2024-05-26_1a5bd43c86e59b1849bdf8da1eb9f9b8_magniber_revil

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-26_1a5bd43c86e59b1849bdf8da1eb9f9b8_magniber_revil
Size

19.8MB
MD5

1a5bd43c86e59b1849bdf8da1eb9f9b8
SHA1

2d9240c02b9ef845338761cd0398bae5a9aa89d0
SHA256

75f17b7472b10d465ca8a978d2cea8522e5675b376ba8743b36437990bc078bb
SHA512

f5b1da9d8119d3c0a2fdaf1c7d0bd6b4165531eae3426126b587d5d530969511f29ef4d4ef7d91949b905d10544a61ffb06cc9759e0f76adc12b4f4902d7434f
SSDEEP

393216:e0O5hIi4IUZzF8FcRIZHpKZgzLxNweoxyWTQZRoThwcHrmu3N:UyZz9RSHEZgHPybH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-05-26_1a5bd43c86e59b1849bdf8da1eb9f9b8_magniber_revil

Files

2024-05-26_1a5bd43c86e59b1849bdf8da1eb9f9b8_magniber_revil
.exe windows:5 windows x86 arch:x86

27e56b9e806c71a94dfaeaba6dbc1357

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\ShidashiCode\shidashi\SystemHome\Release\SystemHome.pdb

Imports

kernel32

GetStringTypeW
GetSystemTimeAsFileTime
LCMapStringW
GetCPInfo
IsDebuggerPresent
FormatMessageA
FlushConsoleInputBuffer
OpenEventA
InitializeSListHead
GetUserDefaultLCID
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetLocalTime
DosDateTimeToFileTime
ExitProcess
GlobalMemoryStatus
GetFileType
GetStdHandle
GetModuleFileNameA
CreateProcessA
GetStartupInfoA
WaitForSingleObject
SearchPathW
GetProfileIntW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetCurrentDirectoryW
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
GlobalHandle
FindFirstFileW
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
SystemTimeToFileTime
SetFileTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
WaitForMultipleObjects
LocalAlloc
FileTimeToLocalFileTime
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameW
FlushFileBuffers
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
EncodePointer
GetCurrentThreadId
MulDiv
LocalFree
GlobalFree
GlobalSize
SetLastError
ResumeThread
SuspendThread
ReleaseMutex
SetThreadPriority
GetTempFileNameA
GetDiskFreeSpaceExA
GetCurrentProcessId
GetSystemDefaultLCID
CreateDirectoryA
MoveFileExA
GetCommandLineW
GlobalUnlock
GlobalLock
GlobalAlloc
SetThreadExecutionState
GetSystemInfo
CreateMutexW
GetLogicalDriveStringsA
SetVolumeLabelW
lstrcmpA
GetDriveTypeA
GetModuleHandleW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
TerminateProcess
TerminateThread
CopyFileW
GetSystemDirectoryA
ExpandEnvironmentStringsW
WritePrivateProfileStringW
GetWindowsDirectoryW
GetLogicalDrives
CreateSemaphoreW
OutputDebugStringW
CreateEventW
ReleaseSemaphore
FormatMessageW
GetACP
CreateEventA
SetEvent
GetTickCount
CreateProcessW
GlobalMemoryStatusEx
GetStartupInfoW
SetFilePointerEx
WriteFile
CopyFileExW
InterlockedIncrement
lstrcpyW
WTSGetActiveConsoleSessionId
CreateThread
GetNativeSystemInfo
LoadLibraryA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetSystemPowerStatus
InterlockedDecrement
GetFileTime
SystemTimeToTzSpecificLocalTime
FreeLibrary
MoveFileExW
GetProcAddress
LoadLibraryW
DeleteFileW
FileTimeToSystemTime
GetFileAttributesA
CopyFileA
SetFileAttributesW
GetModuleHandleA
GetVersionExW
GetFileAttributesW
FindClose
GetTempPathW
FindNextFileA
GetModuleFileNameW
RemoveDirectoryW
GetCurrentProcess
FindNextFileW
FindFirstFileA
IsProcessorFeaturePresent
SleepEx
PeekNamedPipe
GetEnvironmentVariableA
RtlUnwind
GetModuleHandleExW
FindFirstFileExW
ExitThread
FreeLibraryAndExitThread
SetStdHandle
GetCommandLineA
HeapQueryInformation
VirtualAlloc
VirtualQuery
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
ReadConsoleW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
CreatePipe
OutputDebugStringA
GetDriveTypeW
QueryPerformanceCounter
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
GetFileSize
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
RaiseException
CloseHandle
HeapReAlloc
DeleteFileA
QueryPerformanceFrequency
LockResource
GetDiskFreeSpaceExW
CreateFileA
GetLastError
Sleep
MultiByteToWideChar
GetLogicalDriveStringsW
HeapSize
GetSystemDirectoryW
CreateFileW
InitializeCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeviceIoControl
lstrlenW
EnterCriticalSection
HeapFree
GetVolumeInformationW
SizeofResource
ReadFile
CreateDirectoryW

user32

DrawIconEx
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
SetWindowRgn
SetParent
DrawStateW
DrawEdge
SetWindowTextW
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
EnumWindows
GetWindowTextW
DefWindowProcW
PostMessageW
DestroyWindow
GetPropW
CreateWindowExW
SendMessageW
RegisterClassExW
SetPropW
LoadCursorW
GetMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
GetIconInfo
ExitWindowsEx
MessageBoxW
wsprintfW
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
wvsprintfW
CharNextW
GetCaretBlinkTime
GetCaretPos
CharPrevW
CreateCaret
CreateMenu
GetWindowRgn
DestroyCursor
ShowCaret
SetCaretPos
InvalidateRgn
GetGUIThreadInfo
IsCharLowerW
GetWindowThreadProcessId
EnableWindow
UpdateWindow
ShowWindow
GetClientRect
GetDC
SetForegroundWindow
FindWindowW
SetWindowPos
GetProcessWindowStation
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
ScreenToClient
MoveWindow
ClientToScreen
InvalidateRect
PostQuitMessage
KillTimer
SetTimer
GetParent
SetWindowLongW
IntersectRect
MapWindowPoints
GetMonitorInfoW
IsWindow
MonitorFromWindow
GetWindowRect
GetWindowLongW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
RegisterWindowMessageW
GetMessagePos
GetMessageTime
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetDlgItem
GetDlgCtrlID
SetFocus
GetFocus
GetCapture
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
BeginPaint
EndPaint
RedrawWindow
GetUserObjectInformationW
MessageBoxA
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
MapVirtualKeyExW
ToUnicodeEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
DeleteMenu
SetCursor
ShowOwnedPopups
LoadImageW
TrackMouseEvent
DestroyIcon
MapDialogRect
GetAsyncKeyState
RealChildWindowFromPoint
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetSysColorBrush
ReleaseDC
GetSystemMetrics
CharUpperW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
IsWindowEnabled
CheckDlgButton
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
UnhookWindowsHookEx
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
GetSysColor
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW

advapi32

RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
RegOpenKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCreateKeyA
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
DeregisterEventSource
RegisterEventSourceA
ReportEventA
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW

ole32

CLSIDFromProgID
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CLSIDFromString
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize

shell32

ShellExecuteW
SHCreateDirectoryExA
SHGetMalloc
SHFileOperationW
SHGetFolderPathA
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetPathFromIDListW
ShellExecuteA
SHBrowseForFolderW
SHGetFileInfoW
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
SysAllocStringLen
VariantInit
SysFreeString
SysAllocStringByteLen
SysAllocString
SysStringLen
VariantClear

shlwapi

PathRemoveFileSpecW
StrCmpW
PathRemoveExtensionW
PathRemoveFileSpecA
PathRemoveArgsA
PathUnquoteSpacesA
PathFileExistsA
PathFileExistsW
PathFindExtensionW
PathFindExtensionA
PathRemoveExtensionA
PathIsFileSpecW
StrCpyW
PathFindFileNameA
PathStripPathW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindFileNameW
PathAppendA

wtsapi32

WTSQueryUserToken

gdiplus

GdipGetImageWidth
GdipBitmapLockBits
GdipFree
GdipGetImagePixelFormat
GdipDisposeImage
GdipSetInterpolationMode
GdipDrawImageI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipGetPropertyItem
GdipCreateLineBrushI
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipGraphicsClear
GdipBitmapUnlockBits
GdipCloneImage
GdipGetImageHeight
GdiplusStartup
GdiplusShutdown
GdipDeleteFont
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCloneBrush
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipDrawString
GdipDrawImageRectI
GdipDeleteBrush
GdipDrawImage
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipGetFamily
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipDeleteFontFamily

dbghelp

MakeSureDirectoryPathExists

netapi32

Netbios

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

gdi32

CreateCompatibleDC
SelectObject
BitBlt
CopyMetaFileW
CreateDCW
GetDeviceCaps
SetBkColor
SetTextColor
CreateBitmap
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
DeleteDC
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
GetObjectA
CreatePenIndirect
GetCharABCWidthsW
GdiFlush
GetObjectW
ScaleViewportExtEx
DeleteObject

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comctl32

InitCommonControlsEx
ord17
_TrackMouseEvent

uxtheme

IsAppThemed
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize
DrawThemeText

setupapi

SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW

ws2_32

getpeername
connect
bind
gethostname
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
select
__WSAFDIsSet
ioctlsocket
listen
WSAGetLastError
send
gethostbyname
htonl
accept
WSAIoctl
WSASetLastError
setsockopt
ntohs
getsockopt
sendto
freeaddrinfo
htons
recv
recvfrom
socket
inet_addr
WSAStartup
getaddrinfo
ntohl
closesocket
WSACleanup
getsockname

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmReleaseContext

winmm

PlaySoundW

wldap32

ord167
ord127
ord27
ord26
ord117
ord142
ord208
ord216
ord14
ord46
ord219
ord145
ord79
ord133
ord147
ord301
ord41

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14.7MB - Virtual size: 14.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27e56b9e806c71a94dfaeaba6dbc1357

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

wtsapi32

gdiplus

dbghelp

netapi32

version

gdi32

msimg32

winspool.drv

comctl32

uxtheme

setupapi

ws2_32

oleacc

imm32

winmm

wldap32

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 45KB - Virtual size: 102KB

.gfids Size: 106KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 14.7MB - Virtual size: 14.7MB

.reloc Size: 214KB - Virtual size: 213KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 45KB - Virtual size: 102KB

.gfids
Size: 106KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 14.7MB - Virtual size: 14.7MB

.reloc
Size: 214KB - Virtual size: 213KB