2024-04-23_2eb80e34e10c211e18411b5d744ef9d2_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-23_2eb80e34e10c211e18411b5d744ef9d2_magniber
Size

14.4MB
MD5

2eb80e34e10c211e18411b5d744ef9d2
SHA1

358dda728385eec49b20122ad428adec0a3dc26b
SHA256

69068ef10fff0a0886f32abe1f2e7d7be329b67fa779416f024479fce49f77b5
SHA512

3ca94d0a468d65a599426f6e2a97ad789c378f803abf7c9adfd947bf8ec559a8616857300520c11cc1716959f2580542bc888a6b31e232b21a510f0d0e1fd76e
SSDEEP

393216:8YgkRhym1POju9nwSQXqbsB5+qZa4ypIBogxm2c:jPRhyc9nwSKpaLpIDxm2c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-23_2eb80e34e10c211e18411b5d744ef9d2_magniber

Files

2024-04-23_2eb80e34e10c211e18411b5d744ef9d2_magniber
.exe windows:4 windows x86 arch:x86

dbb8eafb63eb1da2aeedde2591b5da49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_Trunk\workspace\12.7Patch_SourceJob\qqpcmgr_proj\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

Process32NextW
Module32FirstW
Module32NextW
SetThreadPriority
ReleaseMutex
OpenThread
SuspendThread
VirtualFree
VirtualAlloc
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
GetTempFileNameW
SetEndOfFile
MoveFileW
GetFullPathNameW
GetSystemInfo
Process32FirstW
CreateToolhelp32Snapshot
GetDriveTypeA
GetCurrentDirectoryA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
OutputDebugStringW
IsValidCodePage
GetOEMCP
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
IsDebuggerPresent
UnhandledExceptionFilter
GetModuleHandleA
VirtualProtect
ExitThread
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetLocalTime
CreatePipe
LoadLibraryA
IsDBCSLeadByte
GetCPInfo
VirtualQuery
GetSystemDefaultLangID
CreateFileA
GlobalAlloc
GlobalLock
SetFilePointer
CreateDirectoryW
RemoveDirectoryW
MoveFileExW
LocalAlloc
CreateFileMappingW
LoadLibraryExW
MapViewOfFileEx
CreateMutexW
OpenMutexW
SetCurrentDirectoryW
lstrcmpiW
GetPrivateProfileIntW
GlobalMemoryStatus
CreateThread
RaiseException
GetDriveTypeW
FreeLibrary
GetLogicalDriveStringsW
WriteFile
FlushInstructionCache
WideCharToMultiByte
GetDiskFreeSpaceExW
DeviceIoControl
GetVersion
GetPrivateProfileStringW
GetExitCodeProcess
lstrcmpW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
MultiByteToWideChar
QueryDosDeviceW
FindNextFileW
GetFileAttributesW
lstrlenW
FreeResource
WritePrivateProfileStringW
GetCurrentDirectoryW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
CreateProcessW
OpenProcess
SearchPathW
InitializeCriticalSection
SetErrorMode
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
GetCommandLineW
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
TerminateProcess
SetLastError
LocalFree
FindClose
FindFirstFileW
GetCurrentThread
GetModuleHandleW
FindResourceExW
LoadResource
LockResource
SetFileAttributesW
SizeofResource
FindResourceW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
GetCurrentProcess
GetLastError
InitializeCriticalSectionAndSpinCount
HeapAlloc
InterlockedIncrement
GetProcessHeap
HeapFree
DeleteCriticalSection
GlobalFree
InterlockedDecrement
WaitForMultipleObjects
SetEvent
WaitForSingleObject
ResetEvent
CreateEventW
GetVersionExW
CopyFileW
Sleep
GetTickCount
ReadFile
CloseHandle
GetFileSize
CreateFileW
DeleteFileW
GetTempPathW
lstrlenA

user32

DefWindowProcW
UnregisterClassA
LoadStringW
CopyImage
LoadIconW
CreateWindowExW
SetWindowLongW
PostMessageW
MessageBoxW
FindWindowW
CharLowerW
LoadImageW
PostQuitMessage
GetWindowPlacement
GetClientRect
GetWindow
SendMessageTimeoutW
CopyRect
SetWindowPos
SetActiveWindow
PostThreadMessageW
DrawIconEx
IsWindowVisible
EndPaint
SetCursor
DestroyWindow
SendMessageW
BeginPaint
ReleaseCapture
PtInRect
SetCapture
GetKeyState
TrackPopupMenu
DestroyIcon
IsWindow
GetMonitorInfoW
MonitorFromWindow
SetWindowRgn
DrawFrameControl
OffsetRect
UpdateLayeredWindow
EqualRect
GetDlgCtrlID
FrameRect
FillRect
CallWindowProcW
GetWindowDC
ClientToScreen
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetTimer
KillTimer
DrawTextW
CharUpperW
GetForegroundWindow
GetWindowThreadProcessId
GetDC
ReleaseDC
InflateRect
SetForegroundWindow
CharNextW
AttachThreadInput
SetRect
MoveWindow
SystemParametersInfoW
DispatchMessageW
GetWindowRect
MapWindowPoints
PeekMessageW
MsgWaitForMultipleObjectsEx
EnableWindow
IsWindowEnabled
GetDesktopWindow
GetActiveWindow
GetDlgItem
GetParent
LoadCursorW
GetClassInfoExW
ShowWindow
InvalidateRect
RegisterClassExW
TranslateMessage
GetMessageW
GetWindowLongW
GetSystemMenu

gdi32

CreateRectRgn
GetClipRgn
RoundRect
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectW
GetStockObject
CreateDIBSection
BitBlt
CreateRectRgnIndirect
StretchBlt
SetBkColor
SetTextColor
DeleteDC
ExtTextOutW
CreateFontIndirectW
CreatePen
Rectangle
DeleteObject
AddFontResourceW
SelectClipRgn
SetBkMode
ExtSelectClipRgn
GetTextMetricsW
CreateSolidBrush
LineTo
MoveToEx
CombineRgn
SaveDC
RestoreDC
RectInRegion
TextOutW
CreateBitmap
GetTextExtentPoint32W
SelectObject
OffsetRgn

advapi32

SetEntriesInAclW
AllocateAndInitializeSid
FreeSid
DeleteService
QueryServiceStatus
ControlService
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegEnumKeyExW
RegQueryInfoKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyW
RegLoadKeyW
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
GetTokenInformation
AdjustTokenPrivileges
IsValidSid
GetLengthSid
GetAce
LookupAccountNameW
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
GetAclInformation
SetNamedSecurityInfoW
SetSecurityInfo
AddAce
CopySid
GetSecurityInfo
InitializeAcl
GetNamedSecurityInfoW
RegCloseKey
RegOpenKeyExW
IsTextUnicode

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
ord680
ShellExecuteW
SHCreateDirectoryExW

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoTaskMemRealloc

oleaut32

VariantCopy
VariantClear
SysAllocString
SysFreeString
VarUI4FromStr
VariantInit
OleLoadPicture

shlwapi

StrStrW
StrChrW
StrCatW
PathAddBackslashW
StrToIntExW
StrToIntA
PathFindFileNameW
PathRemoveBackslashW
wnsprintfW
PathRemoveFileSpecW
PathAppendW
PathIsDirectoryW
PathFileExistsW

comctl32

_TrackMouseEvent
InitCommonControlsEx

ws2_32

htonl
htons
ntohl

wininet

InternetOpenW
InternetGetConnectedState
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW

userenv

UnloadUserProfile

psapi

GetProcessImageFileNameW
GetModuleFileNameExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

crypt32

CryptQueryObject
CryptMsgGetParam
CertGetNameStringW
CertFindCertificateInStore

netapi32

Netbios

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbb8eafb63eb1da2aeedde2591b5da49

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

wininet

userenv

psapi

version

crypt32

netapi32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 168KB - Virtual size: 165KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 168KB - Virtual size: 165KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB