2024-05-29_e0c0d4272c65f9821e83c0c7fe4b161a_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-29_e0c0d4272c65f9821e83c0c7fe4b161a_magniber
Size

16.2MB
MD5

e0c0d4272c65f9821e83c0c7fe4b161a
SHA1

e3af8de487157830befc6c5071ad141fd3508101
SHA256

6f559a88e8efda435997bc04dfb3e6e304fbdc822beeaf95e54b0c4eb141f953
SHA512

59255b08b54f560dabfbe404a513edc29e57ca3f2059e85e914215f62d4db10e8b50bb281589dabc4ec28c49691e97a3d0eb4bae1996eb1985616a1dafb44182
SSDEEP

393216:uQRAKw8w32hwzbpbkX5O8QOsIMg50jNb4mbn0nLD7+:ujKwZ32hwzbkOXNBYm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-29_e0c0d4272c65f9821e83c0c7fe4b161a_magniber

Files

2024-05-29_e0c0d4272c65f9821e83c0c7fe4b161a_magniber
.exe windows:5 windows x86 arch:x86

679c1a6b5c3b146afa6215d248262b3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
RemoveDirectoryA
SetEndOfFile
SetFilePointerEx
WriteFile
GetLastError
ReleaseSemaphore
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetProcessTimes
SwitchToThread
MapViewOfFileEx
UnmapViewOfFile
GetProcAddress
LocalFree
FormatMessageA
CreateSemaphoreA
CreateFileMappingA
OpenProcess
GetSystemTimeAsFileTime
GetEnvironmentVariableW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFileInformationByHandle
GetFileTime
GetFullPathNameW
RemoveDirectoryW
SetFileTime
DeviceIoControl
GetWindowsDirectoryW
GetModuleHandleW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryA
GetEnvironmentVariableA
SetCurrentDirectoryA
GetFileAttributesA
GetFullPathNameA
GetSystemTime
FileTimeToSystemTime
GetTimeZoneInformation
GetExitCodeProcess
CreateProcessA
GetStdHandle
GetConsoleMode
ExitThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DeleteFileA
IsWow64Process
GetProfileStringA
FlushFileBuffers
ReadFile
SetFilePointer
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
GetCPInfo
CreateThread
FindNextFileA
RaiseException
GetConsoleCP
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetStdHandle
HeapReAlloc
GetStringTypeW
HeapSize
IsValidCodePage
GetOEMCP
ReadConsoleW
GetModuleFileNameW
WriteConsoleW
EncodePointer
DecodePointer
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
LocalAlloc
MapViewOfFile
OpenFileMappingA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
SetEvent
ResetEvent
CreateEventA
OpenEventA
WaitForMultipleObjects
ProcessIdToSessionId
IsBadWritePtr
OpenSemaphoreA
FlushInstructionCache
GetVersion
LockFile
UnlockFile
IsBadStringPtrA
IsBadStringPtrW
GetDriveTypeA
GetCommandLineA
FindFirstFileExW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
InitializeSListHead
CreateEventW
CompareStringEx
GetLocaleInfoEx
LCMapStringEx
TryEnterCriticalSection
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
WaitForSingleObjectEx
FindFirstFileA
FindClose
CreateFileA
CreateDirectoryA
Thread32Next
Thread32First
CreateToolhelp32Snapshot
OpenThread
CloseHandle
GlobalFree
GlobalAlloc
Process32Next
Process32First
Sleep
GetModuleHandleExA
IsBadReadPtr
GetComputerNameA
GetNativeSystemInfo
GetSystemWindowsDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
GetSystemInfo
SetLastError
GetModuleHandleA
GetModuleFileNameA
VirtualQuery
VirtualProtect
GetVersionExA
SetPriorityClass
SetThreadPriority
GetCurrentThread
TerminateProcess
HeapFree
GetCurrentDirectoryA
SetConsoleCtrlHandler
GetTickCount
GetACP
SystemTimeToFileTime
GetLocalTime
GetTempPathA
GetDiskFreeSpaceA
GetUserDefaultUILanguage
GetExitCodeThread
GetCurrentThreadId
DuplicateHandle
GetTickCount64
GetStartupInfoW
GetCurrentProcessId
GetCurrentProcess
GetProcessHeap
HeapAlloc
FreeLibraryAndExitThread
HeapCreate
GetCommandLineW

user32

LoadStringA
wsprintfA
AppendMenuA
TranslateMessage
DispatchMessageA
PeekMessageA
MessageBoxA
GetSystemMetrics
DrawMenuBar
GetSystemMenu
CharLowerBuffA
CallMsgFilterA
CharUpperBuffA

shell32

ShellExecuteExA

advapi32

RegDeleteValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CloseEventLog
OpenEventLogA
ReadEventLogA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
QueryServiceStatusEx
StartServiceA
QueryServiceStatus
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegFlushKey
RegDeleteKeyA
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegSetValueExA
RegEnumValueA
RegEnumKeyExA
GetSecurityDescriptorSacl
RegCreateKeyExA
GetUserNameA
ConvertStringSecurityDescriptorToSecurityDescriptorA
SetSecurityDescriptorSacl

psapi

GetModuleFileNameExA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ws2_32

gethostbyname
gethostbyaddr
sendto
recvfrom
inet_addr
bind
getpeername
WSAGetLastError
socket
shutdown
gethostname
send
select
recv
getsockopt
ioctlsocket
connect
closesocket
accept
__WSAFDIsSet
inet_ntoa
htons
WSACleanup
WSAStartup
freeaddrinfo
getaddrinfo
setsockopt

winhttp

WinHttpOpen
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpCloseHandle
WinHttpGetDefaultProxyConfiguration

crypt32

CertFindCertificateInStore
CertGetNameStringW
CertGetNameStringA
CertFreeCertificateContext
CryptQueryObject
CertCloseStore
CryptMsgGetParam
CryptMsgClose

wintrust

WinVerifyTrust

Sections

__wibu00
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu01
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu02
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu03
Size: 199KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu04
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu05
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

__wibu06
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu07
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu08
Size: 55KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu09
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

679c1a6b5c3b146afa6215d248262b3a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

advapi32

psapi

version

ws2_32

winhttp

crypt32

wintrust

Sections

__wibu00 Size: 5.7MB - Virtual size: 5.7MB

__wibu01 Size: 4KB - Virtual size: 4KB

__wibu02 Size: 1.1MB - Virtual size: 1.1MB

__wibu03 Size: 199KB - Virtual size: 1.1MB

__wibu04 Size: 1KB - Virtual size: 1KB

.rsrc Size: 313KB - Virtual size: 312KB

__wibu05 Size: 275KB - Virtual size: 274KB

__wibu06 Size: 1.7MB - Virtual size: 1.7MB

__wibu07 Size: 8KB - Virtual size: 8KB

__wibu08 Size: 55KB - Virtual size: 68KB

__wibu09 Size: 106KB - Virtual size: 108KB

__wibu00
Size: 5.7MB - Virtual size: 5.7MB

__wibu01
Size: 4KB - Virtual size: 4KB

__wibu02
Size: 1.1MB - Virtual size: 1.1MB

__wibu03
Size: 199KB - Virtual size: 1.1MB

__wibu04
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 313KB - Virtual size: 312KB

__wibu05
Size: 275KB - Virtual size: 274KB

__wibu06
Size: 1.7MB - Virtual size: 1.7MB

__wibu07
Size: 8KB - Virtual size: 8KB

__wibu08
Size: 55KB - Virtual size: 68KB

__wibu09
Size: 106KB - Virtual size: 108KB