2024-09-20_5ce079067fa4fe9940417b8a433d37d0_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-20_5ce079067fa4fe9940417b8a433d37d0_magniber
Size

4.8MB
MD5

5ce079067fa4fe9940417b8a433d37d0
SHA1

3733eaa5139b8b22d157b6c9b8260390a61619c1
SHA256

2837e2e339a7eebb2bbe22502b423d761ac35734c6d660942f48c9a5ce611541
SHA512

80ae76e6fab12ff564bc9438fd61188d12e34734ef24b8cf9027a63bd0cd5af3ff20d8b707b02108baa3728bece7e0e160cc41b4139ae35cf3e217f154d07705
SSDEEP

98304:Zszut86yqxsbIH5dpad0nMOJ2GkzH/OnOqHj5/WUF2bPJB/1/GVfFw:OT6yWsbIH5dpxJ2GkbGjlWUFOJBa6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-20_5ce079067fa4fe9940417b8a433d37d0_magniber

Files

2024-09-20_5ce079067fa4fe9940417b8a433d37d0_magniber
.exe windows:6 windows x86 arch:x86

40a7d73ea69a2a16e59f723359848765

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\work\setup_source\Install.pdb

Imports

kernel32

GetPrivateProfileStringW
WritePrivateProfileStringW
GetTempPathW
GetDriveTypeW
CreateThread
MoveFileW
GetTempFileNameW
CopyFileW
GetCurrentProcessId
MoveFileExW
GetLocalTime
DeleteFileW
FormatMessageW
GetSystemDirectoryW
LoadLibraryExW
lstrcmpiW
Sleep
MultiByteToWideChar
ExitThread
GetCurrentThreadId
CreateMutexW
GetCommandLineW
MapViewOfFile
CreateFileMappingW
ResetEvent
GetSystemInfo
CloseHandle
SetEvent
CreateEventW
UnmapViewOfFile
CreateFileW
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
LoadLibraryW
GetModuleFileNameW
lstrcpynW
GetCurrentProcess
FindResourceW
LoadResource
FindResourceExW
LockResource
SizeofResource
GetModuleHandleW
GetProcessHeap
lstrcmpA
DeviceIoControl
WriteConsoleW
ReadConsoleW
SetFilePointerEx
GetStringTypeW
SetStdHandle
SetConsoleCtrlHandler
SetEnvironmentVariableW
FreeEnvironmentStringsW
DeleteCriticalSection
LocalFree
GetProcAddress
HeapDestroy
DecodePointer
HeapAlloc
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
ExitProcess
GetModuleHandleExW
RtlUnwind
WaitForMultipleObjectsEx
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
ReleaseSemaphore
DuplicateHandle
SetProcessAffinityMask
VirtualProtect
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
GetCurrentThread
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
lstrlenA
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
RaiseException
HeapReAlloc
GetLastError
HeapSize
LocalAlloc
InitializeCriticalSectionEx
HeapFree
OutputDebugStringW
IsDebuggerPresent
GetTempFileNameA
GetTempPathA
DeleteFileA
CreateFileA
GetFileSizeEx
GetVersionExW
GetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTickCount
MulDiv
FreeResource
GetACP
OpenProcess
GetFileSize
ReadFile
lstrcmpW
FileTimeToLocalFileTime
FindFirstFileW
FindNextFileW
GetFileTime
LocalFileTimeToFileTime
SetEndOfFile
SetFilePointer
SetFileTime
WriteFile
GetSystemTime
FileTimeToDosDateTime
DosDateTimeToFileTime
SystemTimeToFileTime
WideCharToMultiByte
IsBadReadPtr
GetVersion
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
ResumeThread
SearchPathW
CreateDirectoryW
GetFullPathNameW
GetShortPathNameW
RemoveDirectoryW
SetFileAttributesW
GetWindowsDirectoryW
lstrlenW
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
GetLogicalDriveStringsW
CompareFileTime
GetFileInformationByHandle
GetStdHandle
GetFileAttributesExW
GetFileAttributesW
SetLastError
GetDiskFreeSpaceExW
QueryDosDeviceW
GetLongPathNameW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
WaitForMultipleObjects
TerminateProcess
GetExitCodeProcess
RtlCaptureStackBackTrace

user32

SendMessageW
PostQuitMessage
LoadImageW
GetMessageW
DefWindowProcW
FindWindowExW
SendMessageTimeoutW
DispatchMessageW
PeekMessageW
FindWindowW
GetWindowThreadProcessId
GetShellWindow
IsWindowEnabled
InvalidateRgn
CreateAcceleratorTableW
GetMonitorInfoW
GetWindowDC
RedrawWindow
SetLayeredWindowAttributes
MonitorFromWindow
CharNextW
TranslateMessage
MessageBoxW
GetSystemMetrics
PostMessageW
DestroyWindow
ScreenToClient
IsWindow
UnregisterClassW
CreateWindowExW
IsChild
UpdateLayeredWindow
SetWindowPos
IsWindowVisible
IsZoomed
SetFocus
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
GetWindowRect
GetCursorPos
CreateCaret
GetCaretBlinkTime
SetCaretPos
MapWindowPoints
IntersectRect
UnionRect
IsRectEmpty
PtInRect
GetWindowLongW
SetWindowLongW
GetParent
GetClassNameW
GetWindow
IsIconic
EnableWindow
SetWindowRgn
CallWindowProcW
RemovePropW
wsprintfW
SetPropW
RegisterClassW
RegisterClassExW
GetClassInfoExW
ShowWindow
GetMenu
GetPropW
AdjustWindowRectEx
LoadCursorW
SystemParametersInfoW
wvsprintfW
SetCursor
InflateRect
OffsetRect
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
MonitorFromPoint
CopyRect
CopyImage
CharPrevW
DrawTextW
SetRect
DestroyIcon
DrawIconEx
GetIconInfo
GetMessagePos
MoveWindow
GetDlgCtrlID
DrawFocusRect
FillRect
HideCaret
ShowCaret
ClientToScreen
GetSysColor
SetForegroundWindow

advapi32

RegSetValueExW
RegOpenKeyExW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
DeleteAce
GetTrusteeNameW
LookupAccountSidW
LookupAccountNameW
GetExplicitEntriesFromAclW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetKeyParam
CryptGetHashParam
CryptImportKey
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptHashData
CryptDestroyHash
RegCreateKeyW
RegQueryValueExW
OpenProcessToken
AdjustTokenPrivileges
DuplicateTokenEx
LookupPrivilegeValueW
RegEnumValueW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
GetUserNameW
CheckTokenMembership
RegDeleteValueW
FreeSid
AllocateAndInitializeSid
EqualSid

shell32

SHChangeNotify
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
ShellExecuteExW
ord165
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHFileOperationW

ole32

CoCreateGuid
OleUninitialize
CoInitialize
CreateStreamOnHGlobal
StringFromGUID2
CLSIDFromString
OleLockRunning
OleRun
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoTaskMemFree
OleInitialize
CoTaskMemRealloc
CLSIDFromProgID

oleaut32

SysStringLen
VarUI4FromStr
VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
SysFreeString
VariantCopy
VariantInit
SafeArrayPutElement
SafeArrayCreate

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathAppendW
PathIsRelativeW
PathCombineW
PathIsDirectoryW
SHAutoComplete
StrStrIW
wnsprintfW
PathFindFileNameA
PathIsPrefixW
AssocQueryStringW
SHSetValueW
PathFindExtensionW
PathCompactPathW
SHSetValueA
PathFileExistsW
PathIsRootW
StrToIntExW
PathRenameExtensionA
SHGetValueW

comctl32

InitCommonControlsEx
ord17
_TrackMouseEvent
ImageList_DrawEx
ImageList_GetIconSize

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msimg32

AlphaBlend
GradientFill

gdiplus

GdiplusShutdown
GdiplusStartup
GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawLineI
GdipDrawRectangleI
GdipDrawPath
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromStreamICM
GdipDrawImageRectI
GdipGetImagePixelFormat
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipFillEllipseI
GdipClosePathFigure
GdipCreateTexture
GdipCloneImage
GdipDisposeImage
GdipDrawEllipseI
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipAddPathArc
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipGraphicsClear
GdipFillPath
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSaveImageToFile

psapi

EnumProcesses
GetProcessImageFileNameW
GetModuleFileNameExW

crypt32

CryptStringToBinaryW
CryptBinaryToStringA
CryptBinaryToStringW
CryptStringToBinaryA

iphlpapi

GetAdaptersInfo

wininet

InternetGetConnectedState

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

setupapi

SetupIterateCabinetW

netapi32

Netbios

gdi32

GetClipBox
CreateRectRgnIndirect
CombineRgn
GetDeviceCaps
GetTextExtentPoint32W
SetTextColor
SetBkMode
CreateSolidBrush
CreateRoundRectRgn
SetWindowOrgEx
GetObjectW
GetTextMetricsW
SelectClipRgn
SaveDC
RestoreDC
Rectangle
GetStockObject
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateDCW
GetTextColor
GdiFlush
SetDIBitsToDevice
GetDIBits
ExtTextOutW
ExtSelectClipRgn
SetDIBColorTable
CreateDIBSection
SetStretchBltMode
StretchBlt
SelectObject
SetBkColor
TextOutW
GetCharABCWidthsW

Exports

Exports

_start@12
start

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 405KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 922KB - Virtual size: 922KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40a7d73ea69a2a16e59f723359848765

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

version

msimg32

gdiplus

psapi

crypt32

iphlpapi

wininet

urlmon

setupapi

netapi32

gdi32

Exports

Exports

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 405KB - Virtual size: 405KB

.data Size: 24KB - Virtual size: 67KB

.rsrc Size: 922KB - Virtual size: 922KB

.reloc Size: 102KB - Virtual size: 101KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 405KB - Virtual size: 405KB

.data
Size: 24KB - Virtual size: 67KB

.rsrc
Size: 922KB - Virtual size: 922KB

.reloc
Size: 102KB - Virtual size: 101KB