2024-06-04_3b45cffe519ebe7d2017ba7998fb4099_bkransomware_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-04_3b45cffe519ebe7d2017ba7998fb4099_bkransomware_magniber
Size

18.5MB
MD5

3b45cffe519ebe7d2017ba7998fb4099
SHA1

c7b027f0c832460fda22c60e4e4a06defb8ce650
SHA256

16d7fc5e14abd09945ed9719e7906996d716d309c0e04436f2f7fd46184e2d69
SHA512

1ab4cb62116dc9809b2f389d3aea412d18b5935cedcb49ee109c6c786fcf7c806e73ee2df53610183531def6e1f1b624f0aa5091c2fd7ac639a3883aa70eb263
SSDEEP

393216:KRdSeb/VgKOdOFiIZYvxxOW4zqGagsscCiU7L1Pd02JR:qVVedOZMYW7gsshNdP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-04_3b45cffe519ebe7d2017ba7998fb4099_bkransomware_magniber

Files

2024-06-04_3b45cffe519ebe7d2017ba7998fb4099_bkransomware_magniber
.exe windows:5 windows x86 arch:x86

422b97743685b234775ac7bae8893678

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileW

shlwapi

PathCombineW
PathAppendW
UrlCombineW

user32

DrawTextW
MsgWaitForMultipleObjects
BeginPaint
TranslateMessage
PostQuitMessage
LoadIconW
PeekMessageW
RedrawWindow
ShowWindow
CreateWindowExW
UpdateWindow
DefWindowProcW
DispatchMessageW
GetMessageW
EndPaint
RegisterClassExW

kernel32

RaiseException
SetEndOfFile
LoadLibraryW
WriteConsoleW
SetStdHandle
ReadConsoleW
CreateFileW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetEnvironmentVariableW
CreateMutexW
FindFirstFileW
FindResourceW
LoadResource
CompareFileTime
CopyFileW
SizeofResource
GetVersionExW
GetLastError
FindClose
LockResource
FindNextFileW
CloseHandle
DeleteFileW
GetThreadTimes
OutputDebugStringW
HeapReAlloc
GetOEMCP
WideCharToMultiByte
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
MultiByteToWideChar
GetStringTypeW
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapFree
GetFullPathNameW
GetCPInfo
GetCommandLineA
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
CreateThread
ExitThread
LoadLibraryExW
RtlUnwind
HeapAlloc
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
GetStdHandle
GetFileType
GetProcessHeap
ExitProcess
GetModuleHandleExW
ReadFile
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
GetDriveTypeW
GetCurrentDirectoryW
HeapSize
GetModuleFileNameA
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP

shell32

SHGetPathFromIDListW
SHGetFolderPathW
ShellExecuteExW
SHBrowseForFolderW

Sections

.text
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18.2MB - Virtual size: 18.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

422b97743685b234775ac7bae8893678

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

shlwapi

user32

kernel32

shell32

Sections

.text Size: 216KB - Virtual size: 216KB

.rdata Size: 55KB - Virtual size: 54KB

.data Size: 11KB - Virtual size: 34KB

.rsrc Size: 18.2MB - Virtual size: 18.2MB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 216KB - Virtual size: 216KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 11KB - Virtual size: 34KB

.rsrc
Size: 18.2MB - Virtual size: 18.2MB

.reloc
Size: 13KB - Virtual size: 13KB