2024-09-19_bf97c3522ce6157114d99293730d5150_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-19_bf97c3522ce6157114d99293730d5150_magniber
Size

3.1MB
MD5

bf97c3522ce6157114d99293730d5150
SHA1

b054939dee89941b21a53f9d2e54f6fb3c989f20
SHA256

4ce0e1d5d364be80a6679f81ecc204e61be7229f35a66b63c10a657a9812c3ba
SHA512

6cd0f9fedfdad60761278d1bb1bbbe2ba75ea4e26586b6aa0603e2f7efa34277b9a55059d4b9da5f9937e80ae97f37c9e050cece84e8692e15316c9c26c04c70
SSDEEP

98304:YNF0lrvX2MXTWShaDNVu0VLGMb5Cx0taAUgLdpq+Xvna9k7VoiX996Kc2OD527Bx:YNF2rPIpVu0VLGMb5Cx0taAUgLdpq+XP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-19_bf97c3522ce6157114d99293730d5150_magniber

Files

2024-09-19_bf97c3522ce6157114d99293730d5150_magniber
.exe windows:6 windows x86 arch:x86

30c1e56238b5da18eb1c3e60ecb3acf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

SophosHealth.pdb

Imports

kernel32

CreateHardLinkW
SetNamedPipeHandleState
GetNamedPipeClientProcessId
PeekNamedPipe
LocalAlloc
DisconnectNamedPipe
GetCurrentThread
ConnectNamedPipe
DeleteFileW
MoveFileExW
GetTickCount64
ExpandEnvironmentStringsW
CancelWaitableTimer
FindFirstChangeNotificationW
FindNextChangeNotification
ExitThread
CreateThread
InitializeCriticalSection
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
HeapFree
GetFullPathNameW
GetDiskFreeSpaceW
LockFile
SetFilePointer
GetFullPathNameA
UnlockFileEx
GetTempPathW
GetFileAttributesW
GetVersionExW
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
HeapReAlloc
RaiseException
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetFileSize
SystemTimeToFileTime
FreeLibrary
GetSystemTime
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
LoadLibraryExW
GetFileInformationByHandleEx
GetStdHandle
DeviceIoControl
GetConsoleMode
GetFileInformationByHandle
WriteConsoleW
GetOverlappedResultEx
ReplaceFileW
GetModuleHandleExW
GetModuleFileNameW
FindClose
FreeEnvironmentStringsW
FindCloseChangeNotification
VirtualProtect
VirtualQuery
LoadLibraryExA
LocalFree
FlushFileBuffers
CreateIoCompletionPort
GetSystemTimeAsFileTime
TlsGetValue
VerifyVersionInfoW
SleepEx
VerSetConditionMask
DeleteCriticalSection
UnregisterWaitEx
SetFilePointerEx
GetOverlappedResult
QueueUserAPC
ResetEvent
CancelIoEx
GetSystemInfo
CloseHandle
TlsAlloc
TerminateThread
CreateFileA
CreateEventW
PostQueuedCompletionStatus
GetCurrentThreadId
CreateFileW
WaitForSingleObject
CreateMutexW
SetEndOfFile
GetQueuedCompletionStatus
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
CreateNamedPipeW
RegisterWaitForSingleObject
WriteFile
CreateWaitableTimerW
EnterCriticalSection
SetLastError
TlsSetValue
SetWaitableTimer
GetFileSizeEx
ReadFile
Sleep
MultiByteToWideChar
SetEvent
SetDllDirectoryW
GetModuleHandleW
GetProcessHeap
GetProcAddress
HeapSetInformation
SetSearchPathMode
SetEnvironmentVariableW
OpenProcess
GetCurrentProcessId
OutputDebugStringA
GetLastError
TerminateProcess
GetCurrentProcess
FormatMessageA
TlsFree
QueryUnbiasedInterruptTime
WideCharToMultiByte
IsWow64Process
GetEnvironmentStringsW
SetStdHandle
GetTimeZoneInformation
GetOEMCP
GetACP
IsValidCodePage
ReadConsoleW
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
GetCommandLineW
GetCommandLineA
ExitProcess
FreeLibraryAndExitThread
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
CompareStringEx
LCMapStringEx
DecodePointer
EncodePointer
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
FindFirstFileExW
FindNextFileW
SetFileInformationByHandle
InitializeSRWLock
InitializeCriticalSectionEx
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
GetExitCodeThread
QueryPerformanceFrequency
GetStringTypeW
FormatMessageW

advapi32

OpenServiceW
QueryServiceStatusEx
CloseServiceHandle
RegGetValueW
RegDeleteKeyExW
RegEnumKeyExW
RegDeleteTreeW
RegNotifyChangeKeyValue
OpenSCManagerW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RevertToSelf
EqualSid
AllocateAndInitializeSid
ImpersonateNamedPipeClient
FreeSid
ConvertSidToStringSidW
OpenThreadToken
RegEnumValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegCloseKey
ConvertSidToStringSidA
IsWellKnownSid
OpenProcessToken
GetTokenInformation
RegisterServiceCtrlHandlerExW
SetServiceStatus
StartServiceCtrlDispatcherW

shell32

SHGetKnownFolderPath
SHGetFolderPathW

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize
CoCreateGuid
CoInitializeSecurity

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 656KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30c1e56238b5da18eb1c3e60ecb3acf0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

ole32

version

ws2_32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 323KB - Virtual size: 323KB

.data Size: 71KB - Virtual size: 77KB

.didat Size: 512B - Virtual size: 32B

.rsrc Size: 232KB - Virtual size: 231KB

.reloc Size: 656KB - Virtual size: 660KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 323KB - Virtual size: 323KB

.data
Size: 71KB - Virtual size: 77KB

.didat
Size: 512B - Virtual size: 32B

.rsrc
Size: 232KB - Virtual size: 231KB

.reloc
Size: 656KB - Virtual size: 660KB