2024-05-10_4998db7206f44ebc6291ee9986a711ed_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-10_4998db7206f44ebc6291ee9986a711ed_magniber
Size

43.5MB
MD5

4998db7206f44ebc6291ee9986a711ed
SHA1

88cee7607d2edfc5dc3eedff120442c81c6359eb
SHA256

8559121f0d62c44482d08b470fe35d70d3c57cd810c70469616aa6cf1d0ae5c6
SHA512

d8aa8e44984cac73298cba41ea1ae84ca0f785a7595dde687fe810798aeac54b07a45cc056a607aaf25dff2b845b0d858f2a4a9a3e307fe7bbc1854ad26eb8e9
SSDEEP

786432:vQdV7tB366oeUtA5DlkTriGprRa37F7wysLsmjxZ32DORjjc6G5WGs4f:vCV7tB39kOllK24rEJMZ3IR5Wn4f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-10_4998db7206f44ebc6291ee9986a711ed_magniber

Files

2024-05-10_4998db7206f44ebc6291ee9986a711ed_magniber
.exe windows:5 windows x86 arch:x86

df20f36a65ed7091ff06af5821b392fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\主站封版代码\win2.4.106\client_pro\bin\Win32\Release\Setup.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
DosDateTimeToFileTime
GlobalMemoryStatus
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetVersionExW
WaitForMultipleObjects
SetEndOfFile
SetFileTime
SetLastError
GetTempPathW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
SetFileAttributesW
MoveFileW
GetModuleHandleA
FindFirstChangeNotificationW
FindCloseChangeNotification
FlushInstructionCache
HeapCreate
Sleep
MulDiv
FreeResource
GetFullPathNameW
GetLocalTime
GetVersionExA
IsBadReadPtr
LoadLibraryA
GetModuleFileNameA
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetModuleHandleExA
GetPrivateProfileIntA
FormatMessageW
LocalFree
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFilePointer
ReadFile
WriteFile
CreateFileA
CreateDirectoryA
FindResourceExW
CreateMutexW
TerminateProcess
OpenProcess
WritePrivateProfileStringW
GetPrivateProfileStringW
CopyFileW
GetPrivateProfileIntW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
VirtualAlloc
GetModuleFileNameW
CreateThread
OutputDebugStringA
GetDriveTypeW
MoveFileExW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcess
FindClose
WriteConsoleW
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
SetStdHandle
GetTimeZoneInformation
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
GetCurrentThread
GetACP
FreeLibraryAndExitThread
ResumeThread
ExitThread
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetFileInformationByHandle
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualFree
LocalFileTimeToFileTime
HeapDestroy
CompareFileTime
FindNextFileW
OutputDebugStringW
RemoveDirectoryW
CreateDirectoryW
GetSystemDefaultLangID
GetSystemInfo
GetFileSize
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetLogicalDriveStringsW
FindFirstFileW
DeleteFileW
CreateFileW
CloseHandle
LoadLibraryW
GetSystemDirectoryW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
DecodePointer
GetProcAddress
MultiByteToWideChar
GetModuleHandleW
GetLastError
RaiseException
LockResource
LoadResource
SizeofResource
FindResourceW
lstrcpyA
lstrlenA
WideCharToMultiByte
GetFileAttributesW
SwitchToThread

user32

IsMenu
CreatePopupMenu
GetDesktopWindow
UnregisterClassW
GetSystemMetrics
wsprintfW
FindWindowExW
DestroyMenu
CheckMenuItem
GetMenuItemCount
InsertMenuW
AppendMenuW
DeleteMenu
TrackPopupMenu
GetMenuInfo
SetMenuInfo
GetMenuItemInfoW
SetForegroundWindow
SetMenuContextHelpId
CharLowerBuffW
MapVirtualKeyA
EnableWindow
SetActiveWindow
IsWindow
GetWindowThreadProcessId
SetWindowTextW
SetWindowPos
DestroyWindow
SendMessageW
SystemParametersInfoA
DrawTextExW
DrawTextW
UpdateLayeredWindow
GetActiveWindow
CharUpperW
CharPrevExA
DefWindowProcW
CallWindowProcW
RegisterClassExW
CreateWindowExW
GetDlgItem
GetClientRect
GetWindowRect
MapWindowPoints
GetWindowLongW
SetWindowLongW
GetParent
GetWindow
LoadCursorW
MonitorFromWindow
GetMonitorInfoW
TrackMouseEvent
PostMessageW
PostQuitMessage
ShowWindow
EnumDisplayMonitors
MonitorFromPoint
DrawIconEx
InvertRect
FillRect
AnimateWindow
SetLayeredWindowAttributes
IsWindowVisible
IsIconic
IsZoomed
SetFocus
GetCapture
SetCapture
ReleaseCapture
SetTimer
KillTimer
IsWindowEnabled
UpdateWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
GetWindowTextW
GetCursorPos
CreateCaret
GetCaretBlinkTime
HideCaret
SetCaretPos
ClientToScreen
ScreenToClient
CopyRect
InflateRect
IntersectRect
UnionRect
IsRectEmpty
EnumChildWindows
FindWindowW
GetClassNameW
DestroyIcon
EnumDisplaySettingsW
OffsetRect
PtInRect
GetKeyState
EnableMenuItem
MsgWaitForMultipleObjects
GetForegroundWindow
GetWindowPlacement
MoveWindow
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadImageW
CreateIconFromResource
LoadBitmapW
GetFocus
LoadIconW
MessageBoxW
DestroyCursor
EqualRect
SetRect
GetIconInfo
CharNextW
GetSysColor
SetCursor

gdi32

CreateRoundRectRgn
CreateFontIndirectW
CreateSolidBrush
GetClipBox
GetStockObject
BitBlt
SetBkMode
GetDCOrgEx
ExcludeClipRect
CreateCompatibleBitmap
SetViewportOrgEx
GetDeviceCaps
SetGraphicsMode
DeleteObject
CreateCompatibleDC
DeleteDC
SelectObject
StretchBlt
GetObjectW
Rectangle
CreateBitmap
Arc
CombineRgn
CreateDCW
CreateEllipticRgnIndirect
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
Ellipse
GetClipRgn
GetDIBits
GetRgnBox
GetTextColor
GetTextExtentPoint32W
IntersectClipRect
OffsetRgn
Pie
PtInRegion
RectInRegion
RestoreDC
RoundRect
SaveDC
ExtSelectClipRgn
SetRectRgn
SetROP2
SetTextColor
GetWorldTransform
SetWorldTransform
CreateDIBSection
ExtCreatePen
Polyline
GetCurrentObject
GetViewportOrgEx
EnumFontsW

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHAppBarMessage
SHFileOperationW
ShellExecuteExW
ShellExecuteW
SHGetFolderPathW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHChangeNotify
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathA

ole32

CreateBindCtx
CLSIDFromProgID
CLSIDFromString
OleLockRunning
CreateStreamOnHGlobal
CoCreateInstance
CoCreateGuid
OleUninitialize
OleInitialize
CoUninitialize
CoInitialize
IIDFromString

oleaut32

VariantInit
SetErrorInfo
CreateErrorInfo
SysStringByteLen
VariantChangeType
GetErrorInfo
SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen
VariantCopy
VariantClear
SysAllocStringByteLen

shlwapi

PathFileExistsW
PathRemoveFileSpecA
StrToIntExW
PathFileExistsA
SHCreateStreamOnFileEx
PathIsDirectoryA
PathRemoveFileSpecW

msi

ord45

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

imm32

ImmGetContext
ImmAssociateContext
ImmReleaseContext

gdiplus

GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdiplusShutdown
GdiplusStartup
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFont
GdipCreateFontFromLogfontW
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipFillPath
GdipFillPie
GdipFillEllipse
GdipCreateBitmapFromFileICM
GdipDrawPath
GdipDrawEllipse
GdipDrawRectangle
GdipDrawLines
GdipDrawLine
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipDeleteGraphics
GdipSetStringFormatLineAlign
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipSetPenDashArray
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipAddPathArcI
GdipAddPathLineI
ord1
GdipAddPathLine
GdipDeletePath
GdipCreatePath
GdipFree
GdipAlloc
GdipCreateBitmapFromStreamICM
GdipGraphicsClear
GdipFillRectangle
GdipCreateFromHDC

msimg32

AlphaBlend
GradientFill

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180.0MB - Virtual size: 180.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df20f36a65ed7091ff06af5821b392fa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

msi

version

imm32

gdiplus

msimg32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 460KB - Virtual size: 459KB

.data Size: 39KB - Virtual size: 141KB

.rsrc Size: 180.0MB - Virtual size: 180.0MB

.reloc Size: 123KB - Virtual size: 122KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 460KB - Virtual size: 459KB

.data
Size: 39KB - Virtual size: 141KB

.rsrc
Size: 180.0MB - Virtual size: 180.0MB

.reloc
Size: 123KB - Virtual size: 122KB