2024-06-09_95be2d3b09f76b4fea73f11c03f012aa_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-09_95be2d3b09f76b4fea73f11c03f012aa_magniber
Size

3.5MB
MD5

95be2d3b09f76b4fea73f11c03f012aa
SHA1

22c6ed4b70e9dba295cd3696eef6e5f119f2d4cf
SHA256

b83939b25a1e3d2b02f0eb3cd3058c372bdd3e059953cb08e34879168a224ad6
SHA512

9996327d6d19f978cbf3bb96498a1c1fc13f5e4fa394e74dc0cfcadae8070a9ed91bbc92f4b2bb7a6b575c6f77c7d6586f178af28285ebacf135c35384f3eba6
SSDEEP

49152:jfbyWGQbDxT9slIC+sQUnccOLzR0GJuJqv/tIKojsSxlHOHjvh+DCi8sx8OmpXmI:3yWGQ596GMkvFIHoYJOHjADCi8bx1es

Score

1^/10

Malware Config

Signatures

Files

2024-06-09_95be2d3b09f76b4fea73f11c03f012aa_magniber
.exe windows:6 windows x86 arch:x86

478d5d0488639b34b8a9309fc3b2e688

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/01/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:6f:52:2e:cc:1a:cd:07:15:dd:09:7d:3c:12:cd:e3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/08/2023, 00:00

Not After

27/08/2026, 23:59

Subject

CN=SHENZHEN SHINETEK TECHNOLOGY CO.\,LTD,O=SHENZHEN SHINETEK TECHNOLOGY CO.\,LTD,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:c8:70:ac:0c:dd:a9:31:c9:aa:b7:fa:74:cc:b2:33:be:b6:95:49:19:2c:39:15:66:ce:00:7a:9b:d3:e1:b7
Signer

Actual PE Digest

6c:c8:70:ac:0c:dd:a9:31:c9:aa:b7:fa:74:cc:b2:33:be:b6:95:49:19:2c:39:15:66:ce:00:7a:9b:d3:e1:b7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Workspace\drive\045单模\丰润\Redragon K512-RGB(045B)\project\Redragon K512-RGB(045B)-V1中英文\Release\Trust GXT 878.pdb

Imports

kernel32

GetVersionExA
GetLocalTime
GetVersionExW
IsBadReadPtr
FindResourceW
SizeofResource
LockResource
LoadResource
FreeResource
SetLastError
GetFullPathNameW
FindFirstFileW
FindClose
DeleteFileW
GetFileAttributesExW
CreateDirectoryW
GetFullPathNameA
GetCurrentDirectoryW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
lstrlenA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSizeEx
GetFileInformationByHandle
LoadLibraryW
MulDiv
GetProcAddress
FreeLibrary
GetTickCount
FlushInstructionCache
LeaveCriticalSection
SetEndOfFile
FlushFileBuffers
HeapSize
OutputDebugStringA
SetEnvironmentVariableW
EnterCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
GetModuleHandleW
GetProcessHeap
GetTimeZoneInformation
SetStdHandle
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileType
WriteConsoleW
GetCurrentThread
GetACP
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
HeapReAlloc
QueryPerformanceFrequency
InterlockedFlushSList
InterlockedPushEntrySList
LoadLibraryExW
RtlUnwind
OutputDebugStringW
InitializeSListHead
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GlobalLock
GlobalUnlock
GlobalAlloc
LocalFree
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
EncodePointer
GetStringTypeW
GetModuleHandleA
LoadLibraryA
SetConsoleCtrlHandler
InitializeCriticalSection
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
WideCharToMultiByte
MultiByteToWideChar
SetCurrentDirectoryW
GetModuleFileNameW
IsWow64Process
CreateProcessW
CreateEventW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
DecodePointer
RaiseException
GetCurrentProcess
Sleep
GetCurrentThreadId
CreateThread
DeviceIoControl
CancelIo
SetEvent
ReadFile
GetOverlappedResult
ResetEvent
GetFileAttributesW
WaitForMultipleObjects
WriteFile
CloseHandle
CreateFileW
GetLastError
ReleaseMutex
WaitForSingleObject
CreateMutexW
SetEnvironmentVariableA

user32

CharLowerBuffW
MapVirtualKeyA
UpdateLayeredWindow
SystemParametersInfoA
DrawTextW
GetWindowPlacement
GetSystemMetrics
GetDlgCtrlID
SetWindowTextW
CallWindowProcW
SetPropW
GetParent
SetWindowLongW
SendMessageW
CharLowerW
wsprintfW
RegisterDeviceNotificationW
GetActiveWindow
UnregisterClassW
SystemParametersInfoW
PostMessageW
ClientToScreen
DestroyWindow
ShowWindow
OffsetRect
PtInRect
GetWindow
GetDesktopWindow
IsWindow
IsIconic
IsWindowVisible
SetForegroundWindow
InflateRect
CopyRect
SetMenuContextHelpId
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
DeleteMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
CheckMenuItem
DestroyMenu
GetPropW
IsMenu
LoadImageW
CreateIconFromResource
GetSysColor
EnableMenuItem
GetIconInfo
CharNextW
LoadIconW
MessageBoxW
GetForegroundWindow
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetKeyState
GetFocus
GetClassNameW
ScreenToClient
SetCaretPos
HideCaret
GetCaretBlinkTime
CreateCaret
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
UpdateWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsZoomed
SetLayeredWindowAttributes
AnimateWindow
TrackMouseEvent
GetMonitorInfoW
MonitorFromWindow
MapWindowPoints
GetWindowRect
GetClientRect
CreateWindowExW
RegisterClassExW
DefWindowProcW
GetWindowLongW
SetActiveWindow
IsWindowEnabled
EnableWindow
SetWindowPos
PostQuitMessage
DestroyCursor
LoadCursorW
EqualRect
UnionRect
IntersectRect
DrawIconEx
SetRect
SetCursor
DestroyIcon
KillTimer
SetTimer
GetCursorPos
RegisterWindowMessageW
IsRectEmpty
GetWindowTextW
EndDialog
LoadBitmapW
RemovePropW
GetDlgItem
CreatePopupMenu

gdi32

ExtTextOutW
SetTextAlign
SetTextColor
GetTextFaceW
GetTextMetricsW
SetWorldTransform
SetViewportOrgEx
CreateCompatibleBitmap
StretchBlt
GetDCOrgEx
GetObjectW
SetBkMode
Rectangle
GetStockObject
GetClipBox
CreateSolidBrush
CreateFontIndirectW
SelectObject
DeleteDC
CreateCompatibleDC
CreateBitmap
CreateRoundRectRgn
EnumFontsW
SetGraphicsMode
GetDeviceCaps
DeleteObject
BitBlt
RemoveFontMemResourceEx
AddFontMemResourceEx
GetTextExtentPointI
GetGlyphIndicesW
GetFontUnicodeRanges
ExtCreateRegion
GetRegionData
IntersectClipRect
SelectClipRgn
CreateDIBSection
GetCurrentObject
GetViewportOrgEx
EnumFontFamiliesExW
GetCharABCWidthsW
GetFontData
GetGlyphOutlineW
GetOutlineTextMetricsW
GdiFlush

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

Shell_NotifyIconW
ShellExecuteW

ole32

OleLockRunning
CLSIDFromString
CoCreateGuid
OleInitialize
IIDFromString
CreateStreamOnHGlobal
OleUninitialize
CreateBindCtx
CoCreateInstance
CLSIDFromProgID

oleaut32

SetErrorInfo
GetErrorInfo
VariantInit
VariantChangeType
SysAllocString
SysFreeString
VariantClear
CreateErrorInfo

shlwapi

PathFindExtensionW
StrToIntExW

hid

HidD_GetHidGuid
HidD_GetProductString
HidD_GetManufacturerString
HidD_GetSerialNumberString
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetAttributes
HidD_SetFeature
HidD_GetFeature

setupapi

CM_Get_Device_Interface_List_SizeW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
CM_Get_Device_Interface_ListW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW

imm32

ImmGetContext
ImmAssociateContext
ImmReleaseContext

gdiplus

GdipGetImageEncodersSize
GdipDrawImageRectI
GdipGraphicsClear
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImageEncoders
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetPropertyItem
GdipGetImageGraphicsContext

usp10

ScriptShape
ScriptItemize
ScriptFreeCache

opengl32

wglGetProcAddress
wglGetCurrentContext

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 647KB - Virtual size: 647KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

478d5d0488639b34b8a9309fc3b2e688

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:6f:52:2e:cc:1a:cd:07:15:dd:09:7d:3c:12:cd:e3Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

6c:c8:70:ac:0c:dd:a9:31:c9:aa:b7:fa:74:cc:b2:33:be:b6:95:49:19:2c:39:15:66:ce:00:7a:9b:d3:e1:b7Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

shlwapi

hid

setupapi

imm32

gdiplus

usp10

opengl32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 647KB - Virtual size: 647KB

.data Size: 68KB - Virtual size: 159KB

.gfids Size: 2KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 119KB - Virtual size: 118KB

.reloc Size: 155KB - Virtual size: 155KB

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:6f:52:2e:cc:1a:cd:07:15:dd:09:7d:3c:12:cd:e3
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

6c:c8:70:ac:0c:dd:a9:31:c9:aa:b7:fa:74:cc:b2:33:be:b6:95:49:19:2c:39:15:66:ce:00:7a:9b:d3:e1:b7
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 647KB - Virtual size: 647KB

.data
Size: 68KB - Virtual size: 159KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 119KB - Virtual size: 118KB

.reloc
Size: 155KB - Virtual size: 155KB