2024-05-08_9eeee4ae5ff146bdfe3e3a66d4abbc47_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-08_9eeee4ae5ff146bdfe3e3a66d4abbc47_magniber
Size

1.6MB
MD5

9eeee4ae5ff146bdfe3e3a66d4abbc47
SHA1

c1fecb77df5f9f264bb5a16d77fa39329b23141f
SHA256

0fadd4e605e286e40a4bf47889828648a70368dc3197b503893aefd242fdad24
SHA512

08e39be451ab01b4549f9b3e1d70262d1700954f2b8f61559b27712b5a7d33d911f89a0b97f3f16d23710178325546cfe3ad5a94a7ecf8b3a3bf21c23adb7ad3
SSDEEP

24576:ZZj12eLT0T4Iv4rQS4I0BzCo/ClcjXpEI99Il0Ebc+m+u59V:7jMeLT0TbN9LbL4GSI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-08_9eeee4ae5ff146bdfe3e3a66d4abbc47_magniber

Files

2024-05-08_9eeee4ae5ff146bdfe3e3a66d4abbc47_magniber
.exe windows:6 windows x86 arch:x86

346f750aa676ee18e4d0cb01265c6127

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
FindFirstFileA
FindNextFileA
FindClose
CreateMutexA
WaitForSingleObject
ReleaseMutex
UnmapViewOfFile
CreateSemaphoreA
ReleaseSemaphore
CreateFileMappingA
MapViewOfFileEx
CreateFileA
GetFileSizeEx
FormatMessageA
LocalFree
CreateDirectoryA
RemoveDirectoryA
SetEndOfFile
SetFilePointerEx
WriteFile
GetProcAddress
OpenProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentVariableA
SetCurrentDirectoryA
GetFileAttributesA
GetFullPathNameA
GetSystemTime
FileTimeToSystemTime
GetTimeZoneInformation
LoadLibraryA
AreFileApisANSI
GetExitCodeProcess
FreeLibrary
GetStdHandle
GetConsoleMode
VerSetConditionMask
IsWow64Process
GetProfileStringA
VerifyVersionInfoW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DeleteFileA
SetFileTime
FlushFileBuffers
GetFileTime
ReadFile
SetFilePointer
GetLastError
TlsGetValue
TlsSetValue
LocalAlloc
MapViewOfFile
OpenFileMappingA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
TlsAlloc
CreateEventA
WaitForMultipleObjects
IsBadWritePtr
OpenSemaphoreA
FlushInstructionCache
VirtualProtect
DeviceIoControl
LockFile
UnlockFile
IsBadStringPtrA
IsBadStringPtrW
GetDriveTypeA
ReadConsoleW
CreateFileW
WriteConsoleW
SetStdHandle
OutputDebugStringW
GetConsoleCP
GetModuleFileNameW
SetEnvironmentVariableA
GetOEMCP
IsValidCodePage
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExW
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
HeapReAlloc
GetModuleHandleExW
GetStartupInfoW
GetFileType
RtlUnwind
RaiseException
SwitchToThread
Sleep
GetProcessTimes
IsBadReadPtr
GetComputerNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetSystemInfo
SetLastError
GetModuleHandleA
GetModuleFileNameA
VirtualQuery
SetPriorityClass
TlsFree
SetThreadPriority
GetCurrentThread
TerminateProcess
GetProcessHeap
HeapFree
HeapAlloc
GetCurrentDirectoryA
SetConsoleCtrlHandler
OpenEventA
SetEvent
GetACP
SystemTimeToFileTime
GetTempPathA
GetLocalTime
GetDiskFreeSpaceA
GetUserDefaultUILanguage
GetExitCodeThread
GetCurrentThreadId
DuplicateHandle
GetTickCount
GetVersionExA
GetVersion
GetCurrentProcessId
ExitProcess
GetCurrentProcess
GetStringTypeW
DecodePointer
EncodePointer

user32

GetSystemMenu
AppendMenuA
LoadStringA
wsprintfA
DrawMenuBar
TranslateMessage
DispatchMessageA
GetSystemMetrics
MessageBoxA
CharLowerBuffA
CharUpperBuffA
CallMsgFilterA
PeekMessageA

shell32

ShellExecuteExA

advapi32

QueryServiceStatus
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegFlushKey
RegDeleteKeyA
RegSetValueExA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
GetUserNameA
ConvertStringSecurityDescriptorToSecurityDescriptorA
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
ReadEventLogA
CloseEventLog
OpenEventLogA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
StartServiceA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ws2_32

recvfrom
inet_addr
bind
getpeername
WSAGetLastError
socket
shutdown
setsockopt
send
sendto
recv
gethostbyname
ioctlsocket
connect
closesocket
accept
__WSAFDIsSet
gethostbyaddr
inet_ntoa
htons
WSACleanup
WSAStartup
freeaddrinfo
getaddrinfo
gethostname
getsockopt
select

Sections

__wibu00
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu01
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu02
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu03
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu04
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu05
Size: 48KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu06
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

346f750aa676ee18e4d0cb01265c6127

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

advapi32

version

ws2_32

Sections

__wibu00 Size: 117KB - Virtual size: 116KB

__wibu01 Size: 67KB - Virtual size: 67KB

__wibu02 Size: 1KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 8KB

__wibu03 Size: 1.3MB - Virtual size: 1.3MB

__wibu04 Size: 6KB - Virtual size: 8KB

__wibu05 Size: 48KB - Virtual size: 68KB

__wibu06 Size: 19KB - Virtual size: 20KB

__wibu00
Size: 117KB - Virtual size: 116KB

__wibu01
Size: 67KB - Virtual size: 67KB

__wibu02
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 8KB

__wibu03
Size: 1.3MB - Virtual size: 1.3MB

__wibu04
Size: 6KB - Virtual size: 8KB

__wibu05
Size: 48KB - Virtual size: 68KB

__wibu06
Size: 19KB - Virtual size: 20KB