2024-05-29_226497aa1efd5c605e2bcd4d99351d51_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-29_226497aa1efd5c605e2bcd4d99351d51_magniber
Size

2.7MB
MD5

226497aa1efd5c605e2bcd4d99351d51
SHA1

c76a9c1fe7e9a55205a1e59eb10fdf6cbd228cc5
SHA256

02cfa9cdd144e521b35246da8af03a35ef3d4eb2f736127b548c85efdeff87d4
SHA512

0195608492f05fffb829fb1c7d0682d50689756f9d3a185a50bb73177bf98132cc7e9e7a35e0760e371250c053995c8b8e309eb481eb8fbf4f03972163aa2f05
SSDEEP

24576:rJ5/vG0i+dOCAQwcAT6+rdOlfpfFPhxljI8T/LFMBi/13HBW1UCT2HG+p2iCeL98:rm07AT6+rdepd5UqjgQlMEG+JxhyTr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-29_226497aa1efd5c605e2bcd4d99351d51_magniber

Files

2024-05-29_226497aa1efd5c605e2bcd4d99351d51_magniber
.exe windows:4 windows x86 arch:x86

5da0ad79ee192ee8a622c7bcd8545394

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_Trunk\workspace\Mainline_SourceJob_2\qqpcmgr_proj\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

LoadLibraryExW
UnmapViewOfFile
lstrcmpiW
OpenMutexW
CreateMutexW
MapViewOfFileEx
GetFileAttributesW
MoveFileExW
RemoveDirectoryW
CreateDirectoryW
SetFilePointer
OutputDebugStringW
GetExitCodeProcess
QueryDosDeviceW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
LocalAlloc
LocalFree
GetDriveTypeW
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualFree
VirtualAlloc
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
SetEndOfFile
GetTempFileNameW
GetFullPathNameW
SetFileAttributesW
MoveFileW
GetSystemInfo
SetCurrentDirectoryW
GetDriveTypeA
GetCurrentDirectoryA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleW
lstrlenW
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleA
IsDebuggerPresent
UnhandledExceptionFilter
ExitThread
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetLocalTime
CreatePipe
GetCPInfo
LoadLibraryA
ReleaseMutex
GetSystemDefaultLangID
VirtualQuery
CreateFileA
CreateFileMappingW
GlobalMemoryStatus
GetVersion
lstrcmpW
FreeResource
CreateThread
WriteFile
FindClose
SetLastError
FindNextFileW
FindFirstFileW
WideCharToMultiByte
RaiseException
FlushInstructionCache
GetDiskFreeSpaceExW
FreeLibrary
DeviceIoControl
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
OpenProcess
SearchPathW
InitializeCriticalSection
SetErrorMode
MultiByteToWideChar
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
GetCommandLineW
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
TerminateProcess
CreateProcessW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
GetCurrentProcess
GetLastError
InitializeCriticalSectionAndSpinCount
HeapAlloc
InterlockedIncrement
GetProcessHeap
HeapFree
DeleteCriticalSection
GlobalFree
InterlockedDecrement
WaitForMultipleObjects
ResetEvent
CreateEventW
GetVersionExW
CopyFileW
Sleep
GetTickCount
SetEvent
WaitForSingleObject
ReadFile
CloseHandle
GetFileSize
CreateFileW
DeleteFileW
GetTempPathW
lstrlenA
GetConsoleOutputCP

user32

LoadImageW
PostMessageW
DefWindowProcW
CreateWindowExW
SetWindowLongW
GetSystemMetrics
CopyImage
mouse_event
DestroyAcceleratorTable
GetWindowDC
SetWindowTextW
GetSysColor
FillRect
LoadIconW
FrameRect
GetWindowTextW
InvalidateRgn
CharUpperW
CharLowerW
LoadStringW
UnregisterClassA
DestroyWindow
GetClassNameW
SetTimer
CreateAcceleratorTableW
IsChild
KillTimer
FindWindowW
GetWindowThreadProcessId
GetClientRect
IsWindowEnabled
EnableWindow
SetRect
ShowWindow
RegisterClassExW
MapWindowPoints
FindWindowExW
SystemParametersInfoW
InvalidateRect
GetClassInfoExW
GetWindow
SetWindowPos
LoadCursorW
MessageBoxW
GetFocus
SetFocus
GetWindowTextLengthW
RedrawWindow
PostThreadMessageW
DrawFrameControl
GetKeyState
OffsetRect
ClientToScreen
GetMonitorInfoW
MonitorFromWindow
EqualRect
GetDlgCtrlID
IsWindowVisible
DrawIconEx
ReleaseCapture
DrawTextW
SetCapture
SetCursor
PtInRect
SetWindowRgn
TrackPopupMenu
GetSystemMenu
ScreenToClient
EndPaint
BeginPaint
CallWindowProcW
RegisterWindowMessageW
ReleaseDC
InflateRect
CharNextW
GetDC
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
GetDesktopWindow
GetWindowRect
GetActiveWindow
SendMessageW
GetDlgItem
GetParent
CopyRect
GetWindowLongW
MoveWindow
DispatchMessageW
TranslateMessage
GetMessageW
IsWindow
PeekMessageW
SetActiveWindow

gdi32

GetObjectW
SetBkColor
ExtTextOutW
CreatePen
Rectangle
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
BitBlt
CreateBitmap
StretchBlt
DeleteObject
CombineRgn
SelectClipRgn
SaveDC
RestoreDC
DeleteDC
CreateRectRgnIndirect
RoundRect
CreateRectRgn
OffsetRgn
GetTextExtentPoint32W
SetBkMode
LineTo
MoveToEx
RectInRegion
GetCurrentObject
GetDeviceCaps
ExtSelectClipRgn
CreateSolidBrush
GetTextMetricsW
GetClipRgn
SelectObject
TextOutW
SetTextColor
CreateCompatibleBitmap
GetStockObject

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
FreeSid
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid
DeleteService
ControlService
CloseServiceHandle
OpenServiceW
OpenSCManagerW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
ord680
SHCreateDirectoryExW

ole32

CoInitialize
CoTaskMemAlloc
CoGetClassObject
StringFromGUID2
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance

oleaut32

VariantCopy
OleCreateFontIndirect
SysStringByteLen
VarBstrCmp
DispCallFunc
VariantInit
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysFreeString
VarUI4FromStr
OleLoadPicture

shlwapi

PathRemoveBackslashW
StrToIntA
PathAddBackslashW
PathAppendW
PathFileExistsW

comctl32

InitCommonControlsEx
_TrackMouseEvent

ws2_32

htons
htonl

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
InternetGetConnectedState

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

netapi32

Netbios

Sections

.text
Size: 728KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5da0ad79ee192ee8a622c7bcd8545394

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

wininet

version

netapi32

Sections

.text Size: 728KB - Virtual size: 726KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 728KB - Virtual size: 726KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB