2024-05-09_d1c9bb7b8f1e12cabbcbf90ccc5aac2a_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-09_d1c9bb7b8f1e12cabbcbf90ccc5aac2a_magniber
Size

7.4MB
MD5

d1c9bb7b8f1e12cabbcbf90ccc5aac2a
SHA1

90df2f1a1ecebdc0e5751140de61afb8161cb469
SHA256

05e20b0885ba5f1f675cc72c92bfc3d998b21e2f74a441329da47b091a4e855a
SHA512

b7bbf60574e13c5d4ea3442735dfcd7c7e0ca8cb5621f145679d7af03349f41f204a3b0e49d27bde051b0a61bcfbeaac939edb524cc4c866dadb20507986f8c2
SSDEEP

98304:l4iS+MhDQqHcABNBiAb+i9Uezc1E+yJBRhaLFCZUhbmUDf2PfQcSdeEOg2ibg2i:lq+eSABNBiAohyJcQer7gfQccb2iU2i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-09_d1c9bb7b8f1e12cabbcbf90ccc5aac2a_magniber

Files

2024-05-09_d1c9bb7b8f1e12cabbcbf90ccc5aac2a_magniber
.exe windows:5 windows x86 arch:x86

5e39956e7ce7e30183266361ee94eb81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegFlushKey
RegOpenKeyW
RegCloseKey

bass

BASS_ChannelPlay
BASS_StreamCreateFile
BASS_ChannelStop
BASS_Free
BASS_ChannelIsActive
BASS_StreamFree
BASS_ChannelPause
BASS_ChannelSetAttribute
BASS_Init

gdi32

GetStockObject

kernel32

GetModuleHandleA
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
GetProcessHeap
SetEndOfFile
GetEnvironmentStrings
GetWindowsDirectoryW
GetShortPathNameW
GetCurrentDirectoryW
CopyFileW
CreateDirectoryW
FreeEnvironmentStringsA
GetLocaleInfoW
GetDateFormatA
GetConsoleOutputCP
WriteConsoleA
CreateFileW
MultiByteToWideChar
GetFileAttributesW
DeleteFileW
GetVersionExW
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetProcessAffinityMask
GetCurrentProcess
FreeLibrary
FormatMessageA
GetLastError
LoadLibraryA
GetModuleFileNameA
ExitProcess
lstrlen
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetStartupInfoW
HeapAlloc
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
GetFileAttributesA
HeapReAlloc
RtlUnwind
CloseHandle
CreateProcessA
DuplicateHandle
MoveFileA
DeleteFileA
GetSystemTimeAsFileTime
GetTimeFormatA
IsValidLocale
RaiseException
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
LockResource
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
SetFilePointer
ReadFile
CompareStringA
CompareStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
CreateFileA
CreatePipe
GetExitCodeProcess
WaitForSingleObject
FlushFileBuffers
GetTimeZoneInformation
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
SetStdHandle

shell32

ShellExecuteW
SHGetFolderPathW
SHFileOperationW
SHGetSpecialFolderPathW

user32

SetWindowPos
DefWindowProcW
EnumDisplaySettingsW
EnumDisplayDevicesW
GetSystemMetrics
LoadIconW
LoadCursorW
RegisterClassExW
CreateWindowExW
SendMessageW
ShowWindow
UpdateWindow
SetWindowLongW
TrackMouseEvent
UnregisterClassW
PeekMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
SetFocus
SetCursor
GetCursor

winmm

timeGetTime
waveOutGetNumDevs

d3d9

Direct3DCreate9

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 720KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text1
Size: 704KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 692KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Geddon
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e39956e7ce7e30183266361ee94eb81

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

bass

gdi32

kernel32

shell32

user32

winmm

d3d9

ole32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 380KB - Virtual size: 380KB

.data Size: 720KB - Virtual size: 720KB

.reloc Size: 100KB - Virtual size: 100KB

.text1 Size: 704KB - Virtual size: 704KB

.adata Size: 64KB - Virtual size: 64KB

.data1 Size: 128KB - Virtual size: 128KB

.reloc1 Size: 64KB - Virtual size: 64KB

.pdata Size: 3.2MB - Virtual size: 3.2MB

.rsrc Size: 692KB - Virtual size: 692KB

.Geddon Size: 4KB - Virtual size: 4KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 380KB - Virtual size: 380KB

.data
Size: 720KB - Virtual size: 720KB

.reloc
Size: 100KB - Virtual size: 100KB

.text1
Size: 704KB - Virtual size: 704KB

.adata
Size: 64KB - Virtual size: 64KB

.data1
Size: 128KB - Virtual size: 128KB

.reloc1
Size: 64KB - Virtual size: 64KB

.pdata
Size: 3.2MB - Virtual size: 3.2MB

.rsrc
Size: 692KB - Virtual size: 692KB

.Geddon
Size: 4KB - Virtual size: 4KB