2024-02-21_00740d102eda088658697fcd656b0c36_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-21_00740d102eda088658697fcd656b0c36_magniber
Size

4.5MB
MD5

00740d102eda088658697fcd656b0c36
SHA1

8e5b0a61032096209fca376592578912465384d0
SHA256

53ae88a4dfc24380db2ff4984c8e0b6b6e204bed7397db5ddfd9e684cb617c44
SHA512

8d559eea0b297e49b0d25f2fb0114c0736665ea7f63c0a30d76ef541dec3b948138e13baee61c04df9669f70b9a9bea451c3b3a114e45fe88b1b4929c7ec640b
SSDEEP

98304:n27GPV43NZqnQNSGaC0jNzgIY52LrXfn6PW:sGPVONcnQNLiNzgIYULrye

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-21_00740d102eda088658697fcd656b0c36_magniber

Files

2024-02-21_00740d102eda088658697fcd656b0c36_magniber
.exe windows:4 windows x86 arch:x86

d29bb822ca4ff5b5abcbfa146a3193cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_ForIndependent\workspace\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

MultiByteToWideChar
FreeResource
lstrlenA
WriteFile
DeleteCriticalSection
UnmapViewOfFile
OpenMutexW
CreateMutexW
LoadLibraryExW
InterlockedIncrement
MapViewOfFileEx
InterlockedDecrement
CreateFileMappingW
lstrcmpiW
SetFilePointer
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualAlloc
GetVersionExW
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
MoveFileW
GetFullPathNameW
SetEndOfFile
DeviceIoControl
CreatePipe
DuplicateHandle
GetCPInfo
IsDBCSLeadByte
ReleaseMutex
GetSystemDefaultLangID
VirtualQuery
LocalAlloc
GetCurrentProcessId
WideCharToMultiByte
WriteConsoleW
Process32FirstW
WriteConsoleA
SetStdHandle
GetDriveTypeA
GetCurrentDirectoryA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetDiskFreeSpaceExW
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
ExitThread
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleA
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
CreateFileA
LoadLibraryA
GetLocaleInfoW
GetUserDefaultUILanguage
GetLocalTime
LeaveCriticalSection
GetSystemInfo
CreateToolhelp32Snapshot
GetVersion
QueryDosDeviceW
GetModuleHandleW
GetCurrentProcess
GetModuleFileNameW
GetProcAddress
lstrlenW
LoadLibraryW
GetSystemDirectoryW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
RemoveDirectoryW
FindClose
CreateProcessW
FindNextFileW
OutputDebugStringW
GetLastError
ReadFile
CreateDirectoryW
GetFileAttributesW
GetTempFileNameW
FindResourceExW
GetTickCount
GetTempPathW
FreeLibrary
SetLastError
FlushInstructionCache
RaiseException
CopyFileW
HeapFree
InitializeCriticalSection
GetCurrentThreadId
GetProcessHeap
HeapAlloc
GetCommandLineW
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
SearchPathW
EnterCriticalSection
SetErrorMode
Sleep
CreateThread
SetEvent
CreateEventW
DeleteFileW
LoadResource
SetFileAttributesW
LockResource
GetFileSize
lstrcmpW
SizeofResource
CreateFileW
FindFirstFileW
Process32NextW
TerminateProcess
FindResourceW
IsValidLocale
OpenProcess
GetConsoleOutputCP
MoveFileExW

user32

CopyImage
LoadStringW
CreateWindowExW
CopyRect
SetRect
GetWindowRect
UnregisterClassA
MoveWindow
MessageBoxW
SendMessageW
IsChild
KillTimer
SetTimer
ScreenToClient
GetClassNameW
GetSystemMetrics
mouse_event
GetWindowDC
FindWindowExW
CreateAcceleratorTableW
FillRect
DestroyAcceleratorTable
FrameRect
GetSysColor
InvalidateRgn
GetWindowTextW
LoadIconW
RedrawWindow
CharUpperW
CharLowerW
LoadImageW
GetFocus
SetFocus
GetWindowTextLengthW
GetActiveWindow
GetClientRect
GetDesktopWindow
IsWindowEnabled
EnableWindow
MapWindowPoints
ShowWindow
SetWindowRgn
TrackPopupMenu
DrawTextW
DestroyIcon
SetCursor
GetSystemMenu
EqualRect
GetKeyState
DrawFrameControl
OffsetRect
PtInRect
BeginPaint
ClientToScreen
GetMonitorInfoW
GetPropW
MonitorFromWindow
SetPropW
EndPaint
PostThreadMessageW
DrawIconEx
RegisterClassW
CallWindowProcW
SetWindowTextW
ReleaseCapture
PostMessageW
SetCapture
GetDlgCtrlID
IsWindowVisible
RegisterWindowMessageW
DefWindowProcW
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
CharNextW
GetWindowThreadProcessId
GetDC
ReleaseDC
InflateRect
InvalidateRect
GetDlgItem
GetParent
LoadCursorW
DestroyWindow
DispatchMessageW
SetActiveWindow
GetWindowLongW
TranslateMessage
GetMessageW
GetClassInfoExW
IsWindow
SetWindowPos
PeekMessageW
RegisterClassExW
GetWindow
SystemParametersInfoW
SetWindowLongW

gdi32

CreateSolidBrush
GetDeviceCaps
ExtSelectClipRgn
SaveDC
SelectClipRgn
CombineRgn
MoveToEx
LineTo
RectInRegion
GetTextExtentPoint32W
SetBkMode
OffsetRgn
CreateRectRgn
TextOutW
RoundRect
RestoreDC
GetTextMetricsW
GetStockObject
CreatePen
Rectangle
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
CreateBitmap
StretchBlt
SetBkColor
SetTextColor
SelectObject
DeleteDC
ExtTextOutW
GetObjectW
DeleteObject
GetClipRgn
CreateRectRgnIndirect
GetCurrentObject

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteValueW
IsTextUnicode
OpenProcessToken
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

shell32

SHGetSpecialFolderPathW
ShellExecuteW
ord680
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CoFreeUnusedLibrariesEx
OleLockRunning
CoGetClassObject
CreateStreamOnHGlobal
StringFromGUID2
CLSIDFromString
OleInitialize
CLSIDFromProgID
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoTaskMemRealloc
CoInitializeEx
CoCreateInstance
CoUninitialize
OleUninitialize

oleaut32

VarBstrCmp
SysFreeString
SysAllocString
SysStringLen
OleLoadPicture
SysAllocStringLen
VariantCopy
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
VarUI4FromStr
VariantInit
DispCallFunc
VariantClear

shlwapi

PathAddBackslashW
PathAppendW
StrToIntA
PathFileExistsW
PathRemoveBackslashW

comctl32

InitCommonControlsEx
_TrackMouseEvent

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

htonl
htons

netapi32

Netbios

Sections

.text
Size: 840KB - Virtual size: 836KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d29bb822ca4ff5b5abcbfa146a3193cd

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

version

ws2_32

netapi32

Sections

.text Size: 840KB - Virtual size: 836KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 840KB - Virtual size: 836KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB