2024-05-04_a14f231001f80c62659ce4d6f7ea1b74_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-04_a14f231001f80c62659ce4d6f7ea1b74_magniber
Size

19.0MB
MD5

a14f231001f80c62659ce4d6f7ea1b74
SHA1

a75e6e2017fab3e3efd9bf116950c2e51e07dd00
SHA256

711900d78f328b0b350a6ecea7f80d4ffb19e335f427ba3047fd51e4c77779de
SHA512

a2dd6b21fac9e3c089e808ae01dcfe24c3358afe81038aede2f55792e553b054215849d214a3e18ce26538e32312eb8a989e3aa322a2be9b67c4356d2b6ecd9d
SSDEEP

393216:TlCRJmFulc6kfsxs3YRksQWH93cXixHsZ:TlCRJmRPOkr43Nxo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-04_a14f231001f80c62659ce4d6f7ea1b74_magniber

Files

2024-05-04_a14f231001f80c62659ce4d6f7ea1b74_magniber
.exe windows:5 windows x86 arch:x86

e783a30a339186f171daae995d437e9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Build\studioone_2_0\build\win\Release\Studio One.pdb

Imports

ipp

ippsFFTFree_R_32f
ippsFFTInitAlloc_R_32f
ippsFFTGetBufSize_R_64f
ippsFFTInitAlloc_R_64f
ippsFFTFwd_RToPerm_32f
ippsFFTFree_R_64f
ippsFFTGetBufSize_R_32f
ippsFFTFwd_RToPerm_64f

kernel32

GetACP
FlushFileBuffers
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
ReadFile
GetConsoleMode
GetConsoleCP
GetCommandLineW
SetDllDirectoryW
GetModuleFileNameW
LocalFree
DecodePointer
GetCommandLineA
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
LCMapStringW
MultiByteToWideChar
HeapFree
LoadLibraryW
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
HeapReAlloc
HeapAlloc
RaiseException
IsValidCodePage
GetOEMCP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapCreate
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetCurrentThread
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetLastError
GetLocaleInfoW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
GetProcAddress
HeapSize
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
EncodePointer

shell32

CommandLineToArgvW

ccltext

CreateXmlParser
CreateRegularExpression
ccl_check_heap
CreateCStringDictionary
ParseVariantString
HashCString
CreateMutableCString
CreateXmlWriter
CreateStringDictionary
CreateDataTransformer
CreateTransformStream
GetEmptyString
CreateTextWriter
GetUnicodeUtilities
ccl_realloc
CreateTextStreamer
GetConstantCString
GetConstantString
ccl_free
ccl_malloc

cclsystem

DebugBreakPoint
DebugReportWarning
SpinLockTryLock
DebugPrintString
DebugPrintCString
CreateSyncPrimitive
CreateUID
GetModuleIdentifier
DebugExitProcess
GetAtomTable
GetErrorHandler
GetObjectTable
GetMainModuleRef
AtomicTestAndSetPtr
GetThreadSelfID
GetMainThread
CreateNativeThread
SpinLockLock
SpinLockUnlock
ThreadSleep
GetProfileTime
CreateAtomicStack
GetThreadSelf
CreateAdvancedLock
GetMediaThreadService
CreateThreadPool
LockMemory
GetMemoryAllocator
CreateThreadLocalSlot
SetThreadLocalData
GetThreadLocalData
DestroyThreadLocalSlot
AtomicGet
GetExecutableLoader
GetThreadPool
GetScriptingManager
GetLocaleManager
GetLogger
GetFileTypeRegistry
GetSignalHandler
GetTypeLibRegistry
GetFileSystem
GetSystem
GetConsole
GetServiceManager
GetPackageHandler
GetFileUtilities
GetSystemTicks
GetPlugInManager
Hash

cclgui

GetSystemShell
GetGUIHelper
GetGraphicsHelper
GetAlertService
GetDesktop
GetGUI
GetWindowManager
GetCommandTable
GetWorkspaceManager
GetFrameworkConfiguration
GetHelpManager
GetClipboard
GetThemeManager
CreateFrameworkView

cclnet

GetWebService
GetWebFileService
GetTransferManager

cclsecurity

GetCryptoKeyStore
GetCryptoService
GetCredentialManager
GetAuthorizationManager

Sections

.text
Size: 8.0MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e783a30a339186f171daae995d437e9a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ipp

kernel32

shell32

ccltext

cclsystem

cclgui

cclnet

cclsecurity

Sections

.text Size: 8.0MB - Virtual size: 8.0MB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 17KB - Virtual size: 1.0MB

.rsrc Size: 8.9MB - Virtual size: 8.9MB

.text
Size: 8.0MB - Virtual size: 8.0MB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 17KB - Virtual size: 1.0MB

.rsrc
Size: 8.9MB - Virtual size: 8.9MB