D:\qba1\workspace\6695\irst_installer\SourceCode\Release\Setup.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-07-09_361265f1a19a3edb9046210f050cd4b4_magniber.exe
Resource
win7-20240705-en
windows7-x64
16 signatures
150 seconds
General
-
Target
2024-07-09_361265f1a19a3edb9046210f050cd4b4_magniber
-
Size
23.1MB
-
MD5
361265f1a19a3edb9046210f050cd4b4
-
SHA1
37a455dfea7679ed4776fd6c069745835fff72eb
-
SHA256
5851710f3cde09412d8988a2fd37d99624a82aa2490da8a868853d8befaf2a45
-
SHA512
aae262a004122c76f6149ccb8c415e9d1780d2b25822329e18b950b283c6dc438b886e5e1d116f4410a6655b6422839e69e0b03c583512807b5ea85fd3d3d22a
-
SSDEEP
393216:RMTA7ziryKcdML57DmNp5dW5bWNPijdj2oU6UjxoeSTZ0YkOSIamWiwGwsKKHdte:RkizdKcdML57DmNbIyJijzUyTZ005Jwt
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-07-09_361265f1a19a3edb9046210f050cd4b4_magniber
Files
-
2024-07-09_361265f1a19a3edb9046210f050cd4b4_magniber.exe windows:6 windows x86 arch:x86
78b47175a101388c95b04592ca07d66e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
setupapi
SetupFindNextLine
SetupGetStringFieldW
SetupGetLineTextW
SetupFindFirstLineW
SetupDiGetDevicePropertyW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiDestroyDeviceInfoList
SetupDiRemoveDevice
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
CM_Locate_DevNodeA
CM_Reenumerate_DevNode
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
cfgmgr32
CM_Get_DevNode_PropertyW
rpcrt4
RpcStringBindingComposeW
RpcStringFreeW
NdrClientCall2
RpcBindingFromStringBindingW
kernel32
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
LoadResource
LockResource
SizeofResource
GetTempFileNameW
MoveFileW
MoveFileExW
ExpandEnvironmentStringsW
GetFileSize
ReadFile
GetFileAttributesW
IsWow64Process
GetCurrentProcess
CreateProcessW
GetExitCodeProcess
GetCurrentDirectoryW
GetDriveTypeW
SetFilePointer
GetProcAddress
GetTickCount
Sleep
ExitProcess
GetNativeSystemInfo
LoadLibraryExW
EnumResourceLanguagesW
GetLocaleInfoW
GetUserDefaultUILanguage
OpenMutexW
ReleaseMutex
CreateMutexW
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocalTime
GetTempPathW
CreateDirectoryW
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
DecodePointer
FileTimeToSystemTime
EnterCriticalSection
LeaveCriticalSection
CreateFileA
DeviceIoControl
ResetEvent
lstrlenA
GetDiskFreeSpaceExA
CreateMutexA
SetEvent
GetCurrentThreadId
CreateEventA
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoA
K32GetModuleBaseNameW
GetFinalPathNameByHandleW
OpenFileById
GetModuleHandleExW
CreateFileW
OpenEventA
OpenMutexA
CreateSemaphoreA
GetFirmwareEnvironmentVariableA
SetFirmwareEnvironmentVariableA
HeapReAlloc
HeapFree
HeapAlloc
GetACP
ExitThread
RtlUnwind
InterlockedPushEntrySList
FreeLibraryAndExitThread
GetThreadTimes
CreateThread
GetStartupInfoW
IsDebuggerPresent
GetCurrentProcessId
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
GetCPInfo
EncodePointer
QueryPerformanceCounter
MultiByteToWideChar
WriteFile
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
GetSystemPowerStatus
GetEnvironmentVariableW
FindResourceW
GetCommandLineW
VerSetConditionMask
VerifyVersionInfoW
WaitForSingleObject
DeleteFileW
RemoveDirectoryW
CopyFileW
SetFileAttributesW
GetModuleFileNameW
LocalAlloc
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
MulDiv
GetModuleHandleW
SetDefaultDllDirectories
GlobalDeleteAtom
SetLastError
GetLastError
GlobalAddAtomW
GlobalFindAtomW
LocalFree
FormatMessageW
GetStdHandle
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
ReadConsoleW
HeapSize
WriteConsoleW
GetSystemTimeAsFileTime
GetCurrentThread
WaitForSingleObjectEx
GetStringTypeW
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
user32
GetWindowTextLengthW
SetRectEmpty
LoadStringW
MessageBoxIndirectW
FillRect
SetRect
GetWindowLongW
EnableWindow
SetDlgItemTextW
InvalidateRect
GetParent
EndDialog
SetWindowTextW
GetWindowTextW
DrawTextW
GetDlgItem
GetClientRect
SetWindowPos
GetWindowRect
DestroyWindow
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
ShowWindow
SetWindowLongW
CreateDialogIndirectParamW
ExitWindowsEx
SendMessageW
MoveWindow
MonitorFromWindow
GetMonitorInfoW
CreateWindowExW
MessageBoxW
wsprintfW
ReleaseDC
GetDC
LoadImageW
AdjustWindowRectEx
GetSystemMetrics
CallWindowProcW
OpenClipboard
EmptyClipboard
CloseClipboard
CopyRect
OffsetRect
SetFocus
MapDialogRect
UpdateWindow
LoadCursorW
SetCursor
SetClassLongW
InflateRect
GetClassNameW
MapWindowPoints
GetWindow
SetClipboardData
gdi32
GetTextMetricsW
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
SetBkMode
SetTextColor
GetObjectW
GetStockObject
CreateFontW
GetDeviceCaps
DeleteObject
StretchBlt
advapi32
RegDeleteTreeW
EnumDependentServicesW
StartServiceW
ChangeServiceConfigW
RegSetKeyValueW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExW
TraceMessage
RegQueryValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyExA
RegSetValueExA
SetSecurityDescriptorDacl
RegCloseKey
InitializeSecurityDescriptor
SetEntriesInAclW
DeleteService
ControlService
OpenServiceW
CloseServiceHandle
OpenSCManagerW
QueryServiceStatusEx
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
shell32
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderLocation
SHFileOperationW
CommandLineToArgvW
ShellExecuteW
SHCreateDirectoryExW
SHGetFolderPathW
ole32
CoInitializeEx
StringFromGUID2
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
CoUninitialize
CoTaskMemFree
OleRun
CoCreateInstance
CoInitialize
oleaut32
VariantClear
VariantCopy
VariantInit
SysStringLen
SysFreeString
GetErrorInfo
SysAllocString
shlwapi
PathFindExtensionW
PathRemoveExtensionW
PathFileExistsW
PathQuoteSpacesW
PathRemoveFileSpecW
PathGetArgsW
PathRemoveArgsW
StrStrIW
PathIsRelativeW
PathCombineW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathSkipRootW
PathGetCharTypeW
PathMatchSpecW
PathAppendW
Exports
Exports
??0CConsolidatedError@@QAE@ABV0@@Z
??0CConsolidatedError@@QAE@W4ISDI2_ERRORS@CConsolidatedErrorGenerated@@@Z
??0CConsolidatedError@@QAE@XZ
??0GlobalLogger@@AAE@XZ
??0ISIAccelerateAction@@QAE@XZ
??1CConsolidatedError@@QAE@XZ
??1GlobalLogger@@QAE@XZ
??1ISIAccelerateAction@@QAE@XZ
??4CConsolidatedError@@QAEAAV0@ABV0@@Z
??4CConsolidatedErrorGenerated@@QAEAAV0@$$QAV0@@Z
??4CConsolidatedErrorGenerated@@QAEAAV0@ABV0@@Z
??4GlobalLogger@@AAEAAV0@$$QAV0@@Z
??BCConsolidatedError@@QBE?AU_ISI_Error@@XZ
?AddDebugInformation@CConsolidatedError@@QAAXPBDZZ
?AddDebugInformation@CConsolidatedError@@QAAXPB_WZZ
?AddErrorMessage@CConsolidatedError@@QAAXPBDZZ
?AddErrorMessage@CConsolidatedError@@QAAXPB_WZZ
?CleanupIsiError@@YAXI@Z
?CleanupIsiError@@YAXPAU_ISI_Error@@@Z
?ClearError@CConsolidatedError@@QAEXXZ
?FreeStringResources@CConsolidatedError@@AAEXXZ
?GetDebugInformation@CConsolidatedError@@QBEKPADH@Z
?GetDebugInformation@CConsolidatedError@@QBEKPA_WH@Z
?GetDebugInformation@CConsolidatedError@@QBEPBDXZ
?GetErrorCodeString@CConsolidatedError@@QBEKPADH@Z
?GetErrorCodeString@CConsolidatedError@@QBEKPA_WH@Z
?GetErrorCodeString@CConsolidatedError@@QBEPBDXZ
?GetErrorMessage@CConsolidatedError@@QBEKPADH@Z
?GetErrorMessage@CConsolidatedError@@QBEKPA_WH@Z
?GetErrorMessage@CConsolidatedError@@QBEPBDXZ
?GetSrtEolError@CConsolidatedError@@SA?AV1@XZ
?InternalAddDebugInformation@CConsolidatedError@@AAEXPBDPAD@Z
?InternalAddErrorMessage@CConsolidatedError@@AAEXPBDPAD@Z
?IsBusy@CConsolidatedError@@QBE_NXZ
?IsError@CConsolidatedError@@QBE_NXZ
?IsPending@CConsolidatedError@@QBE_NXZ
?IsSuccessful@CConsolidatedError@@QBE_NXZ
?MAX_ERROR_STRING_SIZE@CConsolidatedError@@2HB
?MapIsiStatus@CConsolidatedError@@ABE?AW4ISDI2_ERRORS@CConsolidatedErrorGenerated@@W4_ISI_Status@@@Z
?NO_ID@GlobalLogger@@2IB
?SMALL_STRING_SIZE@CConsolidatedError@@2HB
?SetError@CConsolidatedError@@QAEXV1@@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERRORS@CConsolidatedErrorGenerated@@PBD1@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERRORS@CConsolidatedErrorGenerated@@PBD@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERRORS@CConsolidatedErrorGenerated@@PB_W1@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERRORS@CConsolidatedErrorGenerated@@PB_W@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERROR_TYPE@1@KPBD@Z
?SetError@CConsolidatedError@@QAEXW4ISDI2_ERROR_TYPE@1@KPB_W@Z
?SetError@CConsolidatedError@@QAEXW4_ISI_Status@@PBD1@Z
?SetError@CConsolidatedError@@QAEXW4_ISI_Status@@PB_W1@Z
?SetErrorCodeString@CConsolidatedError@@AAEXXZ
?SetLoggingOff@GlobalLogger@@SAXXZ
?SetLoggingOn@GlobalLogger@@SAXXZ
?__autoclassinit2@CConsolidatedError@@QAEXI@Z
?__autoclassinit2@GlobalLogger@@QAEXI@Z
?_disableLogging@GlobalLogger@@0_NA
?checkIfDiskPairValid@ISIAccelerateAction@@UAE?AU_ISI_Error@@IIAAW4_ISI_NgsaDiskPairStatus@@@Z
?checkIfDiskValid@ISIAccelerateAction@@UAE?AU_ISI_Error@@IW4_ISI_NgsaDiskConcatenationMember@@AAW4_ISI_NgsaDiskValidForConcatenationStatus@@@Z
?clean@GlobalLogger@@QAEXI@Z
?configDiskAcceleration@ISIAccelerateAction@@UAE?AU_ISI_Error@@IW4_ISI_NvcMode@@@Z
?configVolumeAcceleration@ISIAccelerateAction@@UAE?AU_ISI_Error@@IW4_ISI_NvcMode@@@Z
?doClearBlockCache@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doCreateCacheVolumeTask@ISIAccelerateAction@@UAE?AU_ISI_Error@@I@Z
?doDisassociate@ISIAccelerateAction@@UAE?AU_ISI_Error@@ABU_ISI_VolumeInfo@@@Z
?doNgsaAutomation@ISIAccelerateAction@@UAE?AU_ISI_Error@@AAI@Z
?doNgsaDisableOneStep@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doNgsaEnableOneStep@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doNgsaStartTools@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doResetVolportPerformanceCounters@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doSeparateConcatenation@ISIAccelerateAction@@UAE?AU_ISI_Error@@I@Z
?doSeparateConcatenation@ISIAccelerateAction@@UAE?AU_ISI_Error@@XZ
?doSeparateConcatenationNoSync@ISIAccelerateAction@@QAE?AU_ISI_Error@@XZ
?get@GlobalLogger@@SAAAV1@XZ
?getError@GlobalLogger@@QAE?AVCConsolidatedError@@I_N@Z
?getLastError@GlobalLogger@@QAE?AVCConsolidatedError@@_N@Z
?getLastId@GlobalLogger@@QAEIXZ
?getMaxCacheSize@ISIAccelerateAction@@SA_K_N@Z
?getMinCacheSize@ISIAccelerateAction@@SA_K_N@Z
?resetCacheToAvailable@ISIAccelerateAction@@UAE?AU_ISI_Error@@I@Z
?setCacheVolSize@ISIAccelerateAction@@UAEX_K@Z
?setError@GlobalLogger@@QAEIABVCConsolidatedError@@@Z
?setError@GlobalLogger@@QAEIABVCConsolidatedError@@AAU_ISI_Error@@@Z
?setFastDisk@ISIAccelerateAction@@UAEXI@Z
?setFcMode@ISIAccelerateAction@@UAEXW4_ISI_NgsaFileCacheMode@@@Z
?setFileCacheSize@ISIAccelerateAction@@UAEXI@Z
?setMigrationStart@ISIAccelerateAction@@UAEX_K@Z
?setPreservePinningData@ISIAccelerateAction@@UAEX_N@Z
?setSeparationSafe@ISIAccelerateAction@@UAEX_N@Z
?setSlowDisk@ISIAccelerateAction@@UAEXI@Z
?turnOffVolumeOrDiskAcceleration@ISIAccelerateAction@@UAE?AU_ISI_Error@@I@Z
?waitForNvcMode@ISIAccelerateAction@@UAE?AU_ISI_Error@@IW4_ISI_NvcMode@@@Z
GetLPCId
ISI_NgsaDiskPairStatusToDescription
ISI_NgsaDiskValidForConcatenationStatusToDescription
ISI_NgsaOperationStatusToDescription
IsiAddDisksToArray
IsiArraySetWriteCacheState
IsiCacheVolumeCreateFromArray
IsiCacheVolumeCreateFromDisks
IsiDiskAssignStoragePool
IsiDiskClaim
IsiDiskClearMetadata
IsiDiskDestroyCache
IsiDiskGetPartitionTableInfos
IsiDiskMarkAsFailed
IsiDiskMarkAsNormal
IsiDiskMarkAsSpare
IsiDiskMarkOffline
IsiDiskMarkOnline
IsiDiskResetSmartEvent
IsiDiskSetCacheBufferFlushSetting
IsiDiskSetCacheMode
IsiDiskSetCacheSpindownPolicy
IsiDiskSetSmartEvent
IsiDiskSetWriteCachingPolicySetting
IsiDiskUnlock
IsiDiskUnmarkAsSpare
IsiExpandVolume
IsiFinalize
IsiGetArrayHandles
IsiGetArrayHandlesByControllerHandle
IsiGetArrayInfo
IsiGetControllerHandles
IsiGetControllerInfo
IsiGetDiskIdentifyData
IsiGetEndDeviceHandles
IsiGetEndDeviceInfo
IsiGetErrorDebugMessage
IsiGetErrorMessage
IsiGetIsmArrays
IsiGetIsmEndDevices
IsiGetIsmVolumes
IsiGetLastErrorDebugMessage
IsiGetLastErrorMessage
IsiGetMiddlewareVersionInfo
IsiGetNgsaDiskPairHandles
IsiGetNgsaDiskPairInfo
IsiGetNgsaHandles
IsiGetNgsaInfo
IsiGetNgsaInfoEx
IsiGetNvCachePolicyStatInfo
IsiGetNvCacheStat2Info
IsiGetNvCacheStatInfo
IsiGetNvCacheUnifiedStats
IsiGetNvcInfo
IsiGetOptaneOptimizationInfo
IsiGetRaidInfo
IsiGetRaidInfoHandles
IsiGetRaidLevelInfo
IsiGetRdpDictEndDevices
IsiGetSystemInfo
IsiGetVolportPerformanceCounters
IsiGetVolumeHandles
IsiGetVolumeInfo
IsiGetVolumeMigrationRange
IsiGetZpoddInfo
IsiInitialize
IsiNvcDisassociate
IsiRaidLevelModify
IsiRefreshPartitionInfo
IsiRescan
IsiSessionClose
IsiSessionOpen
IsiSetIntelHybridDiskSubClassCode
IsiSetLpmStatus
IsiSetReadPatrolUnit
IsiToggleCoalescerPolicy
IsiVdsHandlerMakeSpaceForMetadataOnSystemDisk
IsiVolumeCancelVerify
IsiVolumeCreate
IsiVolumeCreateFromDisks
IsiVolumeDelete
IsiVolumeDestroyCache
IsiVolumeInitialize
IsiVolumeMarkAsNormal
IsiVolumeRebuild
IsiVolumeRename
IsiVolumeSetBufferFlush
IsiVolumeSetCacheMode
IsiVolumeSetCachePolicy
IsiVolumeSetCacheSpindownPolicy
IsiVolumeSetExportPolicy
IsiVolumeVerify
Sections
.text Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 297KB - Virtual size: 297KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 27KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didat Size: 512B - Virtual size: 84B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 377B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 21.1MB - Virtual size: 21.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 632KB - Virtual size: 636KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE