2024-08-12_4a6d6bd44ebafe336acf726ed1d69cca_mafia_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-12_4a6d6bd44ebafe336acf726ed1d69cca_mafia_magniber
Size

2.7MB
MD5

4a6d6bd44ebafe336acf726ed1d69cca
SHA1

628853c5afed87b15614e46c284fb7c99ee2815c
SHA256

750ec92a476262a6ae622a29d83b2f427609fa3d17dd505a1c4be0697635e6eb
SHA512

29a1b9fc6d8b0cef006b802c453b914f5aacd56c48a7a8e76d5da840854a132550f0c22b6994de4ab3a5895a7c4597ddabc68aaba923ae9849e96f399d5e407c
SSDEEP

49152:VudM0/qtaEQrfSyYTY2CY8R8O04hv+JOIbEJrPcMpxn8WDTM/IwG4vgBWKK:VoMCEQmyYTHCSihIgJrPcc7o/g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-12_4a6d6bd44ebafe336acf726ed1d69cca_mafia_magniber

Files

2024-08-12_4a6d6bd44ebafe336acf726ed1d69cca_mafia_magniber
.exe windows:5 windows x86 arch:x86

0c0ebc77d7e0ef444c912f0453053d0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\MyDesk\Release\mydesk.pdb

Imports

gdiplus

GdipSetTextRenderingHint
GdipSetStringFormatAlign
GdipCreateSolidFill
GdipDrawString
GdipCreateStringFormat
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipResetWorldTransform
GdipLoadImageFromStream
GdipLoadImageFromFile
GdipSetStringFormatFlags
GdipLoadImageFromStreamICM
GdipCreateHBITMAPFromBitmap
GdipSetStringFormatLineAlign
GdipGetPathWorldBounds
GdipGetFontStyle
GdipGetFamily
GdipDeleteFontFamily
GdipAddPathString
GdipGetFontSize
GdipSetInterpolationMode
GdipLoadImageFromFileICM
GdipCreateFontFromDC
GdipAddPathLineI
GdipSetPenDashStyle
GdipSetSmoothingMode
GdipDrawImageRectI
GdipSetImageAttributesWrapMode
GdipSetImageAttributesColorKeys
GdipSetImageAttributesColorMatrix
GdipDeletePath
GdipCreateFontFromLogfontW
GdipSaveImageToStream
GdipCreateImageAttributes
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGraphicsClear
GdipDrawImageRectRectI
GdipGetImageHeight
GdipFree
GdipAlloc
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipCloneImage
GdipSetPageUnit
GdipGetImageWidth
GdipCreateFromHDC
GdipCreateHICONFromBitmap
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipBitmapGetPixel
GdipBitmapSetPixel
GdipCreateBitmapFromHICON
GdipCreateTexture
GdipDeleteBrush
GdipCloneBrush
GdipDeleteFont
GdipMeasureString
GdipReleaseDC
GdipDeleteGraphics
GdipSaveGraphics
GdipDrawImageI
GdipRotateWorldTransform
GdipGetImageGraphicsContext
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImagePalette
GdipCreatePath
GdipGetImagePaletteSize
GdipTranslateWorldTransform
GdipFillRectangleI
GdipDrawPath
GdipDrawRectangleI
GdipDisposeImageAttributes
GdipAddPathArcI
GdipCloneBitmapAreaI
GdipImageRotateFlip
GdiplusStartup
GdiplusShutdown
GdipDrawLineI
GdipDeletePen
GdipCreatePen1
GdipGetImageThumbnail
GdipSaveImageToFile

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

urlmon

URLDownloadToFileW

wininet

InternetCloseHandle
InternetWriteFile
HttpSendRequestExW
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetGetConnectedState
InternetReadFile
InternetOpenUrlW
InternetSetOptionW
HttpQueryInfoW
HttpEndRequestW

powrprof

SetSuspendState
IsPwrHibernateAllowed
GetPwrCapabilities

kernel32

FindFirstFileW
lstrcpyW
FindNextFileW
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
CopyFileW
CloseHandle
WideCharToMultiByte
CreateProcessW
WriteFile
GetCurrentProcessId
CreateFileW
GetLocalTime
CreateDirectoryW
GetFullPathNameW
DeviceIoControl
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
IsBadCodePtr
IsBadReadPtr
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WriteProcessMemory
VirtualProtect
DeleteFileW
ReadFile
GetStartupInfoW
CreatePipe
FreeResource
LocalFree
GetCommandLineW
SetUnhandledExceptionFilter
CreateMutexW
ExitProcess
RemoveDirectoryW
GetFileAttributesW
SetFileAttributesW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
lstrcmpiW
GetLastError
ReadProcessMemory
VirtualAllocEx
OpenProcess
GetTickCount
SetProcessWorkingSetSize
GetTempPathW
GetTempFileNameW
GlobalMemoryStatusEx
GetDiskFreeSpaceExW
GetDriveTypeW
GetLogicalDrives
GetSystemDirectoryW
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
LoadLibraryExA
EndUpdateResourceW
BeginUpdateResourceA
BeginUpdateResourceW
UpdateResourceW
SetFilePointer
GetFileSize
lstrcatW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
HeapFree
HeapAlloc
GetProcessHeap
GetVersion
MoveFileExW
TerminateThread
SetEvent
IsBadStringPtrW
MulDiv
GetUserDefaultUILanguage
lstrlenA
FindClose
WaitForSingleObject
Sleep
DeleteCriticalSection
InitializeCriticalSection
GetFileAttributesA
HeapSetInformation
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetStdHandle
GetLocaleInfoW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
SetHandleCount
GetFileType
LCMapStringW
GetTimeZoneInformation
CompareStringW
CreateEventW
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
SetLastError
GetCurrentThreadId
RaiseException
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
lstrlenW
LoadLibraryW
FreeLibrary
GetVersionExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
FatalAppExitA
SetConsoleCtrlHandler
InterlockedExchange
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
LoadLibraryA
SetStdHandle
FlushFileBuffers
VirtualQuery
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableA
DosDateTimeToFileTime
SystemTimeToFileTime
SetFileTime
DuplicateHandle
GetFileInformationByHandle
GetFileSizeEx
GetSystemInfo
CreateFileA
GetLogicalDriveStringsW
GetVolumeInformationW
ExpandEnvironmentStringsW
WinExec
GetLongPathNameA
EnumResourceNamesW
GetSystemTimeAsFileTime
CreateThread
ResumeThread
ExitThread
DecodePointer
EncodePointer
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
LocalAlloc
VirtualFreeEx

user32

UnregisterHotKey
RegisterHotKey
CallNextHookEx
GetAsyncKeyState
SetWindowsHookExW
PostQuitMessage
LoadIconW
UnhookWindowsHookEx
GetWindowThreadProcessId
GetDesktopWindow
EnumWindows
GetClassNameW
CharNextW
RegisterWindowMessageW
GetWindowPlacement
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
MonitorFromPoint
DestroyMenu
RemoveMenu
GetSubMenu
TrackPopupMenu
LoadMenuW
DialogBoxParamW
ReleaseCapture
KillTimer
SetCapture
SetTimer
SetCursor
FindWindowW
CreateDialogParamW
UpdateWindow
EnableWindow
AnimateWindow
SetForegroundWindow
UpdateLayeredWindow
IsWindowVisible
CreateIconIndirect
LoadImageW
GetIconInfo
CopyRect
wsprintfW
GetCursorPos
UnionRect
DrawIconEx
DestroyIcon
IsDlgButtonChecked
CheckDlgButton
AttachThreadInput
GetActiveWindow
MessageBoxW
ShowWindow
SetWindowTextW
SetFocus
RegisterClassExW
LoadCursorW
GetClassInfoExW
CreateWindowExW
SystemParametersInfoW
PostMessageW
InvalidateRect
PtInRect
IsWindow
RedrawWindow
MoveWindow
SetWindowLongW
GetForegroundWindow
CreateAcceleratorTableW
InvalidateRgn
SetRect
CharPrevW
GetSysColor
SetCaretPos
ShowCaret
HideCaret
CreateCaret
IsIconic
IsWindowEnabled
FillRect
ReleaseDC
GetWindowDC
GetSystemMetrics
InflateRect
OffsetRect
GetClassLongW
DrawTextW
SendMessageW
GetWindowTextLengthW
GetWindowTextW
EndPaint
BeginPaint
CallWindowProcW
DefWindowProcW
EndDialog
GetDlgItem
ScreenToClient
GetParent
GetWindow
GetWindowRect
GetWindowLongW
DrawFocusRect
RegisterClassW
FindWindowExW
EnumChildWindows
GetMenu
AdjustWindowRectEx
SetPropW
GetPropW
GetUpdateRect
GetFocus
IsZoomed
SetWindowRgn
SetMenuItemBitmaps
InsertMenuW
EnableMenuItem
SetCursorPos
MonitorFromWindow
GetMonitorInfoW
GetClientRect
MapWindowPoints
SetWindowPos
MessageBoxA
EqualRect
GetKeyState
keybd_event
UnregisterClassA
SetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
SwapMouseButton
CreateIconFromResourceEx
ModifyMenuW
AppendMenuW
CreatePopupMenu
CheckMenuItem
IntersectRect
IsRectEmpty
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
DestroyWindow
FrameRect
SetActiveWindow
SetDlgItemTextW
GetDC
GetDlgItemTextW
ClientToScreen

gdi32

SetStretchBltMode
SelectClipRgn
ExtSelectClipRgn
GetClipBox
StretchBlt
GetDIBits
PtInRegion
CreateDIBSection
LineTo
GetBitmapBits
CreatePen
Rectangle
RoundRect
GdiFlush
GetCharABCWidthsW
CreateDCW
SetDIBColorTable
CreatePatternBrush
SetBitmapBits
GetDeviceCaps
MoveToEx
OffsetRgn
SaveDC
RestoreDC
SetWindowOrgEx
CreateRoundRectRgn
GetTextMetricsW
GetTextExtentPoint32W
TextOutW
GetStockObject
CreateCompatibleBitmap
SetViewportOrgEx
CreateFontIndirectW
CreateCompatibleDC
BitBlt
GetObjectW
CombineRgn
CreateRectRgnIndirect
ExcludeClipRect
SelectObject
SetBkColor
ExtTextOutW
DeleteDC
SetTextColor
SetBkMode
DeleteObject
CreateRectRgn
CreateSolidBrush

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

advapi32

AdjustTokenPrivileges
RegSetValueExW
RegOpenKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
GetUserNameW
RegCreateKeyW
RegSetValueW
OpenProcessToken
LookupPrivilegeValueW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegFlushKey
RegOpenKeyExW

shell32

SHFileOperationW
ShellExecuteExW
SHGetMalloc
SHAppBarMessage
DragAcceptFiles
DragFinish
DragQueryFileW
SHGetPathFromIDListW
ShellExecuteW
ord4
SHGetSpecialFolderPathW
ord2
ExtractIconW
ord727
SHQueryRecycleBinW
SHGetFileInfoW
SHGetFolderLocation
ord155
SHGetSpecialFolderLocation
SHEmptyRecycleBinW
SHGetFolderPathW
Shell_NotifyIconW
CommandLineToArgvW
SHBrowseForFolderW

ole32

OleInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoSetProxyBlanket
RegisterDragDrop
RevokeDragDrop
OleUninitialize
OleDuplicateData
ReleaseStgMedium
OleSetContainedObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfile
CLSIDFromProgID
CLSIDFromString
OleLockRunning
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
OleCreateStaticFromData

oleaut32

SysAllocStringLen
VarUI4FromStr
VariantClear
VariantInit
SysAllocString
GetErrorInfo
VariantChangeType
SetErrorInfo
CreateErrorInfo
SysFreeString

shlwapi

PathFindFileNameW
PathAppendW
StrCpyW
PathFileExistsW
PathFindExtensionW
PathFileExistsA

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx
ImageList_DragLeave
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Create

msi

ord217
ord173

dbghelp

MiniDumpWriteDump

iphlpapi

GetAdaptersInfo

imagehlp

CheckSumMappedFile

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 430KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 487KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c0ebc77d7e0ef444c912f0453053d0d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

version

urlmon

wininet

powrprof

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msi

dbghelp

iphlpapi

imagehlp

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 430KB - Virtual size: 430KB

.data Size: 27KB - Virtual size: 47KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 487KB - Virtual size: 487KB

.reloc Size: 83KB - Virtual size: 83KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 430KB - Virtual size: 430KB

.data
Size: 27KB - Virtual size: 47KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 487KB - Virtual size: 487KB

.reloc
Size: 83KB - Virtual size: 83KB