2024-03-25_7b2db479671dfcf2b071738efdff6341_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-25_7b2db479671dfcf2b071738efdff6341_magniber
Size

3.1MB
MD5

7b2db479671dfcf2b071738efdff6341
SHA1

7e0cd1d1d5cb9b34a4afb3a41657faf99b086096
SHA256

6971817165d6fdad0f84dd50920629951d845db88be17d67f4014ebbcd121aa7
SHA512

5afd2188dab20cf9ef6873240bbf92f8cd663db6f1b9987066281b5fb317affd640c01687955371c072f59d031d8e1942d0cb07133e11817a15f4f90e5d5be1b
SSDEEP

49152:KJ2XRwKYCjHT41rZIeNYPepd5UcUvBWcOOaPwNMTYBmssBmbUD:22BwlCneFd5LYqwqT27iD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-25_7b2db479671dfcf2b071738efdff6341_magniber

Files

2024-03-25_7b2db479671dfcf2b071738efdff6341_magniber
.exe windows:4 windows x86 arch:x86

c53c2e4ea21aaa985c009fbdff00fb60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_Trunk\workspace\11.3Patch_SourceJob\qqpcmgr_proj\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

lstrcmpiW
SetCurrentDirectoryW
LoadLibraryExW
OpenMutexW
Process32NextW
MoveFileExW
RemoveDirectoryW
CreateDirectoryW
SetFilePointer
OutputDebugStringW
GetExitCodeProcess
QueryDosDeviceW
CreateToolhelp32Snapshot
Process32FirstW
LocalAlloc
LocalFree
Module32FirstW
Module32NextW
SetThreadPriority
GetCurrentThread
ReleaseMutex
OpenThread
SuspendThread
VirtualFree
VirtualAlloc
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
SetEndOfFile
GetTempFileNameW
GetFullPathNameW
SetFileTime
SetFileAttributesW
MoveFileW
GetSystemInfo
IsBadReadPtr
CreateFileMappingW
MapViewOfFileEx
CreateMutexW
GetPrivateProfileIntW
GlobalMemoryStatus
CreateThread
GetDriveTypeW
GetLogicalDriveStringsW
WriteFile
FreeResource
OpenSemaphoreW
CreateNamedPipeW
OpenEventW
LocalFileTimeToFileTime
ResumeThread
SystemTimeToFileTime
WideCharToMultiByte
GetProcessTimes
TerminateThread
SleepEx
GetDriveTypeA
GetCurrentDirectoryA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleA
IsDebuggerPresent
UnhandledExceptionFilter
ExitThread
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetDiskFreeSpaceExW
FlushInstructionCache
FreeLibrary
DeviceIoControl
GetVersion
lstrcmpW
SetLastError
UnmapViewOfFile
MapViewOfFile
GetPrivateProfileStringW
GetFileAttributesW
OpenFileMappingW
RaiseException
FindClose
lstrlenW
FindNextFileW
FindFirstFileW
WritePrivateProfileStringW
GetCurrentDirectoryW
FindResourceExW
GetWindowsDirectoryW
LoadResource
LockResource
MultiByteToWideChar
ExpandEnvironmentStringsW
SizeofResource
FindResourceW
OpenProcess
SearchPathW
InitializeCriticalSection
SetErrorMode
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
GetCommandLineW
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
TerminateProcess
CreateProcessW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
GetCurrentProcess
GetLastError
InitializeCriticalSectionAndSpinCount
HeapAlloc
InterlockedIncrement
GetProcessHeap
HeapFree
DeleteCriticalSection
GlobalFree
InterlockedDecrement
WaitForMultipleObjects
ResetEvent
CreateEventW
GetVersionExW
CopyFileW
Sleep
GetTickCount
SetEvent
WaitForSingleObject
ReadFile
CloseHandle
GetFileSize
CreateFileW
DeleteFileW
CreateFileA
GlobalAlloc
GlobalLock
GetLocalTime
CreatePipe
LoadLibraryA
GetCPInfo
VirtualQuery
GetSystemDefaultLangID
GetTempPathW
lstrlenA
GetSystemTime

user32

UnregisterClassW
GetPropW
DefWindowProcW
SetPropW
IsIconic
RemovePropW
FindWindowA
SendMessageTimeoutW
SetActiveWindow
SetWindowPos
FindWindowW
MessageBoxW
SetWindowLongW
CreateWindowExW
DestroyWindow
PostMessageW
CharLowerW
GetWindowPlacement
LoadImageW
PostQuitMessage
PostThreadMessageW
GetSystemMenu
DrawFrameControl
EqualRect
EndPaint
GetDlgCtrlID
BeginPaint
IsWindowVisible
DrawIconEx
SetCursor
PtInRect
ReleaseCapture
GetKeyState
SetCapture
GetMonitorInfoW
MonitorFromWindow
SetWindowRgn
OffsetRect
UpdateLayeredWindow
TrackPopupMenu
FrameRect
FillRect
CallWindowProcW
GetWindowDC
ClientToScreen
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetTimer
KillTimer
DrawTextW
CharUpperW
ReleaseDC
InflateRect
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
GetWindowThreadProcessId
GetDC
CharNextW
DispatchMessageW
TranslateMessage
GetMessageW
GetWindow
IsWindow
SystemParametersInfoW
PeekMessageW
MapWindowPoints
LoadCursorW
EnableWindow
IsWindowEnabled
GetDesktopWindow
GetClassInfoExW
GetActiveWindow
SetRect
ShowWindow
SendMessageW
GetWindowLongW
InvalidateRect
GetDlgItem
GetParent
CopyRect
RegisterClassExW
GetClientRect
GetWindowRect
MoveWindow
LoadIconW
CopyImage
LoadStringW
UnregisterClassA
GetClassNameW
EnumWindows

gdi32

CreateSolidBrush
GetTextMetricsW
ExtSelectClipRgn
SelectClipRgn
CreateRectRgnIndirect
CreateRectRgn
GetClipRgn
RoundRect
StretchBlt
SetBkColor
SetTextColor
DeleteDC
CreateFontIndirectW
ExtTextOutW
CreatePen
Rectangle
GetObjectW
SelectObject
GetStockObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
BitBlt
CreateBitmap
DeleteObject
AddFontResourceW
SetBkMode
SaveDC
CombineRgn
RestoreDC
TextOutW
RectInRegion
GetTextExtentPoint32W
LineTo
MoveToEx
OffsetRgn

advapi32

LookupAccountNameW
FreeSid
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid
DeleteService
QueryServiceConfigW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegLoadKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
ord680
SHBrowseForFolderW
CommandLineToArgvW
ShellExecuteW
SHCreateDirectoryExW

ole32

CoCreateInstance
CoTaskMemRealloc
CoInitializeEx
CreateStreamOnHGlobal
CLSIDFromProgID
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoFreeLibrary
CoLoadLibrary
CoUninitialize
CoTaskMemFree
CoInitialize
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString
SysAllocStringByteLen
VariantClear
VariantCopy
VariantInit
VarUI4FromStr
OleLoadPicture

shlwapi

PathAppendW
PathRemoveFileSpecW
PathIsDirectoryW
StrStrW
PathAddBackslashW
StrChrW
StrCatW
StrToIntA
PathFindFileNameW
PathRemoveBackslashW
PathFileExistsW

comctl32

_TrackMouseEvent
InitCommonControlsEx

ws2_32

htonl
htons
ntohl

wininet

InternetCloseHandle
InternetGetConnectedState
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

netapi32

Netbios

Sections

.text
Size: 932KB - Virtual size: 929KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c53c2e4ea21aaa985c009fbdff00fb60

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

wininet

version

netapi32

Sections

.text Size: 932KB - Virtual size: 929KB

.rdata Size: 164KB - Virtual size: 161KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 932KB - Virtual size: 929KB

.rdata
Size: 164KB - Virtual size: 161KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB