2024-10-04_a6060c17d4e0f287dd1e6af799072bff_magniber_wapomi

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-04_a6060c17d4e0f287dd1e6af799072bff_magniber_wapomi
Size

4.9MB
MD5

a6060c17d4e0f287dd1e6af799072bff
SHA1

2e58bc6af8b3959f2f7c1f633885cff52e320fae
SHA256

97ad11f3eb54c93ef2312df6bd2f4a924e4c235756eff4d40afca44fe633074e
SHA512

649693279a97a76fe9922b0ea207042bb6dd79984629f4c043f430d12e2a9aa08eb79efaab876f376b47b73196c127e8a6b497d500c0fca420af9888435c0ac1
SSDEEP

98304:iaA1YHJnv+LngQrCSGZr+h6Wz6KcyorqF5JbVydPlBe:iaA1Mv+LgQrLk26JyGqF5JwbB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-04_a6060c17d4e0f287dd1e6af799072bff_magniber_wapomi

Files

2024-10-04_a6060c17d4e0f287dd1e6af799072bff_magniber_wapomi
.exe windows:6 windows x86 arch:x86

52da829a65315e1afe45d99ca1a638a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Jenkins\workspace\Dilan_release-1.1.5\engine\bin\Win32\Release\windows_workload.pdb

Imports

kernel32

DeleteCriticalSection
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFullPathNameW
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFilePointerEx
SetLastError
DeviceIoControl
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
GetCommandLineW
LoadLibraryExA
SetThreadPriority
SetThreadExecutionState
GetCurrentThreadId
ExitProcess
OpenProcess
DuplicateHandle
Sleep
GetCurrentProcess
SwitchToThread
GetCurrentThread
GetExitCodeThread
EncodePointer
DecodePointer
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
ResetEvent
InitializeSListHead
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcessId
TerminateProcess
CreateTimerQueue
SignalObjectAndWait
CreateThread
GetThreadPriority
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
InitializeCriticalSectionAndSpinCount
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleFileNameW
LoadLibraryExW
GetVersionExW
VirtualAlloc
VirtualProtect
VirtualFree
SetProcessAffinityMask
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LoadLibraryW
WaitForSingleObject
RaiseException
RtlUnwind
GetStdHandle
GetFileType
GetModuleHandleExW
WriteConsoleW
ExitThread
ResumeThread
WriteFile
HeapAlloc
HeapFree
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
HeapSize
GetConsoleCP
GetConsoleMode
GetFileSizeEx
FlushFileBuffers
ReadFile
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
InitializeCriticalSection
CreateWaitableTimerA
SetWaitableTimer
EnumSystemLocalesA
IsDBCSLeadByteEx
GetLocaleInfoA
GetModuleHandleExA
GetModuleFileNameA
SetFilePointer
GetComputerNameW
InitializeCriticalSectionEx
CreateEventExA
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
SetEvent
CreateEventA
CreateMutexExA
WaitForSingleObjectEx
ReleaseMutex
CloseHandle
FormatMessageA
LocalFree
TryEnterCriticalSection
GetLogicalProcessorInformation
GetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
WideCharToMultiByte
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
SetThreadAffinityMask
GetModuleHandleA

user32

GetUpdateRect
LoadCursorA
CallNextHookEx
GetKeyState
GetWindowThreadProcessId
PostQuitMessage
GetForegroundWindow
RegisterClassExA
UnhookWindowsHookEx
SetWindowsHookExA
GetClientRect
InvalidateRect
LoadIconA
DefWindowProcA
SetForegroundWindow
BeginPaint
EndPaint
UnregisterClassA
TrackMouseEvent
SystemParametersInfoA
PeekMessageA
SetWindowPos
ShowWindow
EnumDisplaySettingsA
EnumDisplayDevicesA
GetMonitorInfoA
MessageBoxA
RegisterWindowMessageA
SendNotifyMessageA
AdjustWindowRectEx
ShowCursor
LockSetForegroundWindow
DestroyWindow
GetMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

d3d12

ord101
ord102
D3D12SerializeRootSignature

d3dcompiler_47

D3DDisassemble
D3DReflect
D3DCompile2

dxgi

CreateDXGIFactory2

avrt

AvSetMmThreadCharacteristicsA
AvRevertMmThreadCharacteristics

psapi

GetProcessImageFileNameA
GetModuleInformation

ws2_32

WSAWaitForMultipleEvents
WSAEventSelect
closesocket
WSAGetLastError
WSACleanup
WSAStartup
gethostname
gethostbyname
socket
setsockopt
sendto
recvfrom
htons
getsockopt
getsockname
ioctlsocket
bind
inet_ntoa
inet_addr
ntohs

shell32

SHGetFolderPathAndSubDirW

ole32

CoCreateInstance
PropVariantClear
CoInitialize

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 940KB - Virtual size: 939KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 169KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ސ~�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52da829a65315e1afe45d99ca1a638a0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

winmm

d3d12

d3dcompiler_47

dxgi

avrt

psapi

ws2_32

shell32

ole32

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 940KB - Virtual size: 939KB

.data Size: 169KB - Virtual size: 188KB

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 85KB - Virtual size: 84KB

ސ~�u� Size: 16KB - Virtual size: 20KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 940KB - Virtual size: 939KB

.data
Size: 169KB - Virtual size: 188KB

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 85KB - Virtual size: 84KB

ސ~�u�
Size: 16KB - Virtual size: 20KB