2024-05-20_b66741895f71e1fc67d2930b3285279f_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-20_b66741895f71e1fc67d2930b3285279f_magniber
Size

5.4MB
MD5

b66741895f71e1fc67d2930b3285279f
SHA1

307763cb49e56da3fef07cde539abddb20642c13
SHA256

d77bfd3d1567da11ef4a9eab230a7980f3a2668ec88e94fd79db932db39aa626
SHA512

124a0be2126f8a4f7c32d87ac8ee1a15386fb816527aaf21a45721b0a79ed74a921b36360c781dcb5a1a6ef3d1eb69814cc54f9d2de9b1f90450d883dd418005
SSDEEP

98304:N5H9myYbTpYozfXc5ST92fd6oF8GtmXwap0RsgACwSDjNpMRpj1yPbk8P07JatGs:N5H9my4+g92fd6oOHX30RsgACwSDjNp9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-20_b66741895f71e1fc67d2930b3285279f_magniber

Files

2024-05-20_b66741895f71e1fc67d2930b3285279f_magniber
.exe windows:5 windows x86 arch:x86

0f511b670925ffbed2c6b4bc2a163e97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\DeViL_boy\prg\MagicFarmDeluxe\magic_farm.pdb

Imports

kernel32

SetPriorityClass
FileTimeToLocalFileTime
FileTimeToSystemTime
GetExitCodeThread
Sleep
WaitForSingleObject
CreateThread
SetThreadPriority
OutputDebugStringA
QueryPerformanceFrequency
CreateFileA
GetFileInformationByHandle
CloseHandle
QueryPerformanceCounter
GetTickCount
lstrlenA
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
GetFileTime
GetSystemDirectoryA
WideCharToMultiByte
MulDiv
FreeLibrary
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
FindClose
FindNextFileA
FindFirstFileA
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
DeleteFileA
GetCurrentThreadId
GetCurrentThread
GlobalFree
GlobalUnlock
MultiByteToWideChar
GlobalLock
GlobalAlloc
GetVersionExA
GetCommandLineA
GetLastError
CreateMutexW
SetUnhandledExceptionFilter
SetErrorMode
GetCurrentProcess
IsBadWritePtr
VirtualQuery
GetThreadPriority
InitializeCriticalSection
DeleteCriticalSection
VirtualProtect
InterlockedDecrement
GetFileSize
GetFileAttributesA
InterlockedIncrement
MoveFileA
CopyFileA
SetFilePointer
SetEndOfFile
ReadFile
WriteFile
FlushFileBuffers
CreateDirectoryA
RemoveDirectoryA
SetFileAttributesA
GetSystemInfo
FormatMessageA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetTempPathA
GetShortPathNameW
GetModuleFileNameW
IsDebuggerPresent
GetThreadContext
TerminateThread
DuplicateHandle
IsBadStringPtrW
IsBadStringPtrA
IsBadReadPtr
SetThreadAffinityMask
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
HeapFree
GetStartupInfoA
GetSystemTimeAsFileTime
GetModuleHandleW
ExitProcess
GetLocalTime
ExitThread
ResumeThread
GetDriveTypeA
GetFullPathNameA
HeapReAlloc
HeapAlloc
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetStdHandle
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetPriorityClass

user32

ClientToScreen
GetWindowInfo
GetSystemMetrics
OffsetRect
ReleaseDC
GetDC
DrawTextExW
DestroyCursor
DestroyWindow
SetWindowLongA
MessageBoxW
ShowWindow
ChangeDisplaySettingsA
EnumWindows
GetWindowRect
IsWindowVisible
IsIconic
GetWindowPlacement
SystemParametersInfoA
ReleaseCapture
DefWindowProcW
EndPaint
BeginPaint
DefWindowProcA
GetWindowLongA
DialogBoxIndirectParamA
EndDialog
SendMessageA
GetDlgItem
AdjustWindowRectEx
SetWindowTextA
PostMessageA
SetForegroundWindow
WindowFromPoint
SetCapture
SetTimer
GetActiveWindow
CreateWindowExW
CreateWindowExA
AdjustWindowRect
SetCursor
LoadCursorA
DispatchMessageA
TranslateMessage
PeekMessageA
SetFocus
EnumDisplaySettingsA
CreateCursor
RegisterClassW
RegisterClassA
RegisterWindowMessageW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
GetSysColorBrush
GetMessageA
SetCaretPos
ShowCaret
CreateCaret
DestroyCaret
HideCaret
GetCursor
PostQuitMessage
GetLastActivePopup
GetDesktopWindow
SetWindowPos
TrackMouseEvent
GetKeyState
CallWindowProcA
GetCursorInfo
MoveWindow
MessageBoxA
GetWindowTextA
GetAsyncKeyState
SetCursorPos
GetCursorPos
ShowCursor
GetClientRect
ScreenToClient
SetWindowTextW
SetClassLongA
LoadIconA

dbghelp

SymGetTypeInfo
SymCleanup
StackWalk64
SymGetSymFromAddr64
SymSetContext
SymEnumSymbols
SymInitialize
MiniDumpWriteDump

winmm

PlaySoundA
timeGetTime
mixerSetControlDetails
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerClose
timeBeginPeriod
timeEndPeriod

wsock32

ioctlsocket
gethostbyname
htons
connect
WSAGetLastError
send
recv
socket
__WSAFDIsSet
select
WSACleanup
closesocket
WSAStartup
inet_ntoa

gdi32

DeleteObject
CreateFontIndirectA
SetTextColor
SetBkMode
CreateFontA
GetTextMetricsA
GetDeviceCaps
GetObjectA
SelectObject
CreateRectRgn
SelectClipRgn
GetTextExtentPoint32W
IntersectClipRect
TextOutW

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegOpenKeyA
RegSetValueExA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
ShellExecuteA

ole32

CoCreateInstance
CoInitialize

oleaut32

SysAllocString
VariantClear
SysFreeString

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 570KB - Virtual size: 570KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f511b670925ffbed2c6b4bc2a163e97

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

dbghelp

winmm

wsock32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 4.5MB - Virtual size: 4.5MB

.rdata Size: 570KB - Virtual size: 570KB

.data Size: 90KB - Virtual size: 341KB

.rsrc Size: 228KB - Virtual size: 227KB

.text
Size: 4.5MB - Virtual size: 4.5MB

.rdata
Size: 570KB - Virtual size: 570KB

.data
Size: 90KB - Virtual size: 341KB

.rsrc
Size: 228KB - Virtual size: 227KB