2024-05-26_6d8c2d91540adcbbe2b12cfbe6e0bf4e_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-26_6d8c2d91540adcbbe2b12cfbe6e0bf4e_magniber
Size

8.0MB
MD5

6d8c2d91540adcbbe2b12cfbe6e0bf4e
SHA1

d588adc2a71952fce7e8099fa0aa9d9755342a56
SHA256

45693bcd21d9a368a3eae5da9f2bf0f2dc872a7ac8deb4bcecbe094e5528843b
SHA512

b974cd10c9d1bf7d7e1a0109b79e8238de1429e27fd3e72ecbb5a7a3c77b087be5c38ef0d48a39a4a4bebb067c47f0e401267b2bee0315166ece1e4f7794961e
SSDEEP

98304:ClFzZYHX8CgMgitGYTrcv7Dkg8xUB8gbp1ayYJ5F2wYtPHN53OFwc4fGGvnBs:UmHMCZes3xUBVRYJ6JtPHDfG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-26_6d8c2d91540adcbbe2b12cfbe6e0bf4e_magniber

Files

2024-05-26_6d8c2d91540adcbbe2b12cfbe6e0bf4e_magniber
.exe windows:4 windows x86 arch:x86

fb908125c4fc3e9550c5019670abab50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\RLSWorkspace\lecturer-AllInOneExe-vs2005\Release\rls.pdb

Imports

winmm

waveOutReset
timeGetTime
waveInAddBuffer
waveInClose
DefDriverProc
timeGetDevCaps
timeBeginPeriod
timeSetEvent
timeEndPeriod
timeKillEvent
PlaySoundA
mixerGetNumDevs
mixerOpen
waveOutUnprepareHeader
waveInUnprepareHeader
waveInGetErrorTextA
waveInOpen
waveInStart
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
waveOutGetVolume
waveOutSetVolume
mixerSetControlDetails
mixerGetControlDetailsA
mmioOpenA
mmioStringToFOURCCA
mmioCreateChunk
mmioWrite
mmioAscend
mmioClose
waveOutOpen
waveOutPrepareHeader
waveOutWrite
waveInPrepareHeader
waveOutClose
mixerClose
waveInReset
waveInStop

iphlpapi

GetAdaptersInfo

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

ReleaseMutex
CreateEventA
WaitForMultipleObjects
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
MoveFileA
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
GetThreadLocale
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetShortPathNameA
ResumeThread
SuspendThread
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileAttributesA
GetCurrentProcessId
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GlobalFlags
GetOEMCP
GetAtomNameA
SetErrorMode
LocalUnlock
LocalLock
GetPrivateProfileIntA
GetCurrentDirectoryA
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
RaiseException
GetTimeFormatA
GetDateFormatA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
GetCommandLineA
GetStartupInfoA
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
FatalAppExitA
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetConsoleCP
GetConsoleMode
GetACP
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
SetHandleCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
ReleaseSemaphore
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
GetDiskFreeSpaceA
GetFullPathNameA
GetFileTime
SetFileTime
GetFileAttributesA
QueryPerformanceFrequency
QueryPerformanceCounter
MulDiv
WinExec
GetWindowsDirectoryA
FormatMessageA
LocalFree
GetTickCount
CreateMutexA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetSystemInfo
IsProcessorFeaturePresent
GlobalMemoryStatus
GetVolumeInformationA
DeviceIoControl
HeapAlloc
GetProcessHeap
HeapFree
OpenProcess
CopyFileA
GlobalReAlloc
CreateFileA
CloseHandle
WriteFile
GetModuleFileNameA
GetLogicalDrives
GetDriveTypeA
GetLocalTime
CreateDirectoryA
SetThreadPriority
GetSystemTime
ResetEvent
GlobalSize
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetCPInfo
SetLastError
GetModuleHandleA
GetVersionExA
GetTempPathA
GetTempFileNameA
DeleteFileA
lstrcpyA
GetSystemDirectoryA
LoadLibraryA
FreeLibrary
GetProcAddress
lstrcmpA
WaitForSingleObject
FindResourceA
LoadResource
LockResource
SizeofResource
Sleep
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetEvent
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
SetCurrentDirectoryA
CreateSemaphoreA
FindNextFileA
InterlockedCompareExchange

user32

WinHelpA
SendDlgItemMessageA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
MoveWindow
IsWindowEnabled
ScrollWindowEx
GetWindowThreadProcessId
MsgWaitForMultipleObjects
GetKeyNameTextA
MapVirtualKeyA
EndDialog
CreateDialogIndirectParamA
WaitMessage
DestroyMenu
ValidateRect
TranslateAcceleratorA
SetMenu
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
IsZoomed
UnregisterClassA
GetDialogBaseUnits
GetDCEx
LockWindowUpdate
IsClipboardFormatAvailable
GetTabbedTextExtentA
GetSystemMenu
SetParent
UnionRect
CopyAcceleratorTableA
InvalidateRgn
CharNextA
GetNextDlgGroupItem
RegisterClipboardFormatA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
UnhookWindowsHookEx
SetWindowRgn
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
GetMenuStringA
SetRectEmpty
GetWindowDC
ScreenToClient
CopyIcon
PtInRect
MessageBoxA
MessageBeep
SetWindowLongA
DispatchMessageA
TranslateMessage
PeekMessageA
GetMessageA
IsWindow
AdjustWindowRectEx
ReleaseCapture
SetCapture
GetCapture
EnumWindows
ShowWindow
SendMessageTimeoutA
LoadCursorA
SetWindowPos
GetMenu
LoadIconA
RedrawWindow
IsIconic
DrawIcon
FindWindowA
GetCursorPos
SetForegroundWindow
BringWindowToTop
LoadMenuA
PostQuitMessage
KillTimer
SetTimer
GetFocus
DestroyCursor
LoadImageA
GetIconInfo
CreateIconIndirect
SetCursor
GetWindowLongA
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
ClientToScreen
GetClientRect
DrawFocusRect
FrameRect
InflateRect
DrawStateA
wsprintfA
GetMenuItemInfoA
GetSystemMetrics
SystemParametersInfoA
DrawIconEx
DestroyIcon
GetSysColorBrush
GrayStringA
DrawTextExA
TabbedTextOutA
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
AppendMenuA
DeleteMenu
CreatePopupMenu
CreateMenu
DrawEdge
FillRect
PostThreadMessageA
SendMessageA
GetSysColor
GetForegroundWindow
IsWindowVisible
GetWindowRect
IntersectRect
UpdateWindow
IsRectEmpty
GetDesktopWindow
ReleaseDC
SetRect
CopyRect
PostMessageA
DrawTextA
GetDC
OffsetRect
EnableWindow
InvalidateRect
LoadBitmapA
RegisterWindowMessageA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
IsMenu

gdi32

CreateHatchBrush
CreateFontIndirectA
CreateCompatibleBitmap
GetBkMode
Ellipse
Rectangle
PatBlt
GetPixel
SetPixel
GetTextExtentPoint32A
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateDIBSection
GetTextExtentPoint32W
GetStockObject
CopyMetaFileA
CreateDCA
StretchBlt
CreateDIBitmap
SetDIBits
GetDIBits
CreateEllipticRgn
DPtoLP
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
SetTextAlign
CreateSolidBrush
SetMapperFlags
SetArcDirection
SetColorAdjustment
GetClipRgn
SelectClipPath
SetBkMode
GetWindowExtEx
StartDocA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetPixelV
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
GetDCOrgEx
GetMapMode
GetCharWidthA
GetBkColor
GetTextColor
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
SetTextCharacterExtra
CreatePen
MoveToEx
LineTo
Polygon
SetTextJustification
SetDIBitsToDevice
SetTextColor
SelectClipRgn
GetObjectA
GetRegionData
GetRgnBox
SetBkColor
BitBlt
DeleteDC
GetDeviceCaps
CreateCompatibleDC
SelectObject
CreateBitmap
CreateFontA
SetRectRgn
CreateRectRgnIndirect
CombineRgn
LPtoDP
GetSystemPaletteEntries
StretchDIBits
GetDIBColorTable
GetPaletteEntries
CreatePalette
GetTextMetricsA
DeleteObject
GetViewportExtEx
CreateRectRgn
SelectPalette
RealizePalette
Arc

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
GetJobA
OpenPrinterA
DocumentPropertiesA

advapi32

RegOpenKeyA
RegCreateKeyExA
RegDeleteValueA
RegCreateKeyA
RegEnumKeyA
RegDeleteKeyA
GetFileSecurityA
SetFileSecurityA
RegCloseKey
RegSetValueA
RegQueryValueA
IsTextUnicode
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA
SHGetFileInfoA
ExtractIconA
DragQueryFileA
DragFinish
ShellExecuteExA

comctl32

ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathStripToRootA
UrlUnescapeA
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathIsUNCA

oledlg

ord8

ole32

OleIsCurrentClipboard
OleSetClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoRegisterClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemAlloc
CoTaskMemFree
CoCreateFreeThreadedMarshaler
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
OleCreateStaticFromData
CoCreateInstance
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSetContainedObject
OleDuplicateData
ReleaseStgMedium
CoRevokeClassObject

oleaut32

VariantTimeToSystemTime
LoadTypeLi
OleCreateFontIndirect
SafeArrayCreateVector
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SystemTimeToVariantTime
VariantClear
VariantInit
OleLoadPicture
SafeArrayAccessData
VariantChangeType
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysAllocString
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy

urlmon

URLDownloadToFileA

ws2_32

WSAGetLastError
gethostbyname
inet_ntoa
htonl
getservbyname
htons
gethostbyaddr
getservbyport
ntohs
WSASetLastError
gethostname
closesocket
socket
bind
listen
accept
connect
send
select
recv
recvfrom
sendto
getpeername
getsockname
shutdown
setsockopt
WSAAsyncSelect
WSACleanup
WSAStartup
inet_addr

wininet

InternetOpenUrlA
GopherOpenFileA
InternetConnectA
FtpFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpOpenFileA
GopherGetAttributeA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetCloseHandle
HttpOpenRequestA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetQueryDataAvailable
InternetGetCookieA
InternetSetCookieA
InternetSetOptionExA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetSetOptionA
InternetQueryOptionA
DetectAutoProxyUrl
InternetFindNextFileA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 356KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WILK_DX_
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TORQ_CX_
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb908125c4fc3e9550c5019670abab50

Headers

File Characteristics

PDB Paths

Imports

winmm

iphlpapi

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

ws2_32

wininet

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 356KB - Virtual size: 354KB

.data Size: 76KB - Virtual size: 208KB

WILK_DX_ Size: 4KB - Virtual size: 160B

TORQ_CX_ Size: 4KB - Virtual size: 1KB

.rsrc Size: 5.9MB - Virtual size: 5.9MB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 356KB - Virtual size: 354KB

.data
Size: 76KB - Virtual size: 208KB

WILK_DX_
Size: 4KB - Virtual size: 160B

TORQ_CX_
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 5.9MB - Virtual size: 5.9MB