D:\qba1\workspace\6441\irst_installer\SourceCode\Release\Setup.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-05-03_ba3576fbfec2f273c7bc1d74f1f16717_magniber.exe
Resource
win7-20240221-en
windows7-x64
16 signatures
150 seconds
General
-
Target
2024-05-03_ba3576fbfec2f273c7bc1d74f1f16717_magniber
-
Size
21.5MB
-
MD5
ba3576fbfec2f273c7bc1d74f1f16717
-
SHA1
18238c05a29993a9a07d46f81f9d4ac6ce781029
-
SHA256
c81fa4561e517c2f22f7c178dcd24a2d2efbd83ef90fb1f32da41d349a5e4ff2
-
SHA512
e3d9925086692fc3d167b0bcc4b9cec9978a6d1574559798045acf265bb0e82049190038e9b95becd254f60de69b4724ab3a0b43c4cafb9fdb015c5ed29f5d72
-
SSDEEP
393216:ARd02s07Nkv7iQwEhvMRjfM6rCTCu5IBMjZ2hNSBZUabtl3hRhfmKUqhnuO:ADs05Q3wEKRjfMSCTCve6NaZvhjUenu
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-05-03_ba3576fbfec2f273c7bc1d74f1f16717_magniber
Files
-
2024-05-03_ba3576fbfec2f273c7bc1d74f1f16717_magniber.exe windows:6 windows x86 arch:x86
6b34b74909bbd022f1595d5083ec73c1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
setupapi
SetupGetStringFieldW
SetupGetLineTextW
SetupFindFirstLineW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupCloseInfFile
SetupOpenInfFileW
SetupDiDestroyDeviceInfoList
SetupDiRemoveDevice
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
CM_Locate_DevNodeA
CM_Reenumerate_DevNode
SetupDiGetClassDevsW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
SetupFindNextLine
rpcrt4
RpcStringFreeW
NdrClientCall2
RpcStringBindingComposeW
RpcBindingFromStringBindingW
cfgmgr32
CM_Get_DevNode_PropertyW
kernel32
MultiByteToWideChar
CreateFileW
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
LoadResource
LockResource
SizeofResource
GetTempFileNameW
MoveFileW
MoveFileExW
ExpandEnvironmentStringsW
GetFileSize
ReadFile
GetFileAttributesW
IsWow64Process
GetCurrentProcess
CreateProcessW
GetExitCodeProcess
GetCurrentDirectoryW
GetDriveTypeW
SetFilePointer
GetProcAddress
GetTickCount
Sleep
ExitProcess
GetNativeSystemInfo
LoadLibraryExW
EnumResourceLanguagesW
GetLocaleInfoW
GetUserDefaultUILanguage
OpenMutexW
ReleaseMutex
CreateMutexW
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocalTime
GetTempPathW
CreateDirectoryW
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
DecodePointer
FileTimeToSystemTime
EnterCriticalSection
LeaveCriticalSection
CreateFileA
DeviceIoControl
GetModuleFileNameA
LoadLibraryA
CreateMutexA
OpenMutexA
ResetEvent
lstrlenA
GetDiskFreeSpaceExA
SetEvent
CreateEventA
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoA
GetFinalPathNameByHandleW
WriteFile
GetModuleHandleExW
GetSystemTimeAsFileTime
CreateSemaphoreA
GetFirmwareEnvironmentVariableA
SetFirmwareEnvironmentVariableA
GetStdHandle
HeapReAlloc
HeapFree
HeapAlloc
GetACP
ExitThread
RtlUnwind
InterlockedPushEntrySList
FreeLibraryAndExitThread
GetThreadTimes
CreateThread
GetStartupInfoW
IsDebuggerPresent
GetCurrentProcessId
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringW
CompareStringW
GetCPInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
EncodePointer
QueryPerformanceCounter
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
GetSystemPowerStatus
GetEnvironmentVariableW
FindResourceW
GetCommandLineW
VerSetConditionMask
VerifyVersionInfoW
WaitForSingleObject
DeleteFileW
RemoveDirectoryW
CopyFileW
SetFileAttributesW
GetModuleFileNameW
LocalAlloc
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
MulDiv
GetModuleHandleW
SetDefaultDllDirectories
GlobalDeleteAtom
SetLastError
GetLastError
GlobalAddAtomW
GlobalFindAtomW
LocalFree
FormatMessageW
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
ReadConsoleW
HeapSize
WriteConsoleW
OpenFileById
GetCurrentThread
WaitForSingleObjectEx
GetStringTypeW
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
user32
AdjustWindowRectEx
DrawTextW
GetWindowTextLengthW
SetRectEmpty
LoadStringW
MessageBoxIndirectW
FillRect
SetRect
GetWindowLongW
EnableWindow
SetDlgItemTextW
InvalidateRect
GetParent
GetSystemMetrics
SetWindowTextW
GetWindowTextW
GetWindow
GetDlgItem
GetClientRect
SetWindowPos
GetWindowRect
DestroyWindow
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
ShowWindow
SetWindowLongW
CreateDialogIndirectParamW
ExitWindowsEx
SendMessageW
MoveWindow
MonitorFromWindow
GetMonitorInfoW
CreateWindowExW
MessageBoxW
wsprintfW
ReleaseDC
GetDC
LoadImageW
CallWindowProcW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
OffsetRect
SetFocus
MapDialogRect
UpdateWindow
LoadCursorW
SetCursor
SetClassLongW
InflateRect
GetClassNameW
MapWindowPoints
EndDialog
CopyRect
gdi32
GetTextMetricsW
DeleteDC
StretchBlt
SelectObject
CreateCompatibleDC
SetBkMode
SetTextColor
GetObjectW
GetStockObject
CreateFontW
GetDeviceCaps
DeleteObject
BitBlt
advapi32
RegDeleteTreeW
EnumDependentServicesW
StartServiceW
ChangeServiceConfigW
RegSetKeyValueW
RegDeleteValueA
RegCreateKeyExA
TraceMessage
RegQueryValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyExA
RegSetValueExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
RegQueryValueExW
DeleteService
RegCloseKey
ControlService
OpenServiceW
CloseServiceHandle
OpenSCManagerW
QueryServiceStatusEx
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
shell32
SHGetFolderLocation
SHCreateDirectoryExW
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
SHFileOperationW
CommandLineToArgvW
ole32
CoInitialize
StringFromGUID2
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
CoUninitialize
CoTaskMemFree
OleRun
CoCreateInstance
oleaut32
GetErrorInfo
VariantClear
VariantCopy
VariantInit
SysStringLen
SysFreeString
SysAllocString
shlwapi
PathRemoveFileSpecA
PathFileExistsW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathQuoteSpacesW
PathRemoveFileSpecW
PathGetArgsW
PathRemoveArgsW
StrStrIW
PathIsRelativeW
PathCombineW
PathAppendA
PathIsUNCW
PathStripToRootW
PathSkipRootW
PathGetCharTypeW
PathMatchSpecW
PathAppendW
Exports
Exports
??0CConsolidatedError@@QAE@ABV0@@Z
??0CConsolidatedError@@QAE@W4ISDI2_ERRORS@CConsolidatedErrorGenerated@@@Z
??0CConsolidatedError@@QAE@XZ
??0GlobalLogger@@AAE@XZ
??0ISIAccelerateAction@@QAE@XZ
??1CConsolidatedError@@QAE@XZ
??1GlobalLogger@@QAE@XZ
??1ISIAccelerateAction@@QAE@XZ
??4CConsolidatedError@@QAEAAV0@ABV0@@Z
??4CConsolidatedErrorGenerated@@QAEAAV0@$$QAV0@@Z
??4CConsolidatedErrorGenerated@@QAEAAV0@ABV0@@Z
??4GlobalLogger@@AAEAAV0@$$QAV0@@Z
??BCConsolidatedError@@QBE?AU_ISI_Error@@XZ
?AddDebugInformation@CConsolidatedError@@QAAXPBDZZ
?AddDebugInformation@CConsolidatedError@@QAAXPB_WZZ
?AddErrorMessage@CConsolidatedError@@QAAXPBDZZ
?AddErrorMessage@CConsolidatedError@@QAAXPB_WZZ
?CleanupIsiError@@YAXI@Z
?CleanupIsiError@@YAXPAU_ISI_Error@@@Z
?ClearError@CConsolidatedError@@QAEXXZ
?FreeStringResources@CConsolidatedError@@AAEXXZ
?GetDebugInformation@CConsolidatedError@@QBEKPADH@Z
?GetDebugInformation@CConsolidatedError@@QBEKPA_WH@Z
?GetDebugInformation@CConsolidatedError@@QBEPBDXZ
?GetErrorCodeString@CConsolidatedError@@QBEKPADH@Z
?GetErrorCodeString@CConsolidatedError@@QBEKPA_WH@Z
?GetErrorCodeString@CConsolidatedError@@QBEPBDXZ
?GetErrorMessage@CConsolidatedError@@QBEKPADH@Z
?GetErrorMessage@CConsolidatedError@@QBEKPA_WH@Z
?GetErrorMessage@CConsolidatedError@@QBEPBDXZ
?GetSrtEolError@CConsolidatedError@@SA?AV1@XZ
?InternalAddDebugInformation@CConsolidatedError@@AAEXPBDPAD@Z
?InternalAddErrorMessage@CConsolidatedError@@AAEXPBDPAD@Z
?IsBusy@CConsolidatedError@@QBE_NXZ
?IsError@CConsolidatedError@@QBE_NXZ
?IsPending@CConsolidatedError@@QBE_NXZ
?IsSuccessful@CConsolidatedError@@QBE_NXZ
?MAX_ERROR_STRING_SIZE@CConsolidatedError@@2HB
?MapIsiStatus@CConsolidatedError@@ABE?AW4ISDI2_ERRORS@CConsolidatedErrorGenerated@@W4_ISI_Status@@@Z
?NO_ID@GlobalLogger@@2IB
?SMALL_STRING_SIZE@CConsolidatedError@@2HB
?SetError@CConsolidatedError@@QAEXV1@@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERRORS@CConsolidatedErrorGenerated@@PBD1@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERRORS@CConsolidatedErrorGenerated@@PBD@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERRORS@CConsolidatedErrorGenerated@@PB_W1@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERRORS@CConsolidatedErrorGenerated@@PB_W@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERROR_TYPE@1@KPBD@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERROR_TYPE@1@KPB_W@Z
?SetError@CConsolidatedError@@QAEXW4_ISI_Status@@PBD1@Z
?SetError@CConsolidatedError@@QAEXW4_ISI_Status@@PB_W1@Z
?SetErrorCodeString@CConsolidatedError@@AAEXXZ
?SetLoggingOff@GlobalLogger@@SAXXZ
?SetLoggingOn@GlobalLogger@@SAXXZ
?__autoclassinit2@CConsolidatedError@@QAEXI@Z
?__autoclassinit2@GlobalLogger@@QAEXI@Z
?_disableLogging@GlobalLogger@@0_NA
?checkIfDiskPairValid@ISIAccelerateAction@@UAE?AU_ISI_Error@@IIAAW4_ISI_NgsaDiskPairStatus@@@Z
?checkIfDiskValid@ISIAccelerateAction@@UAE?AU_ISI_Error@@IW4_ISI_NgsaDiskConcatenationMember@@AAW4_ISI_NgsaDiskValidForConcatenationStatus@@@Z
?clean@GlobalLogger@@QAEXI@Z
?configDiskAcceleration@ISIAccelerateAction@@UAE?AU_ISI_Error@@IW4_ISI_NvcMode@@@Z
?configVolumeAcceleration@ISIAccelerateAction@@UAE?AU_ISI_Error@@IW4_ISI_NvcMode@@@Z
?doClearBlockCache@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doCreateCacheVolumeTask@ISIAccelerateAction@@UAE?AU_ISI_Error@@I@Z
?doDisassociate@ISIAccelerateAction@@UAE?AU_ISI_Error@@ABU_ISI_VolumeInfo@@@Z
?doNgsaAutomation@ISIAccelerateAction@@UAE?AU_ISI_Error@@AAI@Z
?doNgsaDisableOneStep@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doNgsaEnableOneStep@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doNgsaStartTools@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doResetVolportPerformanceCounters@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doSeparateConcatenation@ISIAccelerateAction@@UAE?AU_ISI_Error@@I@Z
?doSeparateConcatenationNoSync@ISIAccelerateAction@@QAE?AU_ISI_Error@@XZ
?get@GlobalLogger@@SAAAV1@XZ
?getConcatenationMigrationStatus@ISIAccelerateAction@@UAE?AU_ISI_Error@@AAH00AAW4_ISI_NgsaMigrationType@@@Z
?getError@GlobalLogger@@QAE?AVCConsolidatedError@@I_N@Z
?getLastError@GlobalLogger@@QAE?AVCConsolidatedError@@_N@Z
?getLastId@GlobalLogger@@QAEIXZ
?getMaxCacheSize@ISIAccelerateAction@@SA_K_N@Z
?getMinCacheSize@ISIAccelerateAction@@SA_K_N@Z
?getNgsaDiskPairStatuses@ISIAccelerateAction@@UAE?AU_ISI_Error@@IW4_ISI_NgsaDiskPairScope@@QAU_ISI_NgsaDiskPair@@AAI@Z
?getNgsaDiskPairStatuses@ISIAccelerateAction@@UAE?AU_ISI_Error@@W4_ISI_NgsaDiskPairScope@@QAU_ISI_NgsaDiskPair@@AAI@Z
?getNgsaInfo@ISIAccelerateAction@@QAE?AU_ISI_NgsaInfo@@XZ
?resetCacheToAvailable@ISIAccelerateAction@@UAE?AU_ISI_Error@@I@Z
?setCacheVolSize@ISIAccelerateAction@@UAEX_K@Z
?setError@GlobalLogger@@QAEIABVCConsolidatedError@@@Z
?setError@GlobalLogger@@QAEIABVCConsolidatedError@@AAU_ISI_Error@@@Z
?setFastDisk@ISIAccelerateAction@@UAEXI@Z
?setFileCacheSize@ISIAccelerateAction@@UAEXI@Z
?setMigrationStart@ISIAccelerateAction@@UAEX_K@Z
?setPreservePinningData@ISIAccelerateAction@@UAEX_N@Z
?setSeparationSafe@ISIAccelerateAction@@UAEX_N@Z
?setSlowDisk@ISIAccelerateAction@@UAEXI@Z
?turnOffVolumeOrDiskAcceleration@ISIAccelerateAction@@UAE?AU_ISI_Error@@I@Z
?waitForNvcMode@ISIAccelerateAction@@UAE?AU_ISI_Error@@IW4_ISI_NvcMode@@@Z
GetLPCId
ISI_NgsaDiskPairStatusToDescription
ISI_NgsaDiskValidForConcatenationStatusToDescription
ISI_NgsaOperationStatusToDescription
IsiAddDisksToArray
IsiArraySetWriteCacheState
IsiCacheVolumeCreateFromArray
IsiCacheVolumeCreateFromDisks
IsiDiskAssignStoragePool
IsiDiskClaim
IsiDiskClearMetadata
IsiDiskDestroyCache
IsiDiskGetPartitionTableInfos
IsiDiskMarkAsFailed
IsiDiskMarkAsNormal
IsiDiskMarkAsSpare
IsiDiskMarkOffline
IsiDiskMarkOnline
IsiDiskResetSmartEvent
IsiDiskSetCacheBufferFlushSetting
IsiDiskSetCacheMode
IsiDiskSetCacheSpindownPolicy
IsiDiskSetSmartEvent
IsiDiskSetWriteCachingPolicySetting
IsiDiskUnlock
IsiDiskUnmarkAsSpare
IsiExpandVolume
IsiFinalize
IsiGetArrayHandles
IsiGetArrayHandlesByControllerHandle
IsiGetArrayInfo
IsiGetControllerHandles
IsiGetControllerInfo
IsiGetDiskIdentifyData
IsiGetEndDeviceHandles
IsiGetEndDeviceInfo
IsiGetErrorDebugMessage
IsiGetErrorMessage
IsiGetIsmArrays
IsiGetIsmEndDevices
IsiGetIsmVolumes
IsiGetLastErrorDebugMessage
IsiGetLastErrorMessage
IsiGetMiddlewareVersionInfo
IsiGetNgsaDiskPairHandles
IsiGetNgsaDiskPairInfo
IsiGetNgsaHandles
IsiGetNgsaInfo
IsiGetNgsaInfoEx
IsiGetNvCachePolicyStatInfo
IsiGetNvCacheStat2Info
IsiGetNvCacheStatInfo
IsiGetNvCacheUnifiedStats
IsiGetNvcInfo
IsiGetOptaneOptimizationInfo
IsiGetRaidInfo
IsiGetRaidInfoHandles
IsiGetRaidLevelInfo
IsiGetRdpDictEndDevices
IsiGetSystemInfo
IsiGetVolportPerformanceCounters
IsiGetVolumeHandles
IsiGetVolumeInfo
IsiGetVolumeMigrationRange
IsiGetZpoddInfo
IsiInitialize
IsiNvcDisassociate
IsiRaidLevelModify
IsiRefreshPartitionInfo
IsiRescan
IsiSessionClose
IsiSessionOpen
IsiSetLpmStatus
IsiSetReadPatrolUnit
IsiToggleCoalescerPolicy
IsiVdsHandlerMakeSpaceForMetadataOnSystemDisk
IsiVolumeCancelVerify
IsiVolumeCreate
IsiVolumeCreateFromDisks
IsiVolumeDelete
IsiVolumeDestroyCache
IsiVolumeInitialize
IsiVolumeMarkAsNormal
IsiVolumeRebuild
IsiVolumeRename
IsiVolumeSetBufferFlush
IsiVolumeSetCacheMode
IsiVolumeSetCachePolicy
IsiVolumeSetCacheSpindownPolicy
IsiVolumeSetExportPolicy
IsiVolumeVerify
Sections
.text Size: 929KB - Virtual size: 929KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 270KB - Virtual size: 270KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 34KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didat Size: 512B - Virtual size: 84B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 377B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 19.7MB - Virtual size: 19.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 620KB - Virtual size: 624KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE