2024-05-07_655e3d1225f7350de7b61bf39fa9ed9b_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-07_655e3d1225f7350de7b61bf39fa9ed9b_magniber
Size

7.5MB
MD5

655e3d1225f7350de7b61bf39fa9ed9b
SHA1

710aa06b31f6b22432f02b923773f905c7bcd2eb
SHA256

f825a6a33e3e79e2740aa8b32eb26c1fc024720fd6ed086be7c3db2020040ebe
SHA512

8e282acafb986d70867f799011360133913e11fa57267c369b114973fbdbd4d4ac013be093933763f11c9b4266fc15ea7cc5f6c615dac615184b2dc55746dcef
SSDEEP

98304:wDIEfoW94AsPsKI1UutC/HryTAbM0iwBEAMsW+Al8Z8ochj:OINWpRKI1Uuo/HryTAAFAMfl8Z8o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-07_655e3d1225f7350de7b61bf39fa9ed9b_magniber

Files

2024-05-07_655e3d1225f7350de7b61bf39fa9ed9b_magniber
.exe windows:5 windows x86 arch:x86

9fe76f94b63441125911b2c5329c2a09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\bamboo-agent-home\xml-data\build-dir\NUC-PPCR3-PPCRW\ServiceCenter\ServiceCenter\build\Win32\Release_Product Portal\Product Portal.pdb

Imports

libcef

cef_string_utf16_clear
cef_string_utf16_to_utf8
cef_string_utf8_to_utf16
cef_string_utf8_clear
cef_string_utf16_cmp
cef_api_hash
cef_string_userfree_utf16_free
cef_string_list_alloc
cef_string_list_free
cef_string_map_alloc
cef_string_multimap_free
cef_string_multimap_alloc
cef_string_list_copy
cef_string_multimap_append
cef_string_multimap_value
cef_string_multimap_key
cef_string_multimap_size
cef_string_map_append
cef_string_map_value
cef_string_map_key
cef_string_map_size
cef_string_list_append
cef_string_list_value
cef_string_list_size
cef_log
cef_stream_reader_create_for_handler
cef_v8value_create_function
cef_v8value_create_string
cef_v8context_get_current_context
cef_parse_url
cef_quit_message_loop
cef_run_message_loop
cef_shutdown
cef_initialize
cef_execute_process
cef_post_task
cef_currently_on
cef_process_message_create
cef_browser_host_create_browser_sync
cef_cookie_manager_get_global_manager
cef_command_line_get_global
cef_string_map_free
cef_string_utf16_set

kernel32

GetVolumeInformationA
GetLogicalDriveStringsA
GetSystemDirectoryA
SetErrorMode
GetDriveTypeA
GetThreadTimes
GetStringTypeExA
LCMapStringA
LoadLibraryA
VirtualFree
VirtualAlloc
CreateWaitableTimerW
SleepEx
CancelIo
QueueUserAPC
GetQueuedCompletionStatus
CreateIoCompletionPort
QueryPerformanceFrequency
SystemTimeToFileTime
CreateWaitableTimerA
ResumeThread
SetWaitableTimer
GetComputerNameW
SetFilePointer
WaitNamedPipeA
DuplicateHandle
CreateFileA
CreateSemaphoreA
OpenEventA
DeviceIoControl
WaitForSingleObject
CloseHandle
GetModuleHandleW
LockResource
LoadResource
SizeofResource
FindResourceW
GetLastError
SetLastError
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
PostQueuedCompletionStatus
InterlockedCompareExchange
ReleaseMutex
CreateMutexA
GetVersionExA
ExitThread
FreeLibraryAndExitThread
CreateEventA
HeapSize
GetOverlappedResult
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoA
GetUserDefaultLCID
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetSystemDirectoryW
GetWindowsDirectoryW
GetProcAddress
GetSystemInfo
GetNativeSystemInfo
GetVersionExW
FindClose
FindFirstFileW
FindNextFileW
GetLogicalDrives
GetDriveTypeW
GetVolumeInformationW
CreateProcessW
WriteFile
SetEndOfFile
SetFileTime
CreateFileW
LocalFree
GetCommandLineW
GetCurrentThreadId
GetFileAttributesW
CreateTimerQueueTimer
DeleteTimerQueueTimer
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
FreeLibrary
VirtualQuery
GetCurrentProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
CreateThread
TerminateThread
InitializeCriticalSection
ReleaseSemaphore
LoadLibraryW
SetEvent
ResetEvent
WaitForMultipleObjects
EncodePointer
DecodePointer
CreateEventW
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
InitializeSListHead
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
TerminateProcess
RaiseException
RtlUnwind
InterlockedPushEntrySList
LoadLibraryExW
GetFullPathNameW
GetFullPathNameA
GetFileAttributesExW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ReadFile
ExitProcess
GetModuleHandleExW
GetConsoleCP
GetConsoleMode
HeapAlloc
HeapFree
HeapReAlloc
GetModuleFileNameA
GetStdHandle
GetACP
GetCurrentThread
GetCurrentDirectoryW
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
SetStdHandle
ReadConsoleW
SetFilePointerEx
FlushFileBuffers
GetTimeZoneInformation
WriteConsoleW
GetProcessHeap
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WaitForSingleObjectEx

user32

GetClassInfoExW
SetTimer
KillTimer
GetWindowLongW
SetWindowLongW
GetDlgItem
GetDlgItemTextW
VkKeyScanA
SendInput
SetWindowLongA
NotifyWinEvent
GetActiveWindow
GetAsyncKeyState
AdjustWindowRectEx
GetDC
ReleaseDC
SetForegroundWindow
TrackMouseEvent
IsChild
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
GetSystemMenu
EnableMenuItem
BeginPaint
EndPaint
RegisterClassExW
ScreenToClient
GetWindowLongA
GetDesktopWindow
GetAncestor
CreateAcceleratorTableW
CreateMenu
CreatePopupMenu
CheckMenuItem
AppendMenuW
PostMessageW
TrackPopupMenu
InsertMenuItemW
GetMenuItemInfoA
SetMenuItemInfoW
RegisterClipboardFormatA
DispatchMessageA
TranslateMessage
GetMessageA
MessageBoxW
DestroyCursor
CreateCursor
LoadCursorA
GetCursorPos
SetCursor
GetMonitorInfoA
MonitorFromRect
UnregisterClassW
GetClientRect
DefWindowProcW
PostMessageA
RegisterWindowMessageA
GetWindowInfo
SetWindowTextW
LoadIconW
AdjustWindowRect
SendMessageW
LoadStringA
OpenClipboard
CloseClipboard
SetClipboardData
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetFocus
SetFocus
ShowWindow
DestroyWindow
CreateWindowExW
WaitMessage
SendMessageA
PeekMessageA
GetClipboardData
ReleaseCapture
SetCapture
WindowFromPoint
GetForegroundWindow
GetParent
EnumThreadWindows
RegisterClipboardFormatW
EmptyClipboard
IsClipboardFormatAvailable
RemoveMenu
DrawMenuBar
IsWindowEnabled
EnableWindow
IsWindow
DestroyAcceleratorTable
GetKeyState
DestroyMenu
PostQuitMessage

shell32

DragQueryFileW
DragQueryFileA
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderPathA
FindExecutableW
ShellExecuteW
SHGetFolderPathW
SHGetKnownFolderPath
ShellExecuteExW

ole32

OleInitialize
OleUninitialize
RegisterDragDrop
RevokeDragDrop
CoCreateInstance
CoTaskMemAlloc
DoDragDrop
ReleaseStgMedium
CoTaskMemFree

shlwapi

PathCreateFromUrlW

crypt32

CertFindCertificateInStore
CertCloseStore
CertFreeCertificateContext
CryptImportPublicKeyInfo
PFXImportCertStore

gdi32

DeleteDC
CreateCompatibleDC
BitBlt
CreateDIBSection
DeleteObject
SelectObject
CreateFontA

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

advapi32

CryptReleaseContext
CryptAcquireContextA
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
CryptGenRandom
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptVerifySignatureA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyW

oleaut32

SysAllocString
VariantClear

d3d9

Direct3DCreate9

wintrust

WinVerifyTrust

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo

gdiplus

GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteFontFamily
GdipDeleteFont
GdipDeleteStringFormat
GdipAlloc
GdiplusStartup
GdipStringFormatGetGenericDefault
GdipMeasureString
GdipDrawString
GdipPrivateAddFontFile
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdipCreateFont
GdipGetCellDescent
GdipGetCellAscent
GdipGetEmHeight
GdipGetFamilyName
GdipGetGenericFontFamilySansSerif
GdiplusShutdown
GdipCloneBrush
GdipDeleteBrush
GdipCloneFontFamily
GdipCreateSolidFill
GdipCreateFontFamilyFromName
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipFlush
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipDisposeImage
GdipFree

oleacc

AccessibleObjectFromWindow
LresultFromObject

ws2_32

inet_ntoa
socket
getsockopt
ioctlsocket
connect
closesocket
__WSAFDIsSet
gethostbyaddr
recv
getservbyport
getservbyname
bind
WSAGetLastError
WSASetLastError
select
getsockname
gethostbyname
send
inet_addr
ntohs
ntohl
htons
htonl
WSACleanup
WSAStartup
listen

rpcrt4

UuidCreateSequential

imagehlp

ImageAddCertificate
ImageEnumerateCertificates
ImageGetCertificateHeader
ImageGetCertificateData

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

InternetGetConnectedState

psapi

EnumProcessModules
GetModuleInformation

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 171KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fe76f94b63441125911b2c5329c2a09

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libcef

kernel32

user32

shell32

ole32

shlwapi

crypt32

gdi32

comdlg32

advapi32

oleaut32

d3d9

wintrust

winmm

setupapi

gdiplus

oleacc

ws2_32

rpcrt4

imagehlp

version

wininet

psapi

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 171KB - Virtual size: 284KB

.gfids Size: 2KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 13B

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 299KB - Virtual size: 298KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 171KB - Virtual size: 284KB

.gfids
Size: 2KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 13B

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 299KB - Virtual size: 298KB