2024-05-03_06866ad9dc338cb00870cd9c070c27f5_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-03_06866ad9dc338cb00870cd9c070c27f5_magniber
Size

1.6MB
MD5

06866ad9dc338cb00870cd9c070c27f5
SHA1

e880726fcd622c1211189f33b87380efbb854d6c
SHA256

f8b4c2f87ed7039474eeb60470cce2b52ed2bb18f9dce67fbbfd69990246bf7a
SHA512

70fd18c6402724d876d5e010cc360a0da9534cbc986cb0660be354e9771b17cf6ee8ca9a4617ab30f6fb8f7f0586a6299db664fead73527821857a9d34cf64d8
SSDEEP

49152:5vKMvUBmrMcrLNFu3r1d0MFEtRn0uG7z6wZGi48:5vM1+GHx4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-03_06866ad9dc338cb00870cd9c070c27f5_magniber

Files

2024-05-03_06866ad9dc338cb00870cd9c070c27f5_magniber
.exe windows:6 windows x86 arch:x86

1ed486a4145fed14c96294d2165a7978

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\HSRTeam\Repository\Primary\Patcher\hsrpatcher\Build\HSRPatcher.pdb

Imports

kernel32

MoveFileExA
WaitForSingleObjectEx
GetLastError
GetEnvironmentVariableA
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
SetLastError
FormatMessageA
GetFileSizeEx
GetCurrentDirectoryA
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
SetFilePointer
SetFileTime
SystemTimeToFileTime
GetModuleFileNameA
FindFirstFileW
GetModuleFileNameW
GetCurrentDirectoryW
CreateDirectoryW
FindNextFileW
WideCharToMultiByte
CreateFileW
DeleteFileA
DeleteFileW
RemoveDirectoryA
GetSystemTime
GetFullPathNameW
GetFullPathNameA
SetCurrentDirectoryA
SetCurrentDirectoryW
GetComputerNameW
CreateSemaphoreW
CreateSemaphoreA
GetComputerNameA
OutputDebugStringA
OutputDebugStringW
DebugBreak
IsDebuggerPresent
CheckRemoteDebuggerPresent
SetEndOfFile
WriteConsoleW
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
MultiByteToWideChar
GetTickCount
QueryPerformanceCounter
VerifyVersionInfoA
LoadLibraryA
GetProcAddress
GetModuleHandleA
FreeLibrary
GetSystemDirectoryA
QueryPerformanceFrequency
VerSetConditionMask
SleepEx
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
SetConsoleCtrlHandler
SetConsoleTitleA
ExitProcess
Sleep
CloseHandle
WriteFile
FindNextFileA
FindFirstFileA
FindClose
CreateFileA
GetConsoleWindow
GetCurrentProcess
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
RemoveDirectoryW
GetStdHandle
GetOEMCP
IsValidCodePage
FindFirstFileExW
FindFirstFileExA
GetProcessHeap
HeapSize
GetTimeZoneInformation
MoveFileExW
SetStdHandle
FlushFileBuffers
GetFileAttributesExW
CreateProcessW
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetCurrentThread
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetACP
GetCommandLineW
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
SetFilePointerEx
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
GetModuleHandleExW
InterlockedFlushSList
InterlockedPushEntrySList
LoadLibraryExW
RtlUnwind
RaiseException
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsProcessorFeaturePresent
FormatMessageW
GetStringTypeW
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetCPInfo
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess

user32

wsprintfA
MessageBoxA

shell32

ShellExecuteExW
ShellExecuteExA

advapi32

CryptAcquireContextA
CryptGetHashParam
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptImportKey
CryptEncrypt
GetTokenInformation
GetUserNameW
OpenProcessToken
GetUserNameA
CryptReleaseContext

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptStringToBinaryA
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertOpenStore
CertFreeCertificateChain

wldap32

ord143
ord46
ord211
ord60
ord45
ord41
ord22
ord26
ord27
ord32
ord33
ord35
ord79
ord30
ord200
ord301
ord50

ws2_32

connect
bind
inet_pton
getpeername
send
recv
closesocket
getsockname
getsockopt
htons
ntohs
setsockopt
socket
WSASetLastError
WSAIoctl
WSAStartup
WSACleanup
accept
htonl
listen
ioctlsocket
__WSAFDIsSet
select
getaddrinfo
freeaddrinfo
recvfrom
sendto
gethostname
ntohl
WSAGetLastError

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ed486a4145fed14c96294d2165a7978

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

advapi32

crypt32

wldap32

ws2_32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 201KB - Virtual size: 200KB

.data Size: 8KB - Virtual size: 27KB

.gfids Size: 2KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 50KB - Virtual size: 50KB

.reloc Size: 52KB - Virtual size: 51KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 201KB - Virtual size: 200KB

.data
Size: 8KB - Virtual size: 27KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 50KB - Virtual size: 50KB

.reloc
Size: 52KB - Virtual size: 51KB