2024-05-30_9cdcb0b11d63bdcc2e74a82fe2c0c8f5_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-30_9cdcb0b11d63bdcc2e74a82fe2c0c8f5_magniber
Size

4.0MB
MD5

9cdcb0b11d63bdcc2e74a82fe2c0c8f5
SHA1

24cd66ab3204c7691d1e06acc30d8234950574a7
SHA256

51c63d55952c2d5629589aba0fa5651e0d29797a995a4c9a99cf580fcf77c7ed
SHA512

b7c3dc0c81d02afa62c53ff62aa8736107619d601d9b93ef7a0545048f4b9790a81e1454660ee5aceba117aa18c65659a3ec33389f69bb1e9ebd8b42ce8173d3
SSDEEP

98304:6g7r9SdkzoeUCY0gEGvxgYHnx97cw4lFksSirQNesKP:NYYaGP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-05-30_9cdcb0b11d63bdcc2e74a82fe2c0c8f5_magniber

Files

2024-05-30_9cdcb0b11d63bdcc2e74a82fe2c0c8f5_magniber
.exe windows:5 windows x86 arch:x86

489cc4b87cc4427c3c376a154ba3271c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\SVN_Code\dtl_dep\utility\company_sdk_new\project\DtlAdTips\trunk\DtlAdTips_Cef\Release\dnewscenter_v12.pdb

Imports

kernel32

DeleteFileW
RemoveDirectoryW
GetModuleHandleA
GetSystemDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTempPathW
CreateEventW
ResetEvent
SetEvent
TerminateThread
GetExitCodeThread
SuspendThread
ResumeThread
CreateFileW
VirtualAlloc
lstrcmpA
lstrcpynW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
OpenEventW
WaitForMultipleObjects
UnmapViewOfFile
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCommandLineW
AttachConsole
GetConsoleDisplayMode
FreeConsole
WaitNamedPipeW
CreateThread
GetTickCount
VirtualFree
InterlockedIncrement
InterlockedDecrement
RaiseException
DecodePointer
ReadFile
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
Sleep
GetTempFileNameW
MoveFileExW
GetSystemTime
GetLongPathNameW
GetPrivateProfileStringW
OutputDebugStringW
GetWindowsDirectoryW
GetVersionExW
FreeLibrary
LoadLibraryW
GetExitCodeProcess
GetCurrentProcessId
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
SetEndOfFile
WriteConsoleW
SetEnvironmentVariableA
FindFirstFileW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
SetConsoleCtrlHandler
ReadConsoleW
GetConsoleMode
HeapDestroy
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetCurrentThread
GetACP
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetFullPathNameA
GetFullPathNameW
FormatMessageA
WriteFile
OutputDebugStringA
GetFileSize
DeleteFileA
GetModuleFileNameA
SetFileAttributesW
GetFileAttributesW
GetUserDefaultLangID
ReleaseSemaphore
OpenSemaphoreW
CreateSemaphoreW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateProcessW
WaitForSingleObject
WTSGetActiveConsoleSessionId
Process32NextW
ProcessIdToSessionId
CloseHandle
GetLastError
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
GetLocalTime
LocalFree
CreateDirectoryW
CreateDirectoryA
LocalAlloc
GetModuleFileNameW
lstrlenW
PeekNamedPipe
GetFileType
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
GetFileAttributesExW
LoadLibraryExW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
SetProcessWorkingSetSize
GetComputerNameW
CreateMutexW
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
InterlockedExchangeAdd
SetEnvironmentVariableW
GetEnvironmentVariableW
SetFileTime
MulDiv
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
VerSetConditionMask
VerifyVersionInfoW
QueryPerformanceCounter
QueryPerformanceFrequency
LocalFileTimeToFileTime
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
InterlockedExchange
TryEnterCriticalSection
SetThreadPriority
InterlockedCompareExchange
GetCPInfo
GetLocaleInfoW
SetFilePointer
CreateFileA
TerminateProcess
GetCurrentProcess
GetModuleHandleW
GetProcAddress
SystemTimeToFileTime
GetDiskFreeSpaceExW
FindFirstFileExW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
EncodePointer
GetStringTypeW
FormatMessageW
IsDebuggerPresent
FileTimeToSystemTime
FileTimeToLocalFileTime
CopyFileW
FindNextFileW
SetStdHandle
FindClose
MultiByteToWideChar
WideCharToMultiByte
FreeEnvironmentStringsW

user32

UnionRect
UpdateLayeredWindow
IsRectEmpty
GetUpdateRect
MoveWindow
EndPaint
BeginPaint
ReleaseCapture
SetCapture
GetFocus
InvalidateRect
GetPropW
SetPropW
CallWindowProcW
MonitorFromWindow
GetMessageW
SetFocus
EnableWindow
GetWindow
IsWindow
GetClassInfoExW
RegisterClassW
LoadCursorW
OffsetRect
DefWindowProcW
DestroyWindow
GetKeyState
CreateWindowExW
WaitMessage
RegisterClassExW
DispatchMessageW
MsgWaitForMultipleObjectsEx
CallMsgFilterW
GetQueueStatus
TranslateMessage
IsIconic
GetDesktopWindow
GetShellWindow
GetClassNameW
GetWindowRect
MonitorFromRect
GetMonitorInfoW
OpenClipboard
EqualRect
GetWindowLongW
EnumWindows
SetCursor
GetForegroundWindow
GetLastInputInfo
UnregisterClassW
FindWindowA
FindWindowExA
IsClipboardFormatAvailable
CharNextW
PeekMessageW
PostThreadMessageW
wsprintfW
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
FindWindowW
WindowFromPoint
SetParent
GetAncestor
PostMessageW
GetCursorPos
LoadImageW
SendMessageW
SetWindowPos
SetWindowTextW
SetTimer
KillTimer
FlashWindowEx
GetDC
ReleaseDC
GetClientRect
IsWindowVisible
PtInRect
GetSystemMetrics
SendMessageTimeoutW
PostQuitMessage
FindWindowExW
SetWindowLongW
ClientToScreen
AttachThreadInput
ShowWindow
SetForegroundWindow
GetActiveWindow
FlashWindow
SystemParametersInfoW
ScreenToClient
GetParent
MonitorFromPoint
IsZoomed
SetWindowRgn
SetClassLongW
MessageBoxW
MapWindowPoints
GetSysColor
GetWindowThreadProcessId
GetAsyncKeyState
IntersectRect

gdi32

SetStretchBltMode
GetObjectA
CreateRectRgnIndirect
CreateCompatibleDC
SetWindowOrgEx
DeleteObject
DeleteDC
SelectObject
ExtSelectClipRgn
CreateDIBSection
GetWindowOrgEx
GetObjectW
GetStockObject
CreateFontIndirectW
GetTextMetricsW
BitBlt
GetDeviceCaps
CreateRoundRectRgn
StretchBlt
SaveDC
RestoreDC

advapi32

RegCloseKey
AllocateAndInitializeSid
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptDestroyHash
CryptReleaseContext
GetUserNameA
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
RegQueryValueExW
InitializeSecurityDescriptor
RegSetValueExW
RegOpenKeyExW
CreateProcessAsUserW
AdjustTokenPrivileges
SetTokenInformation
DuplicateTokenEx
LookupPrivilegeValueW
GetTokenInformation
OpenProcessToken
FreeSid
SetSecurityDescriptorDacl
SetEntriesInAclW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHChangeNotify
SHAppBarMessage
Shell_NotifyIconA
Shell_NotifyIconW
ord165
SHGetFolderPathW
CommandLineToArgvW
SHGetMalloc
ShellExecuteW
SHFileOperationW

ole32

CreateStreamOnHGlobal
CoCreateGuid
CoInitialize
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
OleUninitialize
OleInitialize
StringFromGUID2
CLSIDFromString
CoTaskMemFree

oleaut32

VariantChangeType
VariantClear
VariantInit
SysFreeString
SysStringLen
SysAllocString
SetErrorInfo
CreateErrorInfo
GetErrorInfo

shlwapi

PathFileExistsW
PathFileExistsA
PathCombineW
PathRemoveFileSpecA
PathAppendW
PathRemoveFileSpecW
PathFindFileNameW
PathIsRelativeW
PathAppendA

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW
WTSQueryUserToken

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

crypt32

CertCloseStore
CertGetNameStringW
CertFreeCertificateContext
CryptDecodeObject
CryptQueryObject
CryptMsgClose
CertFindCertificateInStore
CryptMsgGetParam

wintrust

CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseCatalogContext
WinVerifyTrust
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATAdminEnumCatalogFromHash
CryptCATCatalogInfoFromContext

gdiplus

GdipAlloc
GdipFree
GdipCreateBitmapFromFileICM
GdipCloneImage
GdipRotateMatrix
GdipScaleMatrix
GdipTranslateMatrix
GdipMeasureString
GdipFillPath
GdipDrawPath
GdipFillEllipseI
GdipDrawEllipseI
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawRectangleI
GdipDrawBezierI
GdipSetSmoothingMode
GdipDrawLineI
GdipFillRectangle
GdipDeletePath
GdipTransformPath
GdipIsOutlineVisiblePathPointI
GdipIsVisiblePathPointI
GdipGetPathWorldBoundsI
GdipAddPathPolygonI
GdipAddPathPieI
GdipAddPathArcI
GdipAddPathEllipseI
GdipAddPathRectangleI
GdipAddPathCurveI
GdipAddPathBezierI
GdipCreateBitmapFromFile
GdipAddPathLineI
GdipClosePathFigure
GdipStartPathFigure
GdipGetPathFillMode
GdipSetPathFillMode
GdipResetPath
GdipClonePath
GdipCreatePath
GdipCreateTexture
GdipCreateBitmapFromHBITMAP
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDeletePen
GdipGetPenDashStyle
GdipSetPenDashStyle
GdipGetPenLineJoin
GdipSetPenLineJoin
GdipGetPenDashCap197819
GdipGetPenEndCap
GdipGetPenStartCap
GdipSetPenDashCap197819
GdipSetPenEndCap
GdipSetPenStartCap
GdipSetPenColor
GdipGetPenWidth
GdipSetPenWidth
GdipClonePen
GdipCreatePen1
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipDeleteMatrix
GdipCreateMatrix
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipCreateHBITMAPFromBitmap
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdiplusShutdown
GdiplusStartup
GdipAddPathLine2I

winmm

timeSetEvent
timeGetTime
timeKillEvent

comctl32

ord17
_TrackMouseEvent

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmSetOpenStatus
ImmGetContext
ImmGetOpenStatus

msimg32

AlphaBlend

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

setupapi

SetupFindFirstLineW
SetupGetLineCountW
SetupGetFieldCount
SetupGetStringFieldW
SetupFindNextLine
SetupCloseInfFile
SetupOpenInfFileW

winhttp

WinHttpReadData
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpConnect
WinHttpSetOption
WinHttpOpen
WinHttpCrackUrl
WinHttpCloseHandle
WinHttpQueryHeaders

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 858KB - Virtual size: 857KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 46KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 287KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

489cc4b87cc4427c3c376a154ba3271c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wtsapi32

userenv

crypt32

wintrust

gdiplus

winmm

comctl32

imm32

msimg32

version

setupapi

winhttp

dbghelp

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 858KB - Virtual size: 857KB

.data Size: 46KB - Virtual size: 79KB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 163KB - Virtual size: 163KB

.reloc Size: 287KB - Virtual size: 288KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 858KB - Virtual size: 857KB

.data
Size: 46KB - Virtual size: 79KB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 163KB - Virtual size: 163KB

.reloc
Size: 287KB - Virtual size: 288KB