2024-07-27_9a390ee0b3053c95c61ab8424c5ed768_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-27_9a390ee0b3053c95c61ab8424c5ed768_magniber
Size

6.1MB
MD5

9a390ee0b3053c95c61ab8424c5ed768
SHA1

8b54ac6384ee8d2ef21a55bb5f990e57fd922c93
SHA256

9d09e0e4e4abfc4ff4d1ff9443fe86d14d2d1f368fe335fab5df729a2b02ede1
SHA512

deaf3c626848cfaddef3d6b6ba3f4d0e867aa0a3a6292c7414469ed2aba8398706f64edd00bc9efca222a7de84f8e9287d0fd4201858dc47334cf05bef99953f
SSDEEP

98304:ucDvaLsaSGhJhz1q+BYsZsnDPJVyTi/Rdgt9h/XFa9FKOAVe9JcFRgtPpv:u1hhLZWBVIi0t/UxAAvcep

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-27_9a390ee0b3053c95c61ab8424c5ed768_magniber

Files

2024-07-27_9a390ee0b3053c95c61ab8424c5ed768_magniber
.exe windows:6 windows x86 arch:x86

e77d6598dac8e040975ca29bdfecbfad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\工作资料\code\startplayer\player1\nativeplayer\StellarDownload\Publish\uninst.pdb

Imports

kernel32

GetVersionExW
GetNativeSystemInfo
CreatePipe
CreateProcessW
PeekNamedPipe
GetDiskFreeSpaceExW
GetLogicalDriveStringsW
GetDriveTypeW
CopyFileW
GetComputerNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetCurrentDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetCommandLineW
GetDiskFreeSpaceW
GetTempFileNameW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetLogicalDrives
FindFirstFileW
FindNextFileW
FindClose
GetCurrentProcess
MoveFileExW
GetFileAttributesExW
SetFileAttributesW
LoadLibraryA
K32GetProcessImageFileNameW
GetProcessId
QueryFullProcessImageNameW
GlobalSize
GetExitCodeProcess
GetLocalTime
GetFileTime
FileTimeToSystemTime
GetConsoleWindow
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
WriteConsoleA
HeapCreate
FlushInstructionCache
GetFullPathNameW
FreeResource
FreeLibrary
GetVersionExA
GetSystemTime
GetModuleHandleA
IsBadReadPtr
DeleteFileW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetUserDefaultUILanguage
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
GetSystemTimeAsFileTime
GetFileAttributesA
GetEnvironmentVariableA
GetModuleHandleW
GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
FindResourceW
LoadResource
FindResourceExW
RaiseException
HeapReAlloc
LockResource
HeapSize
GetSystemInfo
GetOEMCP
GetACP
IsValidCodePage
SetStdHandle
GetTimeZoneInformation
SetConsoleCtrlHandler
ReadConsoleW
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ExitProcess
RemoveDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
SystemTimeToTzSpecificLocalTime
GetFileType
GetModuleHandleExW
ResumeThread
ExitThread
GetCommandLineA
RtlUnwind
WaitForMultipleObjectsEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
SetProcessAffinityMask
VirtualProtect
VirtualFree
VirtualAlloc
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
IsProcessorFeaturePresent
RtlCaptureStackBackTrace
QueueUserWorkItem
AreFileApisANSI
CreateHardLinkW
FindFirstFileExW
GetCurrentThread
WaitForSingleObjectEx
DuplicateHandle
GetStringTypeW
TryEnterCriticalSection
LoadLibraryW
GetSystemDirectoryW
GetProcAddress
QueryPerformanceFrequency
ResetEvent
QueryPerformanceCounter
GetCurrentProcessId
WriteConsoleW
OpenProcess
GetCurrentThreadId
GetFileAttributesW
InitializeCriticalSectionEx
CreateMutexW
GetTempPathW
GetModuleFileNameW
TerminateProcess
HeapFree
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
lstrcpyW
CreateThread
lstrcatW
GetExitCodeThread
WaitForMultipleObjects
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrcmpiW
FormatMessageW
FlushFileBuffers
SetFilePointerEx
GetFileInformationByHandle
CreateFileW
SetEndOfFile
DeviceIoControl
lstrcpynW
WriteFile
GetFileSizeEx
GetVolumeInformationW
GetLastError
ReadFile
GetTickCount
FormatMessageA
lstrcpyA
OutputDebugStringW
lstrlenA
OutputDebugStringA
LocalFree
Sleep
LocalAlloc
SetLastError
CloseHandle
SetEvent
CreateEventW
WaitForSingleObject
CreateDirectoryW
lstrlenW
GetTickCount64

user32

PostMessageW
CharNextA
SetForegroundWindow
SystemParametersInfoW
GetDesktopWindow
FindWindowW
CharNextW
GetForegroundWindow
wsprintfW
IsWindow
GetShellWindow
UpdateLayeredWindow
IsMenu
IsWindowEnabled
CreatePopupMenu
DestroyMenu
CheckMenuItem
UnregisterClassW
GetSystemMetrics
SendMessageTimeoutW
GetWindowRect
GetWindowThreadProcessId
GetMenuItemCount
InsertMenuW
AppendMenuW
DeleteMenu
OffsetRect
SetTimer
DestroyWindow
TrackPopupMenu
MessageBoxW
IsRectEmpty
AllowSetForegroundWindow
KillTimer
RegisterWindowMessageW
MapVirtualKeyA
CharLowerBuffW
AttachThreadInput
SetCaretPos
DrawIconEx
EnumDisplayDevicesW
EnumDisplaySettingsW
GetActiveWindow
WaitForInputIdle
EnumWindows
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClipboardData
GetDC
ReleaseDC
GetMonitorInfoW
MonitorFromWindow
GetDisplayConfigBufferSizes
QueryDisplayConfig
DisplayConfigGetDeviceInfo
DisplayConfigSetDeviceInfo
GetLastInputInfo
GetWindowPlacement
ShowWindow
InflateRect
SetWindowRgn
IsWindowVisible
LoadCursorW
DestroyCursor
SetCursor
CopyRect
IntersectRect
UnionRect
EqualRect
PtInRect
DefWindowProcW
CallWindowProcW
RegisterClassExW
CreateWindowExW
SetWindowPos
GetDlgItem
GetClientRect
MapWindowPoints
GetWindowLongW
SetWindowLongW
GetParent
GetWindow
TrackMouseEvent
PostQuitMessage
HideCaret
CreateCaret
GetMenuInfo
SetMenuInfo
GetMenuItemInfoW
SetMenuContextHelpId
EnableWindow
SetActiveWindow
SendMessageW
SystemParametersInfoA
DrawTextW
MonitorFromRect
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetSysColor
EnableMenuItem
SetRect
ClientToScreen
PostThreadMessageW
GetMessageW
LoadImageW
CreateIconFromResource
LoadBitmapW
GetIconInfo
GetKeyState
GetFocus
DestroyIcon
GetClassNameW
ScreenToClient
GetCursorPos
SetWindowTextW
InvalidateRect
EndPaint
BeginPaint
UpdateWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsZoomed
IsIconic
SetLayeredWindowAttributes
AnimateWindow

gdi32

DeleteObject
CreateDIBitmap
GetObjectW
BitBlt
EnumFontsW
CreateBitmap
CreateCompatibleDC
DeleteDC
SelectObject
SetGraphicsMode
CreateRectRgn
CreateSolidBrush
GetClipBox
GetStockObject
Rectangle
SetBkMode
GetDCOrgEx
StretchBlt
CreateCompatibleBitmap
SetViewportOrgEx
CreateFontIndirectW
CombineRgn
CreateRoundRectRgn
ExtCreateRegion
IntersectClipRect
SelectClipRgn
SetWorldTransform
CreateDIBSection
GetCurrentObject
GetViewportOrgEx
EnumFontFamiliesExW
GetCharABCWidthsW
GetFontData
GetGlyphOutlineW
GetOutlineTextMetricsW
GetFontUnicodeRanges
GetGlyphIndicesW
GetTextExtentPointI
AddFontMemResourceEx
RemoveFontMemResourceEx
SetTextColor
SetTextAlign
GetTextMetricsW
ExtTextOutW
GetTextFaceW
GdiFlush
GetDeviceCaps

comdlg32

GetOpenFileNameW

advapi32

RegSetValueExW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
QueryServiceStatusEx
CloseServiceHandle
OpenServiceW
OpenSCManagerW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegGetValueW
CreateProcessAsUserW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
DuplicateTokenEx
OpenProcessToken
GetUserNameW
RegDeleteValueW
RegCloseKey
RegDeleteKeyW
RegDeleteKeyValueW
RegCreateKeyExW
RegEnumKeyExW

shell32

SHOpenFolderAndSelectItems
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetPathFromIDListW
ShellExecuteW
SHBrowseForFolderW
ShellExecuteExW
ord190
ord155
CommandLineToArgvW
ord165
SHGetSpecialFolderPathW
SHFileOperationW
SHGetFolderPathW

ole32

GetHGlobalFromStream
CLSIDFromString
CoCreateGuid
OleUninitialize
OleInitialize
CoSetProxyBlanket
CoInitializeSecurity
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance
CLSIDFromProgID
CreateBindCtx
IIDFromString
CoUninitialize
CoInitialize
OleLockRunning

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen
SetErrorInfo
VariantInit
GetErrorInfo
VariantChangeType
CreateErrorInfo
VariantClear

winhttp

WinHttpSendRequest
WinHttpConnect
WinHttpQueryOption
WinHttpSetStatusCallback
WinHttpCloseHandle
WinHttpReceiveResponse
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpCrackUrl
WinHttpSetTimeouts
WinHttpSetOption
WinHttpOpenRequest
WinHttpReadData
WinHttpQueryHeaders
WinHttpAddRequestHeaders

shlwapi

StrToIntExW
ord12
PathRemoveFileSpecW
PathFindFileNameW
SHDeleteKeyW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

gdiplus

GdipImageSelectActiveFrame
GdipSaveImageToFile
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromFileICM
GdipCreateFromHDC
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDrawImageI
GdipSetSmoothingMode
GdipDrawImageRectI
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageRawFormat
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipCreateHBITMAPFromBitmap
GdipGraphicsClear
GdipCreateBitmapFromHBITMAP
GdipSaveImageToStream
GdipLoadImageFromFile

ws2_32

inet_ntop
WSAGetLastError
inet_ntoa
gethostname
getaddrinfo
gethostbyname

iphlpapi

GetAdaptersAddresses

netapi32

NetApiBufferFree
NetGetJoinInformation

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW

imm32

ImmCreateContext
ImmDestroyContext
ImmGetContext
ImmAssociateContext
ImmReleaseContext

usp10

ScriptItemize
ScriptFreeCache
ScriptShape

opengl32

wglGetCurrentContext
wglGetProcAddress

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 867KB - Virtual size: 867KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 37B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e77d6598dac8e040975ca29bdfecbfad

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

winhttp

shlwapi

version

gdiplus

ws2_32

iphlpapi

netapi32

setupapi

imm32

usp10

opengl32

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 867KB - Virtual size: 867KB

.data Size: 99KB - Virtual size: 197KB

.gfids Size: 5KB - Virtual size: 5KB

.tls Size: 512B - Virtual size: 37B

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 218KB - Virtual size: 217KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 867KB - Virtual size: 867KB

.data
Size: 99KB - Virtual size: 197KB

.gfids
Size: 5KB - Virtual size: 5KB

.tls
Size: 512B - Virtual size: 37B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 218KB - Virtual size: 217KB