2024-05-24_14d4dce23c9ef50f6fb4053ba850c8d8_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-24_14d4dce23c9ef50f6fb4053ba850c8d8_magniber
Size

3.9MB
MD5

14d4dce23c9ef50f6fb4053ba850c8d8
SHA1

b9da0a2b8beef6149579dfce20e00c970e51383d
SHA256

5d3d6e3f9ce88188732d26133d6828324039929b9f220ace8c5a88f9155e5d30
SHA512

73cf98e82e8714842777478a29193b5f778db6dad4039ad9fb4287b9881ce0ceb39289484efb1d195f9628a0828ffcdc27645a99e7aad29e9b6f0763d4b6005b
SSDEEP

98304:36SwCZKwKS1UumNxhwlWaYkLQd0uCIwxdz8svLVq:QCZKwjuXhwnuWuAx/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-24_14d4dce23c9ef50f6fb4053ba850c8d8_magniber

Files

2024-05-24_14d4dce23c9ef50f6fb4053ba850c8d8_magniber
.exe windows:4 windows x86 arch:x86

8a7c5bced8114052ab6877de5f32e8ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetSystemDirectoryA
GetComputerNameA
SetLastError
IsBadReadPtr
lstrcmpiA
IsBadWritePtr
GetThreadLocale
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetConsoleCP
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
HeapSize
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetSystemInfo
GetExitCodeThread
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
GetCurrentThread
DuplicateHandle
GetProcAddress
TerminateProcess
GetOEMCP
VirtualProtect
GetCurrentThreadId
SetConsoleCtrlHandler
GetCurrentDirectoryA
GetWindowsDirectoryA
GetTickCount
GetCurrentProcessId
GetACP
HeapReAlloc
VirtualAlloc
GetCPInfo
LCMapStringW
LCMapStringA
HeapAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
RaiseException
RtlUnwind
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DeviceIoControl
GetLocalTime
LockFile
UnlockFile
IsBadStringPtrW
IsBadStringPtrA
FlushInstructionCache
GetProfileIntA
CreateEventA
OpenEventA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
UnmapViewOfFile
TlsFree
TlsGetValue
LocalFree
LocalAlloc
TlsSetValue
TlsAlloc
ExitProcess
GetModuleHandleA
FileTimeToSystemTime
GetVersion
GetVersionExA
GetModuleFileNameA
GetCurrentProcess
GetSystemTime
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesA
GetFullPathNameA
SetCurrentDirectoryA
GetLastError
FreeLibrary
LoadLibraryA
GetProfileStringA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
GetStdHandle
GetConsoleMode
CloseHandle
OpenProcess
GetExitCodeProcess
CreateDirectoryA
WaitForMultipleObjects
WriteFile
ReadFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
GetFileTime
CreateFileA
GetEnvironmentVariableA
SystemTimeToFileTime
GetTimeZoneInformation

user32

FindWindowA
CharUpperBuffA
UnhookWindowsHookEx
SetWindowsHookExA
EnumThreadWindows
GetWindowLongA
PeekMessageA
CallMsgFilterA
TranslateMessage
DispatchMessageA
GetWindowTextA
wsprintfA
IsWindowVisible
IsWindowEnabled
GetWindow
CallNextHookEx
DrawMenuBar
AppendMenuA
GetSystemMenu
SetLastErrorEx
MessageBoxA
LoadStringA
CharLowerA
GetSystemMetrics

wsock32

gethostname
gethostbyname
WSAStartup
WSACleanup
closesocket
shutdown
send
recv
__WSAFDIsSet
select
connect
setsockopt
socket
ioctlsocket
bind
recvfrom
sendto
htons

advapi32

RegDeleteKeyA
OpenServiceA
StartServiceA
CloseServiceHandle
RegEnumValueA
RegEnumKeyExA
OpenSCManagerA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteExA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

__wibu00
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu01
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu02
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu03
Size: - Virtual size: 4.0MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu04
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu05
Size: - Virtual size: 68B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu06
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu07
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu08
Size: 828KB - Virtual size: 828KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu09
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a7c5bced8114052ab6877de5f32e8ab

Headers

File Characteristics

Imports

kernel32

user32

wsock32

advapi32

shell32

version

Sections

__wibu00 Size: 2.5MB - Virtual size: 2.5MB

__wibu01 Size: 15KB - Virtual size: 15KB

__wibu02 Size: 169KB - Virtual size: 169KB

__wibu03 Size: - Virtual size: 4.0MB

__wibu04 Size: 14KB - Virtual size: 14KB

__wibu05 Size: - Virtual size: 68B

__wibu06 Size: 512B - Virtual size: 24B

__wibu07 Size: 165KB - Virtual size: 165KB

.rsrc Size: 167KB - Virtual size: 167KB

__wibu08 Size: 828KB - Virtual size: 828KB

__wibu09 Size: 76KB - Virtual size: 76KB

__wibu00
Size: 2.5MB - Virtual size: 2.5MB

__wibu01
Size: 15KB - Virtual size: 15KB

__wibu02
Size: 169KB - Virtual size: 169KB

__wibu03
Size: - Virtual size: 4.0MB

__wibu04
Size: 14KB - Virtual size: 14KB

__wibu05
Size: - Virtual size: 68B

__wibu06
Size: 512B - Virtual size: 24B

__wibu07
Size: 165KB - Virtual size: 165KB

.rsrc
Size: 167KB - Virtual size: 167KB

__wibu08
Size: 828KB - Virtual size: 828KB

__wibu09
Size: 76KB - Virtual size: 76KB