2024-10-09_9e2c1285e047b321b975ef0d3831aa06_magniber_rhadamanthys

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-09_9e2c1285e047b321b975ef0d3831aa06_magniber_rhadamanthys
Size

18.6MB
MD5

9e2c1285e047b321b975ef0d3831aa06
SHA1

dcdc3b8888285ce2bf7fbdf9016be4ca37d137f6
SHA256

780150c31473ae6010751f16cf3ad0d6fc6b0a24dd9b02dfcbf01cc64cdab7a9
SHA512

512929b83a6e946db9fd0ea647793db79de58725116f59469d96f5bc085d0f84ca2a97487466215c81556427af7039f38e1cfe9c621f489084d682c6ec1eeaba
SSDEEP

393216:7WxmDj5Vp1L8ukUto0+EpwnMKrk1Pj3qLA2W9UbakLW:7F1L8ukDEIMz1DyA2gUbJW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-09_9e2c1285e047b321b975ef0d3831aa06_magniber_rhadamanthys

Files

2024-10-09_9e2c1285e047b321b975ef0d3831aa06_magniber_rhadamanthys
.exe windows:6 windows x86 arch:x86

91b9f5db2ebb307615c9e6fe98378b9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\projets\vbsedit_source\installation_new\vbsedit\Release\vbsedit_installer.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

IsValidLocale
LCMapStringW
GetTimeFormatW
GetTimeZoneInformation
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
FindFirstFileExW
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
OutputDebugStringW
EnumSystemLocalesW
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LocalUnlock
LocalLock
GetTickCount
GetUserDefaultLCID
ReplaceFileW
SetFilePointerEx
GetTempFileNameW
GetDiskFreeSpaceW
SearchPathW
GetProfileIntW
GetTempPathW
SystemTimeToTzSpecificLocalTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
VerifyVersionInfoW
VerSetConditionMask
GetStringTypeExW
MoveFileW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
GetCurrentDirectoryW
lstrcpyW
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GetUserDefaultUILanguage
FindResourceExW
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GetTickCount64
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryW
LoadLibraryA
GetModuleHandleA
VirtualProtect
OutputDebugStringA
WideCharToMultiByte
SetLastError
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
GetVersionExW
RaiseException
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
lstrcmpiW
FreeLibrary
GetCurrentProcess
GetModuleHandleW
GetProcAddress
ExitProcess
GetProcessId
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
MultiByteToWideChar
GetExitCodeThread
CreateThread
Sleep
GetDateFormatW
CopyFileW
GetModuleFileNameW
DeleteFileW
GetLastError
GetFileAttributesW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetWindowsDirectoryW
SetFileTime
WriteFile
CreateFileW
SizeofResource
LockResource
LoadResource
FindResourceW
CloseHandle
WriteConsoleW
OpenProcess
GetComputerNameW
SetEnvironmentVariableW
GetStringTypeW
SetConsoleCtrlHandler
GetSystemInfo

user32

DestroyIcon
InvalidateRect
TrackMouseEvent
CopyImage
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
RealChildWindowFromPoint
IntersectRect
InflateRect
GetDialogBaseUnits
LoadCursorW
GetSysColorBrush
SetCursor
ShowOwnedPopups
SetWindowContextHelpId
RegisterClipboardFormatW
PostQuitMessage
GetCursorPos
TranslateMessage
GetMessageW
LoadMenuW
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
GetWindowThreadProcessId
OffsetRect
SetRectEmpty
SendDlgItemMessageA
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
LoadImageW
GetWindowTextW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetRect
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
EnableWindow
GetParent
PostMessageW
SendMessageW
SetTimer
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
CopyRect
ReleaseDC
GetDC
MapVirtualKeyW
GetKeyNameTextW
IsWindow
MapDialogRect
GetWindow
CharUpperW
CreatePopupMenu
GetMenuDefaultItem
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
FrameRect
WaitMessage
GetWindowLongW
GetWindowRect
SetCapture
ReleaseCapture
WindowFromPoint
DeleteMenu
PostThreadMessageW
CopyAcceleratorTableW
GetWindowTextLengthW
InvalidateRgn
KillTimer
AllowSetForegroundWindow
UnregisterClassW
CharNextW
LoadIconW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
UnhookWindowsHookEx
ShowWindow
SetWindowPos
GetDlgItem
SetFocus
GetActiveWindow
GetFocus
GetAsyncKeyState
GetCapture
IsWindowEnabled
SetActiveWindow
SetPropW
GetPropW
RemovePropW
EmptyClipboard
DrawStateW
SetClassLongW
SetWindowRgn
SetParent
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
GetTabbedTextExtentW
GetDCEx
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageW
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
UnionRect
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
SetScrollPos

gdi32

GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
GetTextMetricsW
EnumFontFamiliesExW
CombineRgn
GetCurrentPositionEx
SetRectRgn
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
GetCurrentObject
CreateFontW
GetCharWidthW
StretchDIBits
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
CreateBitmap
SetTextColor
SetBkColor
CreateRectRgnIndirect
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateFontIndirectW
GetMapMode
PatBlt
GetObjectW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

shell32

DragQueryFileW
ShellExecuteW
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragFinish
SHGetFileInfoW
ExtractIconW
SHAddToRecentDocs
ord680
ShellExecuteExW
SHCreateDirectoryExW
SHGetFolderPathW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
SHAppBarMessage

shlwapi

PathStripToRootW
PathIsUNCW
PathRemoveExtensionW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

DrawThemeBackground
CloseThemeData
GetThemeColor
OpenThemeData
GetThemePartSize
GetThemeSysColor
IsAppThemed
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
DrawThemeText
DrawThemeParentBackground
GetCurrentThemeName

ole32

CoRegisterClassObject
CoGetClassObject
CreateDataAdviseHolder
CreateOleAdviseHolder
CoDisconnectObject
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleRun
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
OleRegGetMiscStatus
OleRegEnumVerbs
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
StringFromCLSID
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitializeEx
CoCreateInstance
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
GetRunningObjectTable
OleQueryCreateFromData
OleQueryLinkFromData
CoGetMalloc
OleIsRunning
OleGetIconOfClass

oleaut32

SysAllocString
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
VariantClear
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VariantInit
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
SysAllocStringLen
SysAllocStringByteLen
VariantChangeType
SysStringByteLen
VarUI4FromStr
SafeArrayGetUBound
SysFreeString

oledlg

OleUIBusyW

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 565KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.6MB - Virtual size: 8.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91b9f5db2ebb307615c9e6fe98378b9e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

winspool.drv

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

psapi

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 565KB - Virtual size: 568KB

.data Size: 32KB - Virtual size: 60KB

.rsrc Size: 8.6MB - Virtual size: 8.6MB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 565KB - Virtual size: 568KB

.data
Size: 32KB - Virtual size: 60KB

.rsrc
Size: 8.6MB - Virtual size: 8.6MB