2024-08-29_4baf6cd85f3d1a8ee799a7fc1c05d7dc_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-29_4baf6cd85f3d1a8ee799a7fc1c05d7dc_magniber
Size

5.2MB
MD5

4baf6cd85f3d1a8ee799a7fc1c05d7dc
SHA1

17da1cb9ceb50e91c69575d82fc155d79898aec9
SHA256

7091723f0943e9987213be159a39e0f1b9c64bee6fe0614f29eb33903b9b800b
SHA512

7c7ebc02e00ca07406ee4523a8680ea85b23fe47ba50b64a5f561bf673db9861a240cafc984292464e3b858f1080728e0f98ee651114fd4d99cbfd02154f9bc8
SSDEEP

98304:krBHcJtFqT69SkJfN2eWnIs9gmAfGHb9umPzZk5lTXFLOAkGkzdnEVomFHKnPbd:krBHcsT6/k0hmAfGHb9umPzZk5lTXFLw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-29_4baf6cd85f3d1a8ee799a7fc1c05d7dc_magniber

Files

2024-08-29_4baf6cd85f3d1a8ee799a7fc1c05d7dc_magniber
.exe windows:6 windows x86 arch:x86

3bf890598f1f1a61e1063a0ba71f9223

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\_jenkins-workspaces\ecm_agent_r5.23.12_release\_projects\bin\DestinyUpdateStatusBoard.pdb

Imports

kernel32

GetOEMCP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
GetConsoleMode
GetConsoleCP
SetFilePointerEx
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetACP
ExitProcess
VirtualQuery
HeapQueryInformation
GetFileType
SetStdHandle
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
ExitThread
RtlUnwind
AreFileApisANSI
CreateWaitableTimerA
GetSystemInfo
SetWaitableTimer
OpenEventA
WaitForMultipleObjectsEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
VirtualFree
VirtualAlloc
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
FreeLibraryAndExitThread
GetThreadTimes
CreateTimerQueue
GetCPInfo
LCMapStringW
QueryPerformanceFrequency
TryEnterCriticalSection
GetStringTypeW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetEnvironmentStringsW
WriteConsoleW
DeviceIoControl
GetStartupInfoW
IsDebuggerPresent
GetSystemTimeAsFileTime
QueryPerformanceCounter
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
SearchPathW
GetProfileIntW
GetUserDefaultLCID
FindResourceExW
SetErrorMode
VirtualProtect
GlobalFlags
GetSystemDefaultUILanguage
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadLocale
MoveFileW
UnlockFile
LockFile
GetFullPathNameW
GetFileSize
GetFileAttributesExW
SystemTimeToTzSpecificLocalTime
GetPrivateProfileIntW
lstrcmpA
InitializeCriticalSectionAndSpinCount
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
GetModuleHandleA
GetSystemDirectoryW
EncodePointer
CopyFileW
GlobalSize
SetNamedPipeHandleState
WaitNamedPipeW
TransactNamedPipe
WaitForMultipleObjects
DisconnectNamedPipe
ConnectNamedPipe
CreateNamedPipeW
InitializeCriticalSection
SwitchToThread
TerminateThread
GetExitCodeThread
WaitForSingleObjectEx
ReleaseSemaphore
DuplicateHandle
CreateSemaphoreA
LoadLibraryExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
GetTempFileNameW
SetEndOfFile
GetFileTime
GetFileSizeEx
GetDriveTypeW
GetVersionExW
DeleteFileW
SetFileAttributesW
MoveFileExW
RemoveDirectoryW
GetCurrentThread
FlushFileBuffers
WriteFile
SetFilePointer
RtlCaptureStackBackTrace
FindClose
FindNextFileW
FindFirstFileW
GetWindowsDirectoryW
GlobalFree
OutputDebugStringW
GetPrivateProfileStringW
GetFileAttributesW
GetTempPathW
OutputDebugStringA
lstrcpynW
WritePrivateProfileStringW
CreateDirectoryW
SetLastError
GetModuleHandleW
CreateEventA
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
SystemTimeToFileTime
GetModuleFileNameW
GetCurrentDirectoryW
WideCharToMultiByte
SuspendThread
GetProcAddress
LoadLibraryA
QueryDosDeviceW
QueryFullProcessImageNameW
ReadFile
GetStdHandle
lstrlenW
ProcessIdToSessionId
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
MultiByteToWideChar
ResumeThread
SetThreadPriority
GetCurrentProcess
GetCurrentThreadId
CreateFileW
GetLocalTime
SetUnhandledExceptionFilter
WTSGetActiveConsoleSessionId
OpenMutexW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetComputerNameA
CreateMutexW
ReleaseMutex
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
SetEvent
WaitForSingleObject
ResetEvent
CloseHandle
CreateEventW
GetTickCount
MulDiv
GetLocaleInfoW
GetUserDefaultUILanguage
LocalFree
LocalAlloc
FormatMessageW
GetLastError
FreeLibrary
LoadLibraryW
lstrcpyW
lstrcmpiW
Sleep
GetCurrentProcessId
FindResourceW
LoadResource
LockResource
SizeofResource
FormatMessageA

user32

GetDC
ReleaseDC
IsRectEmpty
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
GetWindowDC
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
EqualRect
GetSysColor
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
DrawIconEx
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExW
ShowOwnedPopups
CharUpperW
DestroyMenu
GetMenuItemInfoW
CopyImage
RealChildWindowFromPoint
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
GetClassInfoW
RegisterClassW
CallWindowProcW
DrawFocusRect
DrawFrameControl
DrawEdge
LoadBitmapW
InflateRect
IntersectRect
LoadMenuW
SetLayeredWindowAttributes
GetSysColorBrush
EnumDisplayMonitors
SendDlgItemMessageA
DrawStateW
GetMessageW
PostQuitMessage
SetWindowContextHelpId
GetPropW
SetRect
DrawTextW
UpdateWindow
SendMessageW
SystemParametersInfoW
GetSystemMenu
DeleteMenu
MessageBeep
EnableWindow
InvalidateRect
SetRectEmpty
CopyRect
FillRect
OffsetRect
GetClientRect
GetCursorPos
ScreenToClient
PtInRect
SetCursor
TabbedTextOutW
DrawTextExW
GrayStringW
GetDesktopWindow
GetForegroundWindow
SetWindowPos
SetTimer
IsIconic
GetWindowRect
KillTimer
SetFocus
SetActiveWindow
DestroyIcon
GetLayeredWindowAttributes
IsWindow
PostMessageW
IsWindowVisible
RedrawWindow
GetParent
MonitorFromRect
GetMonitorInfoW
GetWindowLongW
SetForegroundWindow
WindowFromPoint
GetAncestor
GetKeyState
ClientToScreen
DestroyWindow
SetWindowRgn
LoadCursorW
IsZoomed
GetAsyncKeyState
SetCapture
TrackMouseEvent
ReleaseCapture
SetWindowLongW
CreateWindowExW
UnregisterClassW
GetSystemMetrics
DrawIcon
GetWindowThreadProcessId
GetClassNameW
GetWindow
GetMessageTime
EnumWindows
keybd_event
AttachThreadInput
AllowSetForegroundWindow
SendInput
TranslateMessage
PeekMessageW
SwitchToThisWindow
DispatchMessageW
MessageBoxW
LoadImageW
GetIconInfo
OpenClipboard
EmptyClipboard
RegisterClipboardFormatW
SetClipboardData
CloseClipboard
GetWindowTextW
IsCharAlphaW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
NotifyWinEvent
SetCursorPos
SetParent
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
SetClassLongW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
WaitMessage
CharNextW
InvalidateRgn
GetNextDlgGroupItem
GetDoubleClickTime
CopyIcon
ModifyMenuW
GetUpdateRect
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
CharUpperBuffW
FrameRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
SubtractRect
PostThreadMessageW
CreateMenu
HideCaret
InvertRect
AppendMenuW
GetComboBoxInfo
DestroyCursor
GetWindowRgn
RemoveMenu
RegisterWindowMessageW
MapDialogRect
GetMessagePos
DefWindowProcW

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
SetRectRgn
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateDIBSection
GetRgnBox
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
SetTextAlign
SetROP2
SetPolyFillMode
SetLayout
SetMapMode
SelectObject
CreateFontIndirectW
GetObjectW
GetTextExtentPoint32W
ExtTextOutW
CreateCompatibleDC
LPtoDP
CreateCompatibleBitmap
GetMapMode
GetWindowExtEx
GetViewportExtEx
DPtoLP
BitBlt
DeleteObject
DeleteDC
CreateSolidBrush
CreatePen
MoveToEx
LineTo
PtVisible
RectVisible
TextOutW
Escape
GetDeviceCaps
CreateFontW
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
CombineRgn
FillRgn
FrameRgn
GetObjectA
SetBkMode
GetStockObject
SetTextColor
CopyMetaFileW
CreateDCW
SetBkColor
CreateBitmap
CreateHatchBrush
CreatePatternBrush
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
IntersectClipRect
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
Rectangle
GetLayout
SelectPalette

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

GetTokenInformation
RegQueryValueW
RegEnumKeyExW
RegEnumValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenProcessToken
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
IsValidSid
QueryServiceStatus
UnlockServiceDatabase
RegQueryValueExW
RegOpenKeyExW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
ConvertSidToStringSidW
LookupAccountNameW
RegEnumKeyW
RegQueryInfoKeyW
RegCloseKey

shell32

SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHCreateDirectoryExW
ShellExecuteExW
ShellExecuteW
DragQueryFileW
DragFinish
SHAppBarMessage

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
StrStrW
StrFormatKBSizeW
PathAppendW
PathRemoveFileSpecW
PathFindFileNameW
AssocQueryStringW
SHGetValueW
PathIsDirectoryW

uxtheme

GetWindowTheme
GetThemeSysColor
DrawThemeText
GetThemePartSize
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
DrawThemeParentBackground
IsAppThemed

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CLSIDFromProgID
CoInitializeEx
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard

oleaut32

VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
LoadTypeLi
SysStringLen
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysAllocString
SysFreeString
OleCreateFontIndirect
SystemTimeToVariantTime

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectRectI
GdipFree
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetCompositingQuality
GdipDeleteGraphics
GdipCreateFromHDC
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdipGetImageWidth
GdipGetImageHeight
GdipCreateHBITMAPFromBitmap
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipFillRectangleI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCreateBitmapFromScan0
GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipAlloc

dbghelp

MiniDumpWriteDump

crypt32

CryptUnprotectData

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW
WTSEnumerateSessionsW

netapi32

NetApiBufferFree
NetUserEnum

iphlpapi

GetAdaptersInfo

wininet

InternetSetStatusCallbackW
InternetOpenW
InternetCloseHandle
HttpSendRequestW
HttpAddRequestHeadersW
InternetConnectW
InternetSetOptionW
InternetReadFileExW
HttpQueryInfoW
HttpOpenRequestW

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

version

GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 629KB - Virtual size: 629KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bf890598f1f1a61e1063a0ba71f9223

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

dbghelp

crypt32

wtsapi32

netapi32

iphlpapi

wininet

oleacc

imm32

winmm

version

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 629KB - Virtual size: 629KB

.data Size: 47KB - Virtual size: 75KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 195KB - Virtual size: 194KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 629KB - Virtual size: 629KB

.data
Size: 47KB - Virtual size: 75KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 195KB - Virtual size: 194KB