2024-05-17_4583bc29a1104940c7dd00083159193d_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-17_4583bc29a1104940c7dd00083159193d_magniber
Size

4.7MB
MD5

4583bc29a1104940c7dd00083159193d
SHA1

02b2f626035ffff7c1b8fe0c34ca88a7051a433a
SHA256

f36d7ccad5a21ba807698f0621ec6c9912684766a25ccbe37ef9fe96341c69a6
SHA512

1760ae4017b7a3f5d4f35a41b80972b08d3e1aa3091113e2e7171d3a4b2c8bd3e790e934deb892489aa54c26e25673909322aa9f52ad4fda1f3fd1de439bb24a
SSDEEP

98304:kJPELEYYe4cjd+L/LUht2ZEM47n+jEtLk4+7DOSOWm:kNEKCk947nsuQ4+7DO9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-17_4583bc29a1104940c7dd00083159193d_magniber

Files

2024-05-17_4583bc29a1104940c7dd00083159193d_magniber
.exe windows:5 windows x86 arch:x86

6ab018cd9086d02abfec02ff8b82ab2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\TFS\PCMaster\PCMaster\SoftMaster\Bin\softmaster.pdb

Imports

kernel32

GlobalMemoryStatusEx
VirtualProtect
GetLongPathNameW
GetCurrentProcessId
ExitProcess
SetUnhandledExceptionFilter
CreateThread
GetCurrentThread
GetCurrentThreadId
WriteProcessMemory
SuspendThread
ResumeThread
SetEvent
GetLogicalDrives
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
lstrcmpW
CreateMutexW
OpenEventW
GetLogicalDriveStringsW
LoadLibraryExW
GetCommandLineW
GetEnvironmentVariableW
EnumResourceNamesW
GetDriveTypeW
GetSystemDirectoryW
GetTempPathW
GetTempFileNameW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
SetCurrentDirectoryW
GetDiskFreeSpaceExW
RemoveDirectoryW
CreateFileA
DeleteFileA
MoveFileA
MoveFileW
WaitNamedPipeW
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
GetNumberFormatW
Module32FirstW
Module32NextW
VirtualAllocEx
VirtualFreeEx
CreateRemoteThread
lstrlenA
TerminateThread
GetExitCodeThread
ResetEvent
ReleaseSemaphore
WaitForMultipleObjects
CreateSemaphoreW
ReadProcessMemory
FindClose
DeviceIoControl
SetLastError
FreeResource
Thread32Next
Thread32First
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetVersionExW
MoveFileExW
CopyFileW
GetFullPathNameW
ExpandEnvironmentStringsW
CreateProcessW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryW
OpenFileMappingW
CreateEventW
lstrlenW
lstrcatW
lstrcpyW
lstrcpynW
lstrcmpiW
lstrcmpA
GetSystemInfo
Sleep
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetThreadTimes
OpenThread
GetProcessId
TerminateProcess
GetCurrentProcess
OpenProcess
LocalFree
LocalAlloc
GlobalFree
FreeLibrary
GlobalLock
GlobalAlloc
GetProcAddress
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
InterlockedDecrement
InterlockedIncrement
FindNextFileW
GetTickCount
FileTimeToSystemTime
GetLocalTime
GetFileSize
GetFileInformationByHandle
GetFileAttributesW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
LocalFileTimeToFileTime
SystemTimeToFileTime
CloseHandle
SetFileTime
SetFilePointer
ReadFile
WriteFile
WideCharToMultiByte
DeleteFileW
SetFileAttributesW
WritePrivateProfileStringW
GetPrivateProfileStringW
MultiByteToWideChar
FindResourceExW
FindResourceW
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
SetEndOfFile
WriteConsoleW
FlushFileBuffers
DecodePointer
OutputDebugStringA
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
GetTimeZoneInformation
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetACP
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetFullPathNameA
PeekNamedPipe
GetFileType
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetUserDefaultUILanguage
IsBadStringPtrW
MulDiv
GetStringTypeW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
EncodePointer
FormatMessageW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
OutputDebugStringW
IsDebuggerPresent
LoadLibraryExA
VirtualQuery
FindFirstFileW
GlobalUnlock
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
LockResource
GetStartupInfoW

gdi32

TextOutW
MoveToEx
StretchBlt
ExtSelectClipRgn
SelectClipRgn
RoundRect
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateRectRgnIndirect
CreateRectRgn
CombineRgn
SetStretchBltMode
SetBitmapBits
GetStockObject
GetDeviceCaps
GetBitmapBits
CreateCompatibleBitmap
CreatePatternBrush
PtInRegion
OffsetRgn
SetWindowOrgEx
SaveDC
RestoreDC
CreateRoundRectRgn
BitBlt
GetTextMetricsW
GdiFlush
GetObjectW
CreateDCW
SetTextColor
SetBkMode
SetBkColor
Rectangle
CreateSolidBrush
CreatePen
CreateFontIndirectW
SetDIBColorTable
CreateDIBSection
SelectObject
GetDIBits
DeleteObject
DeleteDC
CreateCompatibleDC

comdlg32

GetOpenFileNameW

advapi32

AllocateAndInitializeSid
SetNamedSecurityInfoW
SetEntriesInAclW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
CreateProcessAsUserW
RegCloseKey
RegCreateKeyExW
RegFlushKey
RegOpenKeyExW
RegQueryValueExW
SaferCreateLevel
SaferCloseLevel
SaferComputeTokenFromLevel
OpenProcessToken
GetTokenInformation
SetTokenInformation
AdjustTokenPrivileges
ConvertStringSidToSidW
FreeSid
GetLengthSid
LookupPrivilegeValueW
GetUserNameW
DuplicateTokenEx
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW

shell32

Shell_NotifyIconW
SHGetFileInfoW
SHFileOperationW
SHBrowseForFolderW
ExtractIconExW
ExtractIconW
CommandLineToArgvW
ShellExecuteW
DragAcceptFiles
DragQueryFileW
SHGetFolderPathW
SHGetMalloc
ShellExecuteExW
SHGetPathFromIDListW

ole32

OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateILockBytesOnHGlobal
ReleaseStgMedium
OleDuplicateData
OleSetContainedObject
OleCreateStaticFromData
StgCreateDocfileOnILockBytes
StgCreateDocfile
OleUninitialize
CoInitialize
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CoTaskMemRealloc

oleaut32

SetErrorInfo
VariantChangeType
SysAllocString
GetErrorInfo
VarUdateFromDate
VarUI4FromStr
VariantClear
VariantInit
SysFreeString
CreateErrorInfo

shlwapi

PathFileExistsW
PathAppendW
PathFindExtensionW
PathFileExistsA
PathFindFileNameW
PathRemoveExtensionW
SHDeleteKeyW

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipSaveImageToStream
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipGetImagePixelFormat
GdipAlloc
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipFree
GdipGetImagePalette
GdipGetImagePaletteSize
GdipDeleteGraphics
GdipDrawImageI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusShutdown
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipTranslateWorldTransform
GdipSetStringFormatHotkeyPrefix
GdipCreateBitmapFromHICON
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipDrawImageRectI
GdipSaveImageToFile
GdipCreateHBITMAPFromBitmap
GdipSetImageAttributesWrapMode
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipReleaseDC
GdipRotateWorldTransform
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromDC
GdipDrawPath
GdipDrawRectangleI
GdipDrawLineI
GdipSetTextRenderingHint
GdipSetImageAttributesColorKeys
GdipSetPenDashStyle
GdipDeletePen
GdipGraphicsClear
GdipSaveGraphics
GdiplusStartup
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

wininet

InternetGetLastResponseInfoW
HttpOpenRequestW
HttpSendRequestExW
HttpEndRequestW
HttpQueryInfoW
InternetSetOptionW
InternetWriteFile
InternetReadFile
InternetOpenUrlW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCheckConnectionW

urlmon

URLDownloadToFileW
ObtainUserAgentString

crypt32

CertGetNameStringW
CryptQueryObject
CryptMsgGetParam
CryptDecodeObject
CertFindCertificateInStore

wintrust

WinVerifyTrust

winhttp

WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpCrackUrl
WinHttpOpen
WinHttpCloseHandle
WinHttpConnect
WinHttpReadData
WinHttpAddRequestHeaders
WinHttpSetTimeouts
WinHttpOpenRequest

iphlpapi

GetAdaptersInfo

dbghelp

MiniDumpWriteDump

comctl32

ord17
_TrackMouseEvent

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 613KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ab018cd9086d02abfec02ff8b82ab2e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

version

userenv

wininet

urlmon

crypt32

wintrust

winhttp

iphlpapi

dbghelp

comctl32

imm32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 613KB - Virtual size: 612KB

.data Size: 16KB - Virtual size: 40KB

.gfids Size: 2KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 122KB - Virtual size: 122KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 613KB - Virtual size: 612KB

.data
Size: 16KB - Virtual size: 40KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 122KB - Virtual size: 122KB