2024-05-15_84d348e88b4a5296a1acbe9328186d8d_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-15_84d348e88b4a5296a1acbe9328186d8d_magniber
Size

7.5MB
MD5

84d348e88b4a5296a1acbe9328186d8d
SHA1

a9f5cfa366f853bd1ae6ca80f9813eee4959ecfb
SHA256

c12b7923a9dc53945437b57b9d971226041d79c040a5513cc4705de7d53fd9cd
SHA512

97e36020bd9afe064375fc36ffe972f7c640a9a1d496a823997a63214c2052653d1f48917eb892c4d87d1a915b8f0a0e61351ce3938dc362bb32a1c65ac0ff35
SSDEEP

98304:EymKomAcW4MxquiAbplR9xNfAzc1E+yJBRhaLFCZUhu9+lgCPvVYniMbXXZkaH3y:IsMxquiALjvyJcQew9+lgKApbHdkOk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-15_84d348e88b4a5296a1acbe9328186d8d_magniber

Files

2024-05-15_84d348e88b4a5296a1acbe9328186d8d_magniber
.exe windows:5 windows x86 arch:x86

0b96da06be279ff4d521ac0b7a11d4d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegFlushKey
RegOpenKeyW
RegCloseKey

bass

BASS_ChannelPlay
BASS_ChannelStop
BASS_StreamCreateFile
BASS_ChannelPause
BASS_ChannelIsActive
BASS_ChannelSetAttribute
BASS_Init
BASS_Free
BASS_StreamFree

gdi32

GetStockObject

kernel32

GetWindowsDirectoryW
GetShortPathNameW
GetCurrentDirectoryW
MultiByteToWideChar
GetFileAttributesW
DeleteFileW
GetVersionExW
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetProcessAffinityMask
GetCurrentProcess
FreeLibrary
FormatMessageA
GetLastError
LoadLibraryA
GetModuleFileNameA
ExitProcess
lstrlen
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
GetFileAttributesA
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
Sleep
CloseHandle
CreateProcessA
DuplicateHandle
MoveFileA
DeleteFileA
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
CopyFileW
InterlockedDecrement
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
CreateDirectoryW
LCMapStringW
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
LockResource
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
SetFilePointer
ReadFile
CompareStringA
CompareStringW
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
CreateFileA
CreatePipe
GetExitCodeProcess
WaitForSingleObject
FlushFileBuffers
GetTimeZoneInformation
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
GetModuleHandleA
SetStdHandle
CreateFileW
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetEnvironmentStrings
InterlockedIncrement
WideCharToMultiByte
InitializeCriticalSection

shell32

SHGetFolderPathW
ShellExecuteW
SHGetSpecialFolderPathW
SHFileOperationW

user32

SetWindowPos
UnregisterClassW
PeekMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
SetFocus
SetWindowLongW
TrackMouseEvent
DefWindowProcW
GetCursor
LoadCursorW
LoadIconW
UpdateWindow
GetSystemMetrics
ShowWindow
SendMessageW
CreateWindowExW
SetCursor
EnumDisplayDevicesW
EnumDisplaySettingsW
RegisterClassExW

winmm

waveOutGetNumDevs
timeGetTime

d3d9

Direct3DCreate9

ole32

CoCreateInstance
CoInitialize

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 732KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text1
Size: 704KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 704KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Geddon
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b96da06be279ff4d521ac0b7a11d4d8

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

bass

gdi32

kernel32

shell32

user32

winmm

d3d9

ole32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 380KB - Virtual size: 380KB

.data Size: 732KB - Virtual size: 732KB

.reloc Size: 100KB - Virtual size: 100KB

.text1 Size: 704KB - Virtual size: 704KB

.adata Size: 64KB - Virtual size: 64KB

.data1 Size: 128KB - Virtual size: 128KB

.reloc1 Size: 64KB - Virtual size: 64KB

.pdata Size: 3.2MB - Virtual size: 3.2MB

.rsrc Size: 704KB - Virtual size: 704KB

.Geddon Size: 4KB - Virtual size: 4KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 380KB - Virtual size: 380KB

.data
Size: 732KB - Virtual size: 732KB

.reloc
Size: 100KB - Virtual size: 100KB

.text1
Size: 704KB - Virtual size: 704KB

.adata
Size: 64KB - Virtual size: 64KB

.data1
Size: 128KB - Virtual size: 128KB

.reloc1
Size: 64KB - Virtual size: 64KB

.pdata
Size: 3.2MB - Virtual size: 3.2MB

.rsrc
Size: 704KB - Virtual size: 704KB

.Geddon
Size: 4KB - Virtual size: 4KB