReAlloc
ReadFile
ReadConsoleW
SetFilePointerEx
CloseHandle
WriteConsoleW
CreateFileW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
EncodePointer
RaiseException
GetFileSize
InitializeCriticalSection
WaitForSingleObject
CreateThread
Sleep
LoadLibraryW
DuplicateHandle
CreatePipe
CreateProcessW
SetFilePointer
SetEndOfFile
DeleteFileW
GlobalLock
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
GetVersionExW
QueryPerformanceFrequency
GetTickCount
MulDiv
GetCurrentDirectoryW
GetDriveTypeW
FindFirstFileW
GetFileAttributesW
CopyFileW
MoveFileW
SetFileAttributesW
CreateDirectoryW
GetModuleHandleA
LoadLibraryA
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
ExpandEnvironmentStringsA
FormatMessageA
CreateFileA
GetFileSizeEx
lstrcmpW
UnregisterWait
RegisterWaitForSingleObject
CreateEventW
SetEvent
ResetEvent
WaitForSingleObjectEx
GetFileInformationByHandle
PeekNamedPipe
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
DecodePointer
GetFullPathNameW
SetCurrentDirectoryW
GetFileAttributesExW
GetTimeZoneInformation

user32

GetDC
SetWindowLongW
LoadIconW
SetClassLongW
GetWindowLongW
SendMessageW
InvalidateRect
UpdateWindow
CallWindowProcW
MessageBoxW
PostMessageW
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
SetWindowPos
RegisterClassExW
CreateWindowExW
PeekMessageW
TranslateMessage
DispatchMessageW
DefWindowProcW
GetPropW
RemovePropW
GetWindowTextW
SetPropW
DestroyWindow
SystemParametersInfoW
ShowWindow
GetWindow
GetParent
SetWindowTextW
GetWindowRect
MapWindowPoints
MoveWindow
RedrawWindow
GetWindowTextLengthW
SetFocus
GetSysColor
GetSysColorBrush
SetRect
DrawTextW
GetSystemMetrics
ReleaseDC
GetAsyncKeyState
GetIconInfo
BeginPaint
ReleaseCapture
DrawStateW
EndPaint
SetCapture
ScreenToClient
SetScrollPos
InflateRect
GetWindowDC
GetClientRect
GetFocus
FrameRect
DrawFocusRect
ValidateRect
GetClassNameW
FillRect
GetScrollPos
DrawFrameControl
EnumPropsExW
SetActiveWindow
DestroyIcon
LoadCursorW
IsZoomed
IsIconic
MsgWaitForMultipleObjects
GetMessageW
GetActiveWindow
TranslateAcceleratorW
GetMenu
DestroyAcceleratorTable
CreateAcceleratorTableW
RegisterClassW
AdjustWindowRectEx
UnregisterClassW
GetKeyState
IsChild
EnumChildWindows
DefFrameProcW
GetCursorPos
SetForegroundWindow
TrackPopupMenu
SetMenu
DestroyMenu
RegisterWindowMessageW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CreateIconFromResourceEx
CreateIconFromResource
CharLowerW
LoadImageW
PostQuitMessage
AdjustWindowRect

gdi32

GetDeviceCaps
DeleteObject
GetStockObject
CreateFontIndirectW
SetTextColor
SetBkColor
SelectObject
GetTextExtentPoint32W
GetObjectType
GetObjectW
ExcludeClipRect
CreateRectRgn
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateDCW
CreatePen
MoveToEx
LineTo
CreateDIBSection
CreateRectRgnIndirect
GetClipRgn
ExtSelectClipRgn
CreateSolidBrush
GetDIBits
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateBitmap
SetPixel
CreateFontW

ole32

CoInitialize
CoTaskMemFree
OleInitialize
CreateStreamOnHGlobal
GetHGlobalFromStream
RevokeDragDrop
OleCreate
OleSetContainedObject
OleUninitialize
CoInitializeEx
CoUninitialize
CoTaskMemAlloc

shell32

ShellExecuteExW
Shell_NotifyIconW
SHGetFolderPathW

ws2_32

closesocket
WSACleanup
WSAStartup
socket
recv
WSAGetLastError
send
ntohs
getsockopt
WSASetLastError
setsockopt
getpeername
getsockname
htons
bind
WSAIoctl
connect
select
__WSAFDIsSet
accept
listen
getaddrinfo
freeaddrinfo
htonl
ioctlsocket
gethostname
ntohl

crypt32

CertFreeCertificateContext
CertOpenStore
CryptStringToBinaryA
CertFindCertificateInStore
CertCloseStore
CertEnumCertificatesInStore
CertCreateCertificateChainEngine
CertGetCertificateChain
CertGetNameStringA
CertFreeCertificateChainEngine
CertFreeCertificateChain
CryptQueryObject
CertAddCertificateContextToStore

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winmm

timeBeginPeriod

shlwapi

PathFindFileNameW
PathCombineW

gdiplus

GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeleteMatrix
GdipDeletePen
GdipDeleteStringFormat
GdipFree

uxtheme

SetWindowTheme

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
SystemFunction036
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegQueryValueExW
RegOpenKeyExW

comctl32

InitCommonControlsEx
ImageList_Replace
ImageList_Add
ImageList_ReplaceIcon
ImageList_Remove
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize

oleaut32

SysFreeString
VariantInit
DispGetParam
SysAllocString
VariantClear
SysStringLen

Sections

.code
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5307139e040f486f85788a065be07eba

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

shell32

ws2_32

crypt32

version

winmm

shlwapi

gdiplus

uxtheme

advapi32

comctl32

oleaut32

Sections

.code Size: 36KB - Virtual size: 36KB

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 239KB - Virtual size: 239KB

.gfids Size: 1024B - Virtual size: 628B

.00cfg Size: 512B - Virtual size: 8B

.data Size: 130KB - Virtual size: 140KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 102KB - Virtual size: 102KB

.code
Size: 36KB - Virtual size: 36KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 239KB - Virtual size: 239KB

.gfids
Size: 1024B - Virtual size: 628B

.00cfg
Size: 512B - Virtual size: 8B

.data
Size: 130KB - Virtual size: 140KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 102KB - Virtual size: 102KB