2024-07-23_23b57b857db24c7d4880f88a48c3ae7a_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-07-23_23b57b857db24c7d4880f88a48c3ae7a_magniber
Size

1.8MB
MD5

23b57b857db24c7d4880f88a48c3ae7a
SHA1

5939a259d2c089e0f1ea914accb331fcce6349d7
SHA256

741ee6f6e2abcd996fae85c06636d744b5b6c41ea124d186c2075ffc74ee765f
SHA512

9088e35efd87dbc6c7e1615913218d4096b9d83db7aded4ab3ccd969caed0335fa9cc57953e8c17477dbf47d3b1e36410e67e45d4f8618f3d35aaab7c750d7a7
SSDEEP

24576:GmtX9nhpfpVIEuCKJyVTPJa6vDVqIAX3Z/DgZiCdJPKvbEja7lGGDxb2Fzcdl:GmtX9hpft48TPzpAX3Zrgy570Fs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-23_23b57b857db24c7d4880f88a48c3ae7a_magniber

Files

2024-07-23_23b57b857db24c7d4880f88a48c3ae7a_magniber
.exe windows:4 windows x86 arch:x86

bde4e90860f7aeafcb6683bb76746acd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
HeapCreate
CreateMutexW
GetLastError
HeapDestroy
ExitProcess
InitializeSListHead
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcAddress
FreeLibrary
GetModuleHandleExW
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
HeapFree
SetLastError
GetCurrentThread
HeapAlloc
EnumSystemLocalesW
LoadLibraryExW
CompareStringW
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetDateFormatW
GetLocaleInfoW
GetTempPathW
GetTimeFormatW
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
IsValidLocale
LCMapStringW
OutputDebugStringW
GetFileType
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsValidCodePage
GetCommandLineA
GetCommandLineW
FindFirstFileExW
FindNextFileW
FindClose
MultiByteToWideChar
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
SetEnvironmentVariableW
SetConsoleCtrlHandler
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapSize
HeapReAlloc
ReadFile
ReadConsoleW
SetFilePointerEx
CloseHandle
WriteConsoleW
CreateFileW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
EncodePointer
RaiseException
GetFileSize
InitializeCriticalSection
WaitForSingleObject
CreateThread
Sleep
LoadLibraryW
DuplicateHandle
CreatePipe
CreateProcessW
SetFilePointer
SetEndOfFile
DeleteFileW
GlobalLock
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
GetVersionExW
QueryPerformanceFrequency
GetTickCount
MulDiv
GetCurrentDirectoryW
GetDriveTypeW
FindFirstFileW
GetFileAttributesW
CopyFileW
MoveFileW
SetFileAttributesW
CreateDirectoryW
GetModuleHandleA
LoadLibraryA
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
ExpandEnvironmentStringsA
FormatMessageA
CreateFileA
GetFileSizeEx
lstrcmpW
UnregisterWait
RegisterWaitForSingleObject
CreateEventW
SetEvent
ResetEvent
WaitForSingleObjectEx
GetFileInformationByHandle
PeekNamedPipe
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
DecodePointer
GetFullPathNameW
SetCurrentDirectoryW
GetFileAttributesExW
GetTimeZoneInformation

user32

GetDC
SetWindowLongW
LoadIconW
SetClassLongW
GetWindowLongW
SendMessageW
InvalidateRect
UpdateWindow
CallWindowProcW
MessageBoxW
PostMessageW
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
SetWindowPos
RegisterClassExW
CreateWindowExW
PeekMessageW
TranslateMessage
DispatchMessageW
DefWindowProcW
GetPropW
RemovePropW
GetWindowTextW
SetPropW
DestroyWindow
SystemParametersInfoW
ShowWindow
GetWindow
GetParent
SetWindowTextW
GetWindowRect
MapWindowPoints
MoveWindow
RedrawWindow
GetWindowTextLengthW
SetFocus
GetSysColor
GetSysColorBrush
SetRect
DrawTextW
GetSystemMetrics
ReleaseDC
GetAsyncKeyState
GetIconInfo
BeginPaint
ReleaseCapture
DrawStateW
EndPaint
SetCapture
ScreenToClient
SetScrollPos
InflateRect
GetWindowDC
GetClientRect
GetFocus
FrameRect
DrawFocusRect
ValidateRect
GetClassNameW
FillRect
GetScrollPos
DrawFrameControl
EnumPropsExW
SetActiveWindow
DestroyIcon
LoadCursorW
GetMenu
IsZoomed
IsIconic
MsgWaitForMultipleObjects
GetMessageW
GetActiveWindow
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
RegisterClassW
AdjustWindowRectEx
UnregisterClassW
GetKeyState
IsChild
EnumChildWindows
DefFrameProcW
GetCursorPos
SetForegroundWindow
TrackPopupMenu
SetMenu
DestroyMenu
RegisterWindowMessageW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CreateIconFromResourceEx
CreateIconFromResource
CharLowerW
LoadImageW
PostQuitMessage
AdjustWindowRect

gdi32

GetDeviceCaps
DeleteObject
GetStockObject
CreateFontIndirectW
SetTextColor
SetBkColor
SelectObject
GetTextExtentPoint32W
GetObjectType
GetObjectW
ExcludeClipRect
CreateRectRgn
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateDCW
CreatePen
MoveToEx
LineTo
CreateDIBSection
CreateRectRgnIndirect
GetClipRgn
ExtSelectClipRgn
CreateSolidBrush
GetDIBits
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateBitmap
SetPixel
CreateFontW

ole32

CoInitialize
CoTaskMemFree
OleInitialize
CreateStreamOnHGlobal
GetHGlobalFromStream
RevokeDragDrop
OleCreate
OleSetContainedObject
OleUninitialize
CoInitializeEx
CoUninitialize
CoTaskMemAlloc

shell32

ShellExecuteExW
Shell_NotifyIconW
SHGetFolderPathW

ws2_32

closesocket
WSACleanup
WSAStartup
socket
recv
WSAGetLastError
send
ntohs
getsockopt
WSASetLastError
setsockopt
getpeername
getsockname
htons
bind
WSAIoctl
connect
select
__WSAFDIsSet
accept
listen
getaddrinfo
freeaddrinfo
htonl
ioctlsocket
gethostname
ntohl

crypt32

CertFreeCertificateContext
CertOpenStore
CryptStringToBinaryA
CertFindCertificateInStore
CertCloseStore
CertEnumCertificatesInStore
CertCreateCertificateChainEngine
CertGetCertificateChain
CertGetNameStringA
CertFreeCertificateChainEngine
CertFreeCertificateChain
CryptQueryObject
CertAddCertificateContextToStore

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winmm

timeBeginPeriod

shlwapi

PathFindFileNameW
PathCombineW

gdiplus

GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeleteMatrix
GdipDeletePen
GdipDeleteStringFormat
GdipFree

uxtheme

SetWindowTheme

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
SystemFunction036
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegQueryValueExW
RegOpenKeyExW

comctl32

InitCommonControlsEx
ImageList_Replace
ImageList_Add
ImageList_ReplaceIcon
ImageList_Remove
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize

oleaut32

SysFreeString
VariantInit
DispGetParam
SysAllocString
VariantClear
SysStringLen

Sections

.code
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bde4e90860f7aeafcb6683bb76746acd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

shell32

ws2_32

crypt32

version

winmm

shlwapi

gdiplus

uxtheme

advapi32

comctl32

oleaut32

Sections

.code Size: 38KB - Virtual size: 37KB

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 239KB - Virtual size: 239KB

.gfids Size: 1024B - Virtual size: 628B

.00cfg Size: 512B - Virtual size: 8B

.data Size: 130KB - Virtual size: 140KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 102KB - Virtual size: 102KB

.code
Size: 38KB - Virtual size: 37KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 239KB - Virtual size: 239KB

.gfids
Size: 1024B - Virtual size: 628B

.00cfg
Size: 512B - Virtual size: 8B

.data
Size: 130KB - Virtual size: 140KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 102KB - Virtual size: 102KB