2024-04-30_da0d960f472cf558d4257dcc341e3cf3_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-30_da0d960f472cf558d4257dcc341e3cf3_magniber
Size

3.2MB
MD5

da0d960f472cf558d4257dcc341e3cf3
SHA1

9685ceaa2232141b2ec4b11659132832f2d11d13
SHA256

8b763e16fc3de44eebe99adccdcec6f70e883c2f63e67af1f98f27ca31328515
SHA512

e4f146c4663441c78e78087543bb3af95573f89ec971a71e0184d931a5ecbd634eaa4af5c6616156a60785b463d1081f996ec21a7293caf30306e7de01626915
SSDEEP

49152:UTTDPSpYsxLtUcVEU9Qx6IPBRsWQTp1ZefXipEQ+HPTMBIeYx8Wp:UTPPvMuSEUFWQTp1ZefXix+nlp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-30_da0d960f472cf558d4257dcc341e3cf3_magniber

Files

2024-04-30_da0d960f472cf558d4257dcc341e3cf3_magniber
.exe windows:5 windows x86 arch:x86

1f0893ba648d70e5905763bd8be1eb30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\p24\live\build\game\FarmFrenzy_HurricaneSeason.pdb

Imports

kernel32

SetCurrentDirectoryW
GetModuleHandleW
GetModuleFileNameW
SetLastError
InterlockedCompareExchange
GetLastError
ReleaseSemaphore
SetEnvironmentVariableA
SetEndOfFile
SetStdHandle
GetTimeZoneInformation
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LoadLibraryExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
OutputDebugStringW
LoadLibraryW
GetProcAddress
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
GetFileSize
FindFirstFileW
SetFilePointer
MapViewOfFile
UnmapViewOfFile
WriteFile
GetFileAttributesW
ReadFile
CreateFileW
GetTempPathW
GetCurrentDirectoryW
FindClose
CreateFileMappingW
RemoveDirectoryW
FindNextFileW
CloseHandle
DeleteFileW
QueryPerformanceCounter
Sleep
CreateMutexW
SetThreadExecutionState
GetCurrentThreadId
SetUnhandledExceptionFilter
GetCurrentThread
GetLocalTime
GetCurrentProcessId
GetLocaleInfoA
GetSystemInfo
GetUserDefaultUILanguage
InterlockedDecrement
WaitForSingleObject
SetEvent
SetThreadPriority
CreateEventW
CreateThread
GetTickCount
LocalFree
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
DeleteCriticalSection
GlobalLock
GlobalAlloc
GlobalUnlock
FindResourceW
InterlockedIncrement
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetEnvironmentVariableW
GetThreadContext
ReadProcessMemory
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
OutputDebugStringA
GetVersionExA
SuspendThread
ResumeThread
GetStringTypeW
EncodePointer
RtlUnwind
HeapFree
HeapAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetStdHandle
GetFileType
GetModuleHandleExW
WriteConsoleW
GetSystemTimeAsFileTime
AreFileApisANSI
HeapReAlloc
SetFilePointerEx
ExitProcess
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
ExitThread

dbghelp

SymInitialize
SymFromAddr
MiniDumpWriteDump

gdi32

StretchBlt
GetDeviceCaps
CreateDIBSection
DeleteDC
DeleteObject
SelectObject
SetStretchBltMode
CreateCompatibleDC

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

shlwapi

PathRemoveFileSpecW
PathIsRelativeW

d3d9

Direct3DCreate9

d3dx9_43

D3DXCompileShader

openal32

alDeleteSources
alcDestroyContext
alSourceStop
alListenerfv
alGenBuffers
alSourcei
alcGetString
alSourcef
alcOpenDevice
alcCreateContext
alGenSources
alSourceUnqueueBuffers
alDeleteBuffers
alGetSourcef
alcGetError
alGetBufferi
alSourcePause
alBufferData
alcMakeContextCurrent
alGetSourcei
alSourceQueueBuffers
alGetError
alSourcePlay

user32

GetDC
PostMessageW
GetCursorPos
DispatchMessageW
GetWindowThreadProcessId
DefWindowProcW
SetWindowTextW
AdjustWindowRect
RegisterClassW
CreateWindowExW
ShowWindow
SetWindowPos
SetWindowLongW
PeekMessageW
GetAsyncKeyState
BringWindowToTop
SetCursorPos
GetWindowPlacement
LoadIconW
GetForegroundWindow
TranslateMessage
BeginPaint
ReleaseDC
EnumDisplaySettingsExW
LoadCursorW
AttachThreadInput
SetForegroundWindow
UnregisterClassW
RegisterWindowMessageW
GetWindowRect
ScreenToClient
SystemParametersInfoW
DestroyWindow
ClientToScreen
EndPaint
ReleaseCapture
SetCapture
SetClipboardData
OpenClipboard
EmptyClipboard
GetClipboardData
IsClipboardFormatAvailable
CloseClipboard
DestroyIcon
DrawIconEx
LoadImageW
MessageBoxA
ClipCursor
GetClientRect
SetCursor

advapi32

AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
GetUserNameA
SetNamedSecurityInfoW

shell32

SHCreateDirectoryExW
SHGetFolderPathW

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 518KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f0893ba648d70e5905763bd8be1eb30

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

dbghelp

gdi32

winmm

wtsapi32

shlwapi

d3d9

d3dx9_43

openal32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 518KB - Virtual size: 517KB

.data Size: 64KB - Virtual size: 335KB

.rodata Size: 3KB - Virtual size: 2KB

.rsrc Size: 277KB - Virtual size: 276KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 518KB - Virtual size: 517KB

.data
Size: 64KB - Virtual size: 335KB

.rodata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 277KB - Virtual size: 276KB