2024-10-14_fd9fcb4cedd9a5db2e8454957fea8c74_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-14_fd9fcb4cedd9a5db2e8454957fea8c74_magniber
Size

2.2MB
MD5

fd9fcb4cedd9a5db2e8454957fea8c74
SHA1

ef9152ff8cd114b02e179811a6c76c9dd1fa84dc
SHA256

984a01a663710d92766d5ad7b000a6fc760a09c66ad91ab3b2e115d37cbb98f6
SHA512

11fb40f3adbafe31f358ddcb18c720e36506612645563c351592c5418963f0a2364cdf113f9156df9a55d2aa073f80fc389a7969138a79cbae94402605f6f86c
SSDEEP

49152:oTEUGSdSfyQKkinRjR6Mvrq6KMSDjkgdxmGhyXUfgHDSX9q76gYlGdurm5D7v:ZUGESfyCCRAkgdxm57mGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-14_fd9fcb4cedd9a5db2e8454957fea8c74_magniber

Files

2024-10-14_fd9fcb4cedd9a5db2e8454957fea8c74_magniber
.exe windows:6 windows x86 arch:x86

6732f8f3060bb9b447b927114d38b255

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Sources\Koi Pond Ogre\Koi Pond Waterfall\Settings\Release\Koi Pond 3D Screensaver.pdb

Imports

d3d11

D3D11CreateDevice

d3d9

Direct3DCreate9

winmm

timeGetTime

kernel32

LoadResource
LockResource
SizeofResource
FindResourceW
lstrcmpW
GlobalAlloc
GlobalLock
RaiseException
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GlobalUnlock
GetCommandLineW
CloseHandle
WaitForSingleObject
CreateProcessW
FreeLibrary
GetModuleFileNameW
LoadLibraryExW
LoadLibraryW
lstrcmpiW
GetCurrentDirectoryW
LoadLibraryA
lstrcpyW
GetLocaleInfoW
GetGeoInfoW
GetUserGeoID
GetUserDefaultUILanguage
GetCurrentThread
GetThreadTimes
InitOnceExecuteOnce
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
SetConsoleCtrlHandler
FreeResource
HeapReAlloc
HeapSize
GetConsoleOutputCP
FlushFileBuffers
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
InitializeCriticalSectionEx
GetTimeFormatW
GetDateFormatW
GetFileType
SetFilePointerEx
ReadConsoleW
GetConsoleMode
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
ReadFile
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
InterlockedFlushSList
RtlUnwind
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
GetProcessHeap
HeapFree
HeapAlloc
OutputDebugStringW
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetFileAttributesA
HeapQueryInformation
DeleteCriticalSection
GetLastError
DecodePointer
GetLocaleInfoA
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetModuleHandleW
GetCurrentProcess
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileAttributesW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
CreateFileW
SetEndOfFile
GetTempPathW
SetFileInformationByHandle
LCMapStringEx
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
SleepConditionVariableSRW
WakeAllConditionVariable
GetCPInfo
CompareStringEx
CreateSymbolicLinkW
GetFileInformationByHandleEx
EncodePointer
GetLocaleInfoEx
LocalFree
GetStringTypeW
FormatMessageA
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
CompareStringW
WriteConsoleW
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW

user32

RegisterClassExW
DefWindowProcW
PostQuitMessage
CallWindowProcW
BeginPaint
EndPaint
GetClientRect
GetWindowLongW
SetWindowLongW
SendMessageW
PostMessageW
DialogBoxParamW
EndDialog
UnregisterClassW
SetWindowTextW
GetWindowTextW
GetTopWindow
GetWindow
GetParent
EnumChildWindows
FindWindowW
EnumWindows
GetDlgItem
EnumDisplayDevicesA
GetMonitorInfoW
MonitorFromRect
EnumDisplayDevicesW
EnumDisplaySettingsW
DestroyIcon
RegisterWindowMessageW
wsprintfW
LoadIconW
LoadCursorW
AdjustWindowRect
GetSystemMetrics
CharNextW
ShowWindow
DestroyWindow
IsWindow
CreateWindowExW
GetClassInfoExW
OpenClipboard
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
MessageBoxW
EnableWindow
GetActiveWindow
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
GetClassNameW

comdlg32

GetOpenFileNameW
CommDlgExtendedError

advapi32

RegQueryValueExW
CheckTokenMembership
RegEnumKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyW
RegSetValueExW
AllocateAndInitializeSid
RegOpenKeyExW
RegFlushKey
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
FreeSid

shell32

ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
CoInitialize
CoCreateGuid
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal

oleaut32

VariantInit
SysAllocString
OleLoadPicture
SysAllocStringLen
SysFreeString
VarUI4FromStr
VariantClear

comctl32

InitCommonControlsEx

urlmon

ObtainUserAgentString

wininet

HttpSendRequestA
HttpOpenRequestA
InternetOpenA
InternetCloseHandle
InternetConnectA
InternetSetStatusCallbackW

bcrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6732f8f3060bb9b447b927114d38b255

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d11

d3d9

winmm

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

urlmon

wininet

bcrypt

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 317KB - Virtual size: 317KB

.data Size: 48KB - Virtual size: 240KB

.rsrc Size: 218KB - Virtual size: 217KB

.reloc Size: 80KB - Virtual size: 79KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 317KB - Virtual size: 317KB

.data
Size: 48KB - Virtual size: 240KB

.rsrc
Size: 218KB - Virtual size: 217KB

.reloc
Size: 80KB - Virtual size: 79KB