2024-06-27_cfe1031a7ac631b18ce88ca211fb37f5_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-27_cfe1031a7ac631b18ce88ca211fb37f5_magniber
Size

1.7MB
MD5

cfe1031a7ac631b18ce88ca211fb37f5
SHA1

37530ddddb3d40740d1d889ecff726514b90edac
SHA256

79925fb82fc0f6db97797cf7d5b7551e9beb5649fa7ce70fdfab34f00671fe09
SHA512

cb42d8c62c540f6f83d039d877d40e7e5e8a829f82afbc69cc8a5bfb099e1e897fc6dcaebabb2162df8f2c7f7e488ea454be63900a79fbfca570dca1ee8a3ffa
SSDEEP

24576:SaZHf9nuZ5JwBY/utXIPHqAZMcNVNN+3CbVfN9Tk/ktqGnNeBLG:p9uZ56BY/W/MdN+3KlTTk/8XnNeBLG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-27_cfe1031a7ac631b18ce88ca211fb37f5_magniber

Files

2024-06-27_cfe1031a7ac631b18ce88ca211fb37f5_magniber
.exe windows:4 windows x86 arch:x86

5e9a05a32d02c4d751e616b4c0d3ec5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\BuildAgent\work\7bb44f9c18693ae7\QsrDisplayClient\Builds\Win32\Release (Static Runtime) v80\QsrDisplayClient.pdb

Imports

shell32

SHGetSpecialFolderPathW
SHFileOperationW
CommandLineToArgvW
ShellExecuteExW

gdi32

GetBkMode
SetLayout
CreateDIBSection
ExtTextOutW
SetTextColor
SetBkMode
DeleteDC
SelectObject
CreateCompatibleDC
SetPixel
GetTextMetricsW
GetTextExtentPoint32W
StretchBlt
BitBlt
RemoveFontResourceExW
AddFontResourceExW
CreateFontIndirectW
EnumFontFamiliesW
CreateCompatibleBitmap
GetStockObject
CreateSolidBrush
DeleteObject
GetObjectW
GetDeviceCaps
SetTextAlign
GetTextAlign

rpcrt4

RpcStringFreeA
UuidToStringA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

iphlpapi

GetNetworkParams
GetAdaptersInfo

winmm

PlaySoundW

gdiplus

GdipFree
GdiplusShutdown
GdiplusStartup
GdipAlloc
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipDrawImageRectRectI
GdipDisposeImage
GdipDrawImageRectI
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC

kernel32

InterlockedIncrement
lstrlenW
InterlockedDecrement
GetProcAddress
FreeLibrary
LoadLibraryW
CreateFileW
GetCurrentProcessId
SetUnhandledExceptionFilter
SetEvent
GetFileAttributesW
CreateEventW
GetExitCodeProcess
CreateProcessW
TerminateProcess
GetCurrentProcess
CreateThread
lstrlenA
DebugBreak
OutputDebugStringW
GetSystemInfo
OpenFileMappingW
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetTempFileNameW
GetTempPathW
SystemTimeToTzSpecificLocalTime
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalFree
FormatMessageW
GlobalAlloc
CreateDirectoryW
SystemTimeToFileTime
GetFileAttributesExW
RaiseException
SetEndOfFile
CreateFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
WideCharToMultiByte
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCurrentThreadId
MultiByteToWideChar
Sleep
InterlockedCompareExchange
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetStartupInfoA
GetFileType
SetHandleCount
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
GetConsoleMode
GetConsoleCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
GetStringTypeW
GetStringTypeA
ExitProcess
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
ExitThread
GetDateFormatA
GetTimeFormatA
SetConsoleCtrlHandler
RtlUnwind
GetStartupInfoW
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
IsDebuggerPresent
UnhandledExceptionFilter
GetTimeZoneInformation
FileTimeToLocalFileTime
lstrcpyW
MulDiv
GetVersionExW
GetComputerNameExW
GetDateFormatW
GetSystemTime
GetTimeFormatW
GetACP
Module32FirstW
CreateToolhelp32Snapshot
LocalFree
GetCommandLineW
SetEnvironmentVariableW
ReadFile
GetFileSize
CompareFileTime
GetSystemTimeAsFileTime
InterlockedExchange
DeleteFileW
LeaveCriticalSection
TryEnterCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleW
GetLastError
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexW
GetModuleFileNameW
QueryPerformanceFrequency
LoadLibraryA
SetWaitableTimer
CreateWaitableTimerW
CreateIoCompletionPort
FindClose
FindNextFileW
FindFirstFileW
GetFileTime
GlobalLock
GlobalUnlock
GetTickCount
GetLocalTime
WriteFile
SetFilePointer
ResetEvent
FlushFileBuffers
MoveFileW
WaitForMultipleObjects
SetFileTime
SetLastError
PostQueuedCompletionStatus
GetQueuedCompletionStatus

user32

DefWindowProcW
keybd_event
UnregisterClassA
wsprintfW
FillRect
ShowCursor
DrawTextW
GetMessageW
DestroyWindow
ReleaseDC
GetWindowDC
CreateWindowExW
RegisterClassW
GetClassInfoW
LoadCursorW
SetWindowPos
ShowWindow
InvalidateRect
SetFocus
SetForegroundWindow
BringWindowToTop
SendMessageW
EndPaint
BeginPaint
PostQuitMessage
MoveWindow
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
LoadIconW
PostMessageW
GetKeyState
LoadStringW
GetSystemMetrics
LoadImageW
SetTimer
KillTimer
GetActiveWindow
MessageBoxW
CharNextW
MapWindowPoints
GetWindowRect
GetWindowLongW
SetWindowLongW
GetDC
GetClientRect
GetWindow

advapi32

CryptGenRandom
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptReleaseContext
CryptAcquireContextA

ole32

CoInitializeEx
CoUninitialize
CoGetClassObject
CreateStreamOnHGlobal
CoCreateInstance
OleSetContainedObject
CoInitializeSecurity
CoSetProxyBlanket
CoCreateGuid

ws2_32

WSARecvFrom
WSARecv
WSASend
getpeername
WSASendTo
WSASocketW
recvfrom
send
sendto
bind
socket
setsockopt
closesocket
shutdown
select
recv
WSAIoctl
ntohs
htons
WSAStartup
WSACleanup
inet_addr
WSAGetLastError
WSASetLastError
getnameinfo
getsockname

msimg32

AlphaBlend
GradientFill

setupapi

SetupDiClassGuidsFromNameW

oleaut32

VariantInit
SysAllocString
SysFreeString
VariantClear

Sections

.text
Size: 976KB - Virtual size: 974KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e9a05a32d02c4d751e616b4c0d3ec5d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

gdi32

rpcrt4

version

iphlpapi

winmm

gdiplus

kernel32

user32

advapi32

ole32

ws2_32

msimg32

setupapi

oleaut32

Sections

.text Size: 976KB - Virtual size: 974KB

.rdata Size: 208KB - Virtual size: 205KB

.data Size: 32KB - Virtual size: 54KB

.rsrc Size: 456KB - Virtual size: 454KB

.reloc Size: 92KB - Virtual size: 90KB

.text
Size: 976KB - Virtual size: 974KB

.rdata
Size: 208KB - Virtual size: 205KB

.data
Size: 32KB - Virtual size: 54KB

.rsrc
Size: 456KB - Virtual size: 454KB

.reloc
Size: 92KB - Virtual size: 90KB