2024-06-03_d982198f744a84ced13a212cf62305fd_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-03_d982198f744a84ced13a212cf62305fd_magniber
Size

14.8MB
MD5

d982198f744a84ced13a212cf62305fd
SHA1

c33b413016185ae7715fba3f7a1aaf66b0be6f35
SHA256

273c96f1dc9167407d37c398e4534372a09f1c0cf504c5b2d78d5d9c37aaf3d5
SHA512

51762be63a54a3cda30618d12d9463d9463ebb5acffa64daabbae170201956c04c8ea53472f8026dc4306a8d612dae01392503fedc5b466d0db0d1e03367052e
SSDEEP

196608:gb4QG/3fzQW1MFUesFGIukbJ7s319pJa5byoIV7xGqqW8DUEU:KiPEsFGIukbJ7slFK2VVQA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-03_d982198f744a84ced13a212cf62305fd_magniber

Files

2024-06-03_d982198f744a84ced13a212cf62305fd_magniber
.exe windows:6 windows x86 arch:x86

91264a17c39f698319f12e0c79e74a5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\GitLabRunner\builds\b02d18e7\0\linkbit\build_RelWithDebInfo_VS2015_32\ATraderClient\RelWithDebInfo\ATraderClient_32.pdb

Imports

kernel32

HeapSize
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
GetProcessHeap
SetFilePointerEx
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetACP
GetModuleFileNameA
HeapFree
HeapReAlloc
HeapAlloc
SetConsoleCtrlHandler
GetFileType
SetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
InterlockedPushEntrySList
LoadLibraryExW
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
DecodePointer
GetCurrentProcess
TerminateProcess
GetTempPathW
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
GetModuleFileNameW
SizeofResource
LockResource
LoadResource
FindResourceW
GetCurrentThreadId
Sleep
InitializeConditionVariable
InitializeCriticalSectionEx
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObjectEx
QueryPerformanceFrequency
QueryPerformanceCounter
SleepConditionVariableCS
EnterCriticalSection
WakeConditionVariable
SetThreadPriority
LeaveCriticalSection
CloseHandle
TryEnterCriticalSection
CreateSemaphoreW
GetNativeSystemInfo
GetLastError
WideCharToMultiByte
LoadLibraryW
GetProcAddress
FreeLibrary
InitializeCriticalSection
CreateFileW
MultiByteToWideChar
DeleteFileW
TlsSetValue
GetModuleHandleExA
TlsAlloc
TlsGetValue
TlsFree
GetFullPathNameW
GetVersionExW
SystemTimeToFileTime
SetLastError
WaitForSingleObject
RaiseException
CreateThread
QueueUserAPC
SleepEx
GetStdHandle
WriteFile
OutputDebugStringA
GetModuleHandleA
FormatMessageA
AllocConsole
CreateEventW
SetEvent
ResetEvent
GetLocalTime
GetTimeFormatW
GetSystemTime
GetDateFormatW
LocalAlloc
FormatMessageW
LocalFree
OutputDebugStringW
GlobalFree
VirtualProtect
VirtualFree
VirtualAlloc
VirtualUnlock
GetSystemInfo
VirtualLock
WaitForMultipleObjects
GetCurrentThread
GetModuleHandleW
GetTickCount
ExitProcess
FindFirstFileW
FindNextFileW
FindClose
GetFileAttributesW
GetFileAttributesExW
FileTimeToSystemTime
MoveFileExW
CopyFileW
ReadFile
SetFilePointer
SetEndOfFile
GetFileSize
CreateNamedPipeW
DisconnectNamedPipe
ConnectNamedPipe
FlushFileBuffers
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetConsoleMode
ReadConsoleW
FreeConsole
WriteConsoleW
GetConsoleWindow
SetConsoleCursorPosition
WriteConsoleOutputW
OpenEventW
GetQueuedCompletionStatus
PostQueuedCompletionStatus
GetTickCount64
CreateIoCompletionPort
GetCommandLineW
GetTimeZoneInformation
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CreateTimerQueueTimer
DeleteTimerQueueEx
DeleteTimerQueueTimer
CreateTimerQueue
CreateProcessW
ResumeThread
SetThreadExecutionState
lstrcmpiW
QueryDosDeviceW
GetVolumeInformationW
FindFirstVolumeW
GetComputerNameW
FindVolumeClose
GetVolumePathNamesForVolumeNameW
FindNextVolumeW
CreateMutexW
ReleaseMutex
OpenMutexW
EncodePointer
DebugBreak

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory1

ws2_32

select
getsockname
ntohs
recvfrom
getsockopt
htonl
htons
sendto
bind
WSARecvFrom
WSAGetLastError
ntohl
gethostbyname
WSAStartup
WSASocketW
WSACleanup
setsockopt
closesocket
WSASendTo

wininet

InternetQueryOptionW

winhttp

WinHttpWriteData
WinHttpGetProxyForUrl
WinHttpReceiveResponse
WinHttpOpen
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpConnect
WinHttpSetStatusCallback
WinHttpSendRequest
WinHttpCloseHandle
WinHttpSetOption
WinHttpOpenRequest
WinHttpReadData

winmm

timeKillEvent
timeSetEvent
waveOutUnprepareHeader
timeBeginPeriod
timeGetTime
waveInGetDevCapsW
waveInMessage
waveOutGetDevCapsW
waveInGetNumDevs
waveOutGetNumDevs
waveOutMessage
waveOutOpen
waveOutClose
waveInStart
waveInOpen
waveInStop
waveInClose
waveInAddBuffer
waveOutPrepareHeader
waveInUnprepareHeader
waveOutWrite
timeEndPeriod
waveInPrepareHeader

user32

UnregisterClassW
RegisterWindowMessageW
RegisterClassW
SetWindowLongW
GetMessageW
PostMessageW
DispatchMessageW
TranslateMessage
PostThreadMessageW
CharUpperW
CharLowerW
CharUpperBuffW
CharLowerBuffW
PostQuitMessage
DrawIconEx
SetThreadDesktop
GetThreadDesktop
CloseDesktop
OpenInputDesktop
GetUserObjectInformationW
OpenDesktopW
DefWindowProcW
DestroyWindow
SetWindowPos
CreateWindowExW
RegisterClassExW
ShowWindow
GetWindowRect
GetWindowPlacement
GetIconInfo
GetWindowLongW
GetWindow
IsWindowVisible
IsWindow
InternalGetWindowText
EnumWindows
BringWindowToTop
GetClassNameW
EnumDisplayDevicesW
EnumDisplaySettingsExW
GetSystemMetrics
ReleaseDC
GetAncestor
LoadCursorW
GetCursorInfo
WindowFromPoint
GetDC
IsIconic
SetForegroundWindow
PrintWindow
GetWindowDC

gdi32

GetObjectW
CreateDIBSection
GetDeviceCaps
GetDIBits
DeleteDC
DeleteObject
BitBlt
SelectObject
CreateCompatibleDC

shell32

SHGetFolderLocation
SHGetPathFromIDListW

ole32

CoInitialize
CoCreateGuid
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
CoCreateInstance

oleaut32

VariantInit

advapi32

GetTokenInformation
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
SystemFunction036
RegOpenKeyExW
RegQueryValueExW
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken

Exports

Exports

opus_decode
opus_decode_float
opus_decoder_create
opus_decoder_ctl
opus_decoder_destroy
opus_decoder_get_nb_samples
opus_decoder_get_size
opus_decoder_init
opus_encode
opus_encode_float
opus_encoder_create
opus_encoder_ctl
opus_encoder_destroy
opus_encoder_get_size
opus_encoder_init
opus_get_version_string
opus_multistream_packet_pad
opus_multistream_packet_unpad
opus_packet_get_bandwidth
opus_packet_get_nb_channels
opus_packet_get_nb_frames
opus_packet_get_nb_samples
opus_packet_get_samples_per_frame
opus_packet_pad
opus_packet_parse
opus_packet_unpad
opus_pcm_soft_clip
opus_repacketizer_cat
opus_repacketizer_create
opus_repacketizer_destroy
opus_repacketizer_get_nb_frames
opus_repacketizer_get_size
opus_repacketizer_init
opus_repacketizer_out
opus_repacketizer_out_range
opus_strerror

Sections

.text
Size: 10.9MB - Virtual size: 10.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 713KB - Virtual size: 769KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 601B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 603KB - Virtual size: 603KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 598KB - Virtual size: 597KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91264a17c39f698319f12e0c79e74a5e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

d3d11

dxgi

ws2_32

wininet

winhttp

winmm

user32

gdi32

shell32

ole32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 10.9MB - Virtual size: 10.9MB

.rdata Size: 2.0MB - Virtual size: 2.0MB

.data Size: 713KB - Virtual size: 769KB

.rodata Size: 3KB - Virtual size: 2KB

.gfids Size: 2KB - Virtual size: 2KB

.tls Size: 1024B - Virtual size: 601B

_RDATA Size: 4KB - Virtual size: 3KB

.rsrc Size: 603KB - Virtual size: 603KB

.reloc Size: 598KB - Virtual size: 597KB

.text
Size: 10.9MB - Virtual size: 10.9MB

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 713KB - Virtual size: 769KB

.rodata
Size: 3KB - Virtual size: 2KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 1024B - Virtual size: 601B

_RDATA
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 603KB - Virtual size: 603KB

.reloc
Size: 598KB - Virtual size: 597KB