2024-06-26_e8168b1e0cd0cbe752a62324134184b5_magniber_revil

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-26_e8168b1e0cd0cbe752a62324134184b5_magniber_revil
Size

5.7MB
MD5

e8168b1e0cd0cbe752a62324134184b5
SHA1

19b3819cad74f647aada914cba0f3a06a3b48c68
SHA256

10df8d8d31779bcf55916f483bddc60851b278694b517802048a3aa4861b16e0
SHA512

c3edb25b6a9eb07e39c95c5d37221b7e17d8e468b06a7e463ebacb02ed33eda956c2b6bbe95c0b730766c07b00e1f6785fcea8fb1a35c9b00b60b42294e9d246
SSDEEP

98304:7oTLhg63ZvruDYKiBaAui5EQhE4YcGB0MqaITqbOBmyXiuXEUHmDwDh/XH/cD3p8:78ZvruDYKiBa05EQhElcGKMvITqyBmyt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-26_e8168b1e0cd0cbe752a62324134184b5_magniber_revil

Files

2024-06-26_e8168b1e0cd0cbe752a62324134184b5_magniber_revil
.exe windows:6 windows x86 arch:x86

359349036a8ce01e7243c1a7342155a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wldap32

ord127
ord27
ord26
ord117
ord41
ord208
ord216
ord14
ord167
ord79
ord46
ord219
ord133
ord147
ord301
ord142
ord145

kernel32

InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
ResetEvent
GetUserDefaultLCID
SearchPathW
GetProfileIntW
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
VirtualFree
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetThreadPriority
SwitchToThread
SignalObjectAndWait
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetConsoleCP
ReadConsoleW
WriteConsoleW
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
SetFilePointerEx
GetDriveTypeW
SetStdHandle
QueryPerformanceFrequency
VirtualAlloc
GetCommandLineW
GetCommandLineA
GetTempFileNameW
SetConsoleCtrlHandler
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
DosDateTimeToFileTime
GetLocalTime
ExitProcess
GetACP
CreateMutexW
GetVersionExA
SetEnvironmentVariableA
OutputDebugStringW
FormatMessageA
CreateWaitableTimerA
GetLogicalProcessorInformation
OpenEventA
GetSystemTime
GlobalMemoryStatus
FlushConsoleInputBuffer
GetCPInfo
LCMapStringW
GetStringTypeW
TryEnterCriticalSection
MoveFileExW
CompareFileTime
GetEnvironmentVariableA
PeekNamedPipe
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
GetCurrentDirectoryW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileType
VirtualQuery
GetStdHandle
DecodePointer
CloseHandle
RaiseException
GetLastError
SetLastError
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
DeleteCriticalSection
SetEvent
ReleaseSemaphore
WaitForSingleObject
SleepEx
WaitForSingleObjectEx
WaitForMultipleObjectsEx
CreateEventA
CreateEventW
SetWaitableTimer
Sleep
QueueUserAPC
GetCurrentProcessId
TerminateProcess
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
HeapQueryInformation
TlsFree
OpenProcess
GetSystemTimeAsFileTime
GetModuleFileNameW
WaitForMultipleObjects
GetFileAttributesExW
FileTimeToLocalFileTime
VirtualProtect
GetCurrentThread
GlobalFlags
GetUserDefaultUILanguage
GetLocaleInfoW
CompareStringW
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
EncodePointer
SystemTimeToFileTime
FileTimeToSystemTime
GlobalGetAtomNameW
lstrcmpA
ResumeThread
SetThreadPriority
FormatMessageW
MulDiv
GlobalSize
LockResource
LocalFree
LocalReAlloc
LocalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
OutputDebugStringA
GetCurrentThreadId
SetUnhandledExceptionFilter
GetVersionExW
CreateThread
WriteFile
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MoveFileW
GetModuleHandleA
GetSystemDirectoryW
GetSystemInfo
GetCurrentProcess
lstrcpyW
GetModuleHandleW
CreateFileW
CopyFileW
SetFileAttributesW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
FindResourceW
SizeofResource
LoadResource
FreeResource
CreateMutexA
ReleaseMutex
GetTickCount
GetPrivateProfileIntW
GetModuleFileNameA
InitializeCriticalSection
GetTempPathW
DeleteFileW
CreateDirectoryW
WideCharToMultiByte
WritePrivateProfileStringA
LoadLibraryW
GetProcAddress
FreeLibrary
CreateProcessW
DeviceIoControl
CreateFileA
GetEnvironmentVariableW
MultiByteToWideChar
VerifyVersionInfoW
GetPrivateProfileStringA
CreateWaitableTimerW
CreateSemaphoreA
OpenMutexA

user32

CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
SetWindowRgn
SetClassLongW
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
GetMenuDefaultItem
NotifyWinEvent
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
AdjustWindowRectEx
GetWindowRect
GetClientRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
GetForegroundWindow
GetClassNameW
wsprintfW
MoveWindow
GetWindowLongW
SetWindowLongW
SystemParametersInfoW
SendMessageW
PostMessageW
PostQuitMessage
KillTimer
CreatePopupMenu
DestroyMenu
AppendMenuW
TrackPopupMenu
UpdateWindow
SetForegroundWindow
MessageBoxW
FindWindowW
InvalidateRgn
GetCaretPos
ShowCaret
CharPrevW
CharNextW
RegisterClassExW
GetCaretBlinkTime
SetCaretPos
CreateCaret
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
GetCursorPos
LoadIconW
UnhookWindowsHookEx
EnableWindow
IsWindowEnabled
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
SetWindowsHookExW
CallNextHookEx
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
DeleteMenu
SetCursor
ShowOwnedPopups
LoadImageW
InvalidateRect
TrackMouseEvent
IntersectRect
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
InflateRect
GetMenuItemInfoW
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RealChildWindowFromPoint
GetDesktopWindow
ClientToScreen
CharUpperW
DestroyIcon
IsDialogMessageW
SetWindowTextW
CheckDlgButton
ShowWindow
GetMonitorInfoW
MonitorFromWindow
CreateMenu
GetWindowRgn
DestroyCursor
SetTimer
LoadCursorW
GetWindowTextW
GetWindowTextLengthW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
RegisterWindowMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetTopWindow
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetDlgItem
GetDlgCtrlID
SetFocus
GetCapture
GetMenu
SetMenu
SetActiveWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetClassLongW

gdi32

GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteObject
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
SetPolyFillMode
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CreateRectRgnIndirect
PatBlt
SetRectRgn
SetROP2
SetStretchBltMode
SetTextAlign
Polyline
EnumFontFamiliesW
GetObjectA
GetCharABCWidthsW
LPtoDP
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
CopyMetaFileW
CombineRgn

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

CryptEnumProvidersA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExW
RegCloseKey
StartServiceW
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
CloseServiceHandle
CryptSignHashA

shell32

SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
Shell_NotifyIconW
SHGetFileInfoW
ShellExecuteW
SHGetDesktopFolder
SHAppBarMessage
SHGetPathFromIDListW
DragFinish
DragQueryFileW

ole32

OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromString
CoDisconnectObject
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
ReleaseStgMedium
CLSIDFromProgID
CoCreateGuid
CoTaskMemFree
OleDuplicateData
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantTimeToSystemTime
VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate
VariantInit
SysAllocString
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
LoadTypeLi
SysFreeString

iphlpapi

GetExtendedTcpTable
GetAdaptersInfo

crypt32

CertDuplicateCertificateContext
CertFindCertificateInStore
CertOpenStore
CertOpenSystemStoreW
CertGetIntendedKeyUsage
CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CertGetCertificateContextProperty

shlwapi

StrFormatKBSizeW
wnsprintfW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW

ws2_32

getsockopt
inet_addr
gethostbyname
bind
closesocket
ioctlsocket
htonl
htons
ntohl
ntohs
setsockopt
WSAStartup
WSACleanup
WSASetLastError
WSAGetLastError
WSASend
WSASocketW
getpeername
getsockname
select
shutdown
WSARecv
listen
getaddrinfo
freeaddrinfo
__WSAFDIsSet
accept
connect
gethostname
sendto
recvfrom
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
socket
send
recv
WSAIoctl
getservbyname

mswsock

AcceptEx
GetAcceptExSockaddrs

msimg32

AlphaBlend
TransparentBlt

uxtheme

DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize

gdiplus

GdipFree
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipAlloc
GdipLoadImageFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdiplusShutdown
GdipCreateBitmapFromStream
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipDrawPath
GdipAddPathArcI
GdipAddPathLineI
GdipDeletePath
GdipCreatePath
GdipDrawRectangleI
GdipSetPenMode
GdipDrawLineI
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipFillRectangleI
GdipDrawString
GdipMeasureString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipDrawImageRectI
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipCreateFromHDC
GdipSetInterpolationMode
GdiplusStartup

imm32

ImmGetOpenStatus
ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

dbghelp

MiniDumpWriteDump

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundW

comctl32

ord17
_TrackMouseEvent

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 900KB - Virtual size: 900KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 614KB - Virtual size: 614KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

359349036a8ce01e7243c1a7342155a5

Headers

DLL Characteristics

File Characteristics

Imports

wldap32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

iphlpapi

crypt32

shlwapi

ws2_32

mswsock

msimg32

uxtheme

gdiplus

imm32

dbghelp

oleacc

winmm

comctl32

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.rdata Size: 900KB - Virtual size: 900KB

.data Size: 84KB - Virtual size: 128KB

.gfids Size: 106KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 614KB - Virtual size: 614KB

.reloc Size: 234KB - Virtual size: 233KB

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 900KB - Virtual size: 900KB

.data
Size: 84KB - Virtual size: 128KB

.gfids
Size: 106KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 614KB - Virtual size: 614KB

.reloc
Size: 234KB - Virtual size: 233KB