2024-09-05_50a98d931c7e63b1fadfd8bf9dc95cd6_floxif_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-05_50a98d931c7e63b1fadfd8bf9dc95cd6_floxif_magniber
Size

4.7MB
MD5

50a98d931c7e63b1fadfd8bf9dc95cd6
SHA1

ca1f318363c1cd798b612ddb7a83958bba4b5191
SHA256

37c9f3d0ac0a780058300dfe3998503f7eed7c63dd090999217f9977daec7007
SHA512

71ebf5655ea3d5a5fc10e546b3adc7a7a886e0ef5e1017220d081829373b80c69cf167e188beb5d7b71de7033ad04550f4a9b1d409dc11dc676d4704eac260b7
SSDEEP

98304:L0gG9bu2pcTMcNu8QX6je/UyTGMIXXaQc:1Kbu2KZQ8Qb/rTmtc

Score

1^/10

Malware Config

Signatures

Files

2024-09-05_50a98d931c7e63b1fadfd8bf9dc95cd6_floxif_magniber
.exe windows:5 windows x86 arch:x86

989cb6f741967a9d511d1332ebeab9ad

Code Sign

0d:81:4f:49:6e:14:01:49:7f:07:71:dd:d2:1f:44:0e
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/03/2019, 00:00

Not After

23/03/2022, 12:00

Subject

CN=SharpNight Co.\, Limited,O=SharpNight Co.\, Limited,L=Mongkok,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d5:52:0b:c4:e0:81:41:a5:12:36:f3:36:a5:5f:e8:f0:38:c5:8a:5a:74:f8:14:8e:72:4a:9a:98:b9:07:36:2b
Signer

Actual PE Digest

d5:52:0b:c4:e0:81:41:a5:12:36:f3:36:a5:5f:e8:f0:38:c5:8a:5a:74:f8:14:8e:72:4a:9a:98:b9:07:36:2b

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\work\recrobot\bin\Release\RecbotHardDriveRecovery.pdb

Imports

kernel32

GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetUserDefaultLCID
GetStdHandle
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
HeapSize
SetStdHandle
ExitProcess
HeapReAlloc
RaiseException
RtlUnwind
HeapAlloc
ExitThread
HeapFree
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
SetErrorMode
GetFileTime
GetFileAttributesW
GetFullPathNameW
SetEndOfFile
UnlockFile
LockFile
GetStringTypeExW
GlobalFlags
GetThreadLocale
lstrlenA
GlobalGetAtomNameW
FileTimeToLocalFileTime
VirtualProtect
WritePrivateProfileStringW
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
InterlockedExchange
VirtualQuery
GetSystemInfo
GetProfileIntW
InterlockedCompareExchange
ResetEvent
EnumResourceTypesW
EnumResourceNamesW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleHandleA
ResumeThread
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
FormatMessageW
DosDateTimeToFileTime
QueryPerformanceCounter
CreateFileA
OpenFileMappingW
OutputDebugStringA
GetFileSizeEx
FlushFileBuffers
QueryDosDeviceW
VirtualAlloc
ReleaseMutex
SetFileTime
CreateDirectoryW
DeviceIoControl
FindClose
FindFirstFileW
GetLogicalDrives
CreateMutexW
GetVersion
GetCurrentThread
WaitForMultipleObjects
CreateProcessW
TerminateThread
Sleep
GetExitCodeThread
CreateThread
GlobalFree
GlobalAlloc
SetCurrentDirectoryW
GetDiskFreeSpaceExW
GetCurrentDirectoryW
InterlockedIncrement
InterlockedDecrement
GetVersionExW
GetPrivateProfileIntW
GetSystemDefaultLangID
GetLocalTime
UnmapViewOfFile
SizeofResource
MapViewOfFile
CreateFileMappingW
DuplicateHandle
FileTimeToDosDateTime
SetFilePointer
GetFileInformationByHandle
GetFileType
WinExec
WriteFile
LoadLibraryA
lstrcpynW
GetLocaleInfoW
GetNumberFormatW
GetCurrentProcessId
GetCurrentThreadId
SetEvent
FreeLibrary
GetWindowsDirectoryW
GetModuleFileNameW
ReadFile
GetFileSize
CreateFileW
GetCurrentProcess
WideCharToMultiByte
WaitForSingleObject
CloseHandle
CreateEventW
ExpandEnvironmentStringsW
FreeResource
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetLastError
SetFileAttributesW
lstrcmpiW
GetDriveTypeW
lstrcpyW
lstrlenW
CompareFileTime
SystemTimeToFileTime
GetSystemTime
GetSystemTimeAsFileTime
MultiByteToWideChar
GetVolumeInformationW
FileTimeToSystemTime
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetTickCount
MulDiv
DeleteFileW
GetLastError
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
SetThreadLocale
FindResourceW
LoadResource
LockResource
EnumSystemLocalesA

user32

SetMenu
SetScrollPos
GetScrollPos
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
SendDlgItemMessageA
SendDlgItemMessageW
GetMessageW
LoadImageW
DrawFocusRect
GetActiveWindow
IsIconic
GetKeyState
GetDCEx
DrawTextA
ShowWindow
GetSubMenu
LoadMenuW
GetCursor
SendNotifyMessageW
DestroyIcon
DrawIconEx
GetIconInfo
ClientToScreen
SystemParametersInfoW
TrackPopupMenu
AppendMenuW
CreatePopupMenu
IntersectRect
TrackMouseEvent
DestroyWindow
IsWindowVisible
LoadBitmapW
GetFocus
DrawEdge
IsWindow
MessageBeep
SetWindowLongW
WinHelpW
GetWindowTextW
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
IsChild
KillTimer
GrayStringW
DrawTextExW
ScrollWindow
MapWindowPoints
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
GetLastActivePopup
SetDlgItemTextW
IsDialogMessageW
EnableWindow
LoadIconW
SendMessageW
InvalidateRect
UpdateWindow
PostMessageW
GetParent
ModifyMenuW
GetClientRect
DefWindowProcW
LoadCursorW
RegisterClassW
MessageBoxW
RegisterWindowMessageW
GetWindowRect
SetRectEmpty
IsRectEmpty
ShowScrollBar
OffsetRect
SetWindowTextW
MoveWindow
IsWindowEnabled
CheckMenuItem
EnableMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetDesktopWindow
GetWindowDC
BeginPaint
EndPaint
PostQuitMessage
ShowOwnedPopups
MapDialogRect
MapVirtualKeyW
WindowFromPoint
GetMenuItemInfoW
DestroyMenu
GetSysColorBrush
UnregisterClassW
DeleteMenu
CharUpperW
WaitMessage
TranslateAcceleratorW
BringWindowToTop
InsertMenuItemW
UnionRect
SetRect
UnpackDDElParam
ReuseDDElParam
GetSystemMenu
SetTimer
PeekMessageW
TranslateMessage
DispatchMessageW
CopyRect
GetCursorPos
PtInRect
SetLayeredWindowAttributes
InflateRect
EqualRect
RedrawWindow
GetSystemMetrics
SetCursor
IsCharAlphaW
GetDC
ReleaseDC
SetFocus
SetCapture
GetCapture
ReleaseCapture
SetParent
FillRect
LockWindowUpdate
PostThreadMessageW
GetNextDlgGroupItem
InvalidateRgn
TranslateMDISysAccel
DrawMenuBar
DefFrameProcW
SetWindowContextHelpId
CharNextW
LoadStringW
LoadAcceleratorsW
GetKeyboardLayoutList
GetKeyboardState
ToUnicodeEx
CopyAcceleratorTableW
SetCursorPos
GetMenuDefaultItem
IsWindowUnicode
GetWindowLongA
SetWindowLongA
SendMessageTimeoutW
IsMenu
GetWindowRgn
GetTabbedTextExtentA
GetDoubleClickTime
ShowCaret
HideCaret
IsClipboardFormatAvailable
SetWindowRgn
DrawFrameControl
RegisterClipboardFormatW
CreateIconIndirect
DrawStateW
InvertRect
LoadMenuIndirectW
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
DestroyCursor
GetMessagePos
ScreenToClient
CopyIcon
wsprintfW
GetAsyncKeyState
SetActiveWindow
GetSysColor
DrawIcon
DrawTextW
TabbedTextOutW

gdi32

ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SelectClipRgn
GetClipRgn
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetMapMode
PolyBezierTo
ExtSelectClipRgn
CreatePatternBrush
CreateRectRgnIndirect
CombineRgn
GetMapMode
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreateFontW
StretchDIBits
GetCurrentPositionEx
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
SetTextColor
GetClipBox
RoundRect
PatBlt
GetCharWidthW
CreateRectRgn
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetCurrentObject
GetDeviceCaps
SetPixel
GetTextExtentPoint32W
DeleteDC
Rectangle
CreatePen
SetBkColor
BitBlt
GetPixel
CreateBitmap
CreateCompatibleBitmap
Polygon
StretchBlt
CreateDIBSection
GetDIBits
GetTextColor
GetWindowOrgEx
GetBitmapBits
ExtCreateRegion
GetTextAlign
GetTextExtentPoint32A
Ellipse
Polyline
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
BeginPath
CreatePolygonRgn
GetRgnBox
PtInRegion
GetViewportOrgEx
CreateCompatibleDC
GetBkColor
SelectObject
CreateFontIndirectW
GetObjectW
DeleteObject
CreateSolidBrush
SetRectRgn
SetWindowOrgEx
GetStockObject

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

WriteEncryptedFileRaw
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
OpenEncryptedFileRawW
RegEnumKeyExW
CloseEncryptedFileRaw
EqualSid
GetTokenInformation
FreeSid
OpenThreadToken
AllocateAndInitializeSid
RegQueryValueW
OpenProcessToken

shell32

CommandLineToArgvW
DragQueryFileW
DragFinish
ShellExecuteW
ExtractIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder
SHGetFileInfoW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy

shlwapi

PathStripToRootW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW
ord12
PathIsUNCW

ole32

CoDisconnectObject
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromString
CoInitialize
CoCreateInstance
CoUninitialize
OleRun
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoInitializeEx

oleaut32

SafeArrayDestroy
VariantCopy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
VarBstrFromDate
SafeArrayUnaccessData
LoadTypeLi
VarDateFromStr
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringByteLen
SysAllocString
SysStringLen
SysAllocStringByteLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCreateVector
VarUdateFromDate
VariantChangeTypeEx
OleLoadPicturePath
SafeArrayAccessData
OleCreateFontIndirect

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdiplus

GdipDrawPath
GdipFillPath
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipDeletePath
GdipCreatePath
GdipClosePathFigure
GdiplusStartup
GdipGetImageWidth
GdipSetLineColors
GdipGetImageThumbnail
GdipCreateFromHWND
GdipMeasureString
GdipCreateBitmapFromHICON
GdipSetPathGradientFocusScales
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipDrawRectangleI
GdipCreatePen1
GdipCreatePen2
GdipSetStringFormatTrimming
GdipReleaseDC
GdipGetDC
GdipDrawImageRectRect
GdipGetClipBoundsI
GdipSetPenDashStyle
GdipDeleteFontFamily
GdipDeleteFont
GdipCreateFont
GdipCreateFontFamilyFromName
GdipDrawString
GdipDrawImageRect
GdipCreateSolidFill
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetClipRectI
GdiplusShutdown
GdipSetLinePresetBlend
GdipSetSmoothingMode
GdipFillRectangleI
GdipDeletePen
GdipCreateBitmapFromStream
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipAddPathRectangleI
GdipCreateLineBrushI
GdipDrawImageRectI
GdipDrawPolygonI
GdipGetImageHeight
GdipCreateLineBrushFromRectI
GdipAddPathArcI
GdipDrawImageI
GdipDrawLineI
GdipCreateBitmapFromGraphics
GdipGetImageGraphicsContext
GdipSetStringFormatFlags
GdipGraphicsClear
GdipDrawImageRectRectI

winmm

PlaySoundW

oledlg

OleUIBusyW
OleUIAddVerbMenuW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 668KB - Virtual size: 668KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

989cb6f741967a9d511d1332ebeab9ad

Code Sign

0d:81:4f:49:6e:14:01:49:7f:07:71:dd:d2:1f:44:0eCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

d5:52:0b:c4:e0:81:41:a5:12:36:f3:36:a5:5f:e8:f0:38:c5:8a:5a:74:f8:14:8e:72:4a:9a:98:b9:07:36:2bSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

version

gdiplus

winmm

oledlg

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 668KB - Virtual size: 668KB

.data Size: 58KB - Virtual size: 605KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 262KB - Virtual size: 261KB

0d:81:4f:49:6e:14:01:49:7f:07:71:dd:d2:1f:44:0e
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

d5:52:0b:c4:e0:81:41:a5:12:36:f3:36:a5:5f:e8:f0:38:c5:8a:5a:74:f8:14:8e:72:4a:9a:98:b9:07:36:2b
Signer

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 668KB - Virtual size: 668KB

.data
Size: 58KB - Virtual size: 605KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 262KB - Virtual size: 261KB