R:\My_Server_Client\New Server Gener\z_client-game-main (3)\Release\Courage Online.pdb
Static task
static1
2 signatures
Behavioral task
behavioral1
Sample
2024-05-03_aa10466224b90d3f7cc0a0ca4a97839a_magniber.exe
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-05-03_aa10466224b90d3f7cc0a0ca4a97839a_magniber.exe
Resource
win10v2004-20240419-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
2024-05-03_aa10466224b90d3f7cc0a0ca4a97839a_magniber
-
Size
4.8MB
-
MD5
aa10466224b90d3f7cc0a0ca4a97839a
-
SHA1
3ba7f755b8e5d13c9a054a6f689f8d021c3955a1
-
SHA256
c39fec91d2afdc4c7bad0a4ea9ed68e6889ef4f5be174f1de43859d8a7692bbc
-
SHA512
227c5f0a5480ef018045ce3821a0b3a165bdcceef183c700462ed7bdeb1a12b6d251368a752fd9f26da4cf036b136d664d8636c0d4212aa954d4428a95df7ed5
-
SSDEEP
98304:qDYBU4ABD8gMcz0oGvN7WLhB7goHzCd+dxAug3JshYdgeQpD1kD7ql:qDYBUv3Spd+PAug3JRypBtl
Score
10/10
Malware Config
Signatures
-
Detects executables calling ClearMyTracksByProcess 1 IoCs
resource yara_rule sample INDICATOR_SUSPICIOUS_EXE_ClearMyTracksByProcess -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-05-03_aa10466224b90d3f7cc0a0ca4a97839a_magniber
Files
-
2024-05-03_aa10466224b90d3f7cc0a0ca4a97839a_magniber.exe windows:6 windows x86 arch:x86
ccc1ad638702a25c11b5732ca1aea249
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetDriveTypeW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleOutputCP
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetConsoleMode
QueryPerformanceFrequency
GetFileType
WriteConsoleW
GetSystemTimeAsFileTime
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
GetSystemInfo
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
CompareStringEx
LCMapStringEx
GetLocaleInfoEx
GetStringTypeW
FormatMessageA
RaiseException
OutputDebugStringW
SetConsoleCtrlHandler
GetStartupInfoW
IsDebuggerPresent
SetStdHandle
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
Sleep
SearchPathW
InitializeSListHead
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
GetTickCount64
FindResourceExW
lstrcpyW
SetErrorMode
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SystemTimeToFileTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetAtomNameW
GlobalGetAtomNameW
InitializeCriticalSection
GlobalFlags
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpA
GetVersionExW
GetCurrentThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
InitializeCriticalSectionAndSpinCount
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
GetStringTypeExW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
GetThreadLocale
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
EncodePointer
OutputDebugStringA
VirtualFree
VirtualAlloc
GetLogicalDriveStringsW
FindNextFileW
FindFirstFileW
FindFirstChangeNotificationW
FindCloseChangeNotification
FindClose
MoveFileW
GetModuleHandleW
GetWindowsDirectoryW
GetSystemDirectoryW
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
SetLastError
GetTempPathW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
SetCurrentDirectoryW
GetFileInformationByHandle
GetStdHandle
SetFileTime
SetFilePointer
SetEndOfFile
ReadFile
GetFileSize
MoveFileExW
GetFileAttributesW
CompareFileTime
WideCharToMultiByte
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
FreeLibrary
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
GlobalFree
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MultiByteToWideChar
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
CreateProcessW
CreateRemoteThread
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetLastError
DeleteFileW
GetCurrentDirectoryW
GlobalLock
GlobalUnlock
GlobalAlloc
GetModuleFileNameW
CloseHandle
WriteFile
FlushFileBuffers
CreateFileW
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
GetProcAddress
HeapQueryInformation
user32
LoadImageW
DestroyIcon
TrackMouseEvent
GetDialogBaseUnits
IsRectEmpty
IntersectRect
InvalidateRgn
CopyAcceleratorTableW
GetAsyncKeyState
CopyImage
InflateRect
GetMenuItemInfoW
DestroyMenu
LoadCursorW
GetSysColorBrush
RealChildWindowFromPoint
LoadMenuW
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
GetCursorPos
TranslateMessage
GetMessageW
SetRectEmpty
SendDlgItemMessageA
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
OffsetRect
CharNextW
DeleteMenu
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
GetSysColor
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
EmptyClipboard
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
DrawStateW
SetClassLongW
SetWindowRgn
SetParent
DrawEdge
EnableWindow
SendMessageW
GetWindowLongW
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
SetTimer
KillTimer
WaitMessage
WindowFromPoint
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
CreatePopupMenu
GetMenuDefaultItem
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
GetWindowPlacement
DestroyWindow
InvertRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
GetMonitorInfoW
SetWindowLongW
GetParent
GetClientRect
GetWindowRect
PtInRect
SetWindowPos
GetDC
AdjustWindowRect
SystemParametersInfoW
LoadBitmapW
IsIconic
GetSystemMetrics
DrawIcon
LoadIconW
GetCapture
SetCapture
ReleaseCapture
InvalidateRect
ScreenToClient
SetRect
CopyRect
UnregisterClassW
CharUpperW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
ReuseDDElParam
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetClipboardData
SetCursorPos
CopyIcon
FrameRect
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
UnpackDDElParam
GetTabbedTextExtentW
GetDCEx
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageW
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
UnionRect
PostThreadMessageW
GetWindowTextW
gdi32
SetTextColor
GetBkColor
GetDeviceCaps
GetStockObject
GetTextColor
CopyMetaFileW
CreateDCW
BitBlt
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetBkColor
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
CreateRectRgnIndirect
GetRgnBox
GetMapMode
PatBlt
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
GetCurrentObject
CreateFontW
GetCharWidthW
StretchDIBits
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateBitmap
GetObjectW
SetDIBColorTable
GetDIBColorTable
StretchBlt
GetTextExtentPoint32W
SetRectRgn
CreateRectRgn
CombineRgn
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SetWindowExtEx
GetPixel
CreateSolidBrush
msimg32
AlphaBlend
TransparentBlt
winspool.drv
GetJobW
DocumentPropertiesW
OpenPrinterW
ClosePrinter
advapi32
RegSetValueExW
RegSetValueW
SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
shell32
SHGetFileInfoW
SHAddToRecentDocs
ExtractIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHGetMalloc
ShellExecuteExW
SHAppBarMessage
SHBrowseForFolderW
ShellExecuteW
comctl32
_TrackMouseEvent
shlwapi
UrlUnescapeW
PathFindExtensionW
PathIsUNCW
PathRemoveExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindFileNameW
PathStripToRootW
uxtheme
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
IsAppThemed
GetThemeSysColor
ole32
CoRevokeClassObject
OleSetClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
CoCreateInstance
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
CoRegisterClassObject
CoInitializeEx
OleUninitialize
OleInitialize
OleCreateLinkFromData
OleCreateStaticFromData
CoFreeUnusedLibraries
StringFromGUID2
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleRun
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CreateStreamOnHGlobal
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleIsCurrentClipboard
OleQueryCreateFromData
StgOpenStorage
OleFlushClipboard
oleaut32
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayCreateVector
VariantInit
VariantClear
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
SafeArrayAllocDescriptor
SafeArrayGetUBound
SysAllocString
SafeArrayDestroyData
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayLock
SafeArrayUnlock
SafeArrayGetElement
SafeArrayCopy
SetErrorInfo
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SafeArrayDestroy
SafeArrayCreate
SysFreeString
SafeArrayAllocData
SystemTimeToVariantTime
GetErrorInfo
SysAllocStringLen
SafeArrayDestroyDescriptor
CreateErrorInfo
VariantTimeToSystemTime
oledlg
OleUIBusyW
gdiplus
GdipDeleteFont
GdipDrawString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateFromHDC
GdipDeleteGraphics
GdipReleaseDC
GdipSetSmoothingMode
GdipDrawImageRectI
GdipDrawImageRectRect
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipGetImageType
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromHBITMAP
GdipBitmapGetPixel
GdiplusShutdown
GdiplusStartup
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipSetInterpolationMode
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipDeleteBrush
GdipAlloc
GdipFree
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDrawImageRect
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipSetSolidFillColor
GdipCreateSolidFill
GdipCloneBrush
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
wininet
InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetConnectW
InternetErrorDlg
InternetGetCookieW
InternetSetCookieW
HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
GopherGetAttributeW
GopherOpenFileW
InternetCrackUrlW
GopherCreateLocatorW
FtpCommandW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpCreateDirectoryW
FtpOpenFileW
FtpRenameFileW
FtpDeleteFileW
FtpPutFileW
FtpGetFileW
FtpFindFirstFileW
GopherFindFirstFileW
InternetOpenUrlW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetFindNextFileW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundW
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 622KB - Virtual size: 622KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 39KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 222KB - Virtual size: 221KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ