2024-06-04_af4b6afdca705ade6b3f26a3b99dc3b3_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-04_af4b6afdca705ade6b3f26a3b99dc3b3_magniber
Size

12.0MB
MD5

af4b6afdca705ade6b3f26a3b99dc3b3
SHA1

603d8b2aed439fd012ecefbce552e079b01ea9af
SHA256

717e2b3ba0a82c0732e933abec24b08cae4e36d8d59ba734c74a27738ff55555
SHA512

8292167b32779182fe655696cc7ae4a3dd807e338c85b4763952d77ccab6bef439bf4d0025f62e674e340893452e90e80ce66fbb23f934d2a25d447ea8b84496
SSDEEP

196608:vEcWqEWUo3xZWi/sWQ3ZCZxw3/aeFMxxBGnlgro7+bT8S/+MCqS+rJUmBzzF3zk:Vl3xZBQaw3/aGMxXGnlMeUT8SGu59zk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-04_af4b6afdca705ade6b3f26a3b99dc3b3_magniber

Files

2024-06-04_af4b6afdca705ade6b3f26a3b99dc3b3_magniber
.exe windows:4 windows x86 arch:x86

a791c35372df1c531b858e65bd601d3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_Trunk\workspace\12.5Patch_SourceJob\qqpcmgr_proj\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

CreateDirectoryW
SetFilePointer
OutputDebugStringW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Module32FirstW
Module32NextW
SetThreadPriority
ReleaseMutex
OpenThread
SuspendThread
VirtualFree
VirtualAlloc
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
SetEndOfFile
GetTempFileNameW
MoveFileW
GetFullPathNameW
GetSystemInfo
RemoveDirectoryW
MoveFileExW
GetDriveTypeA
GetCurrentDirectoryA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
LocalAlloc
IsValidCodePage
GetOEMCP
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
IsDebuggerPresent
UnhandledExceptionFilter
GetModuleHandleA
VirtualProtect
ExitThread
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetLocalTime
CreatePipe
IsDBCSLeadByte
GetCPInfo
LoadLibraryA
VirtualQuery
GetSystemDefaultLangID
CreateFileA
GlobalAlloc
GlobalLock
CreateFileMappingW
LoadLibraryExW
MapViewOfFileEx
CreateMutexW
OpenMutexW
SetCurrentDirectoryW
lstrcmpiW
GetPrivateProfileIntW
GlobalMemoryStatus
CreateThread
FreeResource
WideCharToMultiByte
GetDriveTypeW
GetLogicalDriveStringsW
FreeLibrary
WriteFile
GetDiskFreeSpaceExW
RaiseException
DeviceIoControl
GetVersion
GetExitCodeProcess
GetPrivateProfileStringW
lstrcmpW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
QueryDosDeviceW
FlushInstructionCache
MultiByteToWideChar
FindNextFileW
lstrlenW
GetFileAttributesW
WritePrivateProfileStringW
GetCurrentDirectoryW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
CreateProcessW
OpenProcess
SearchPathW
InitializeCriticalSection
SetErrorMode
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
GetCommandLineW
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
TerminateProcess
SetLastError
LocalFree
FindClose
FindFirstFileW
GetCurrentThread
GetModuleHandleW
FindResourceExW
LoadResource
LockResource
SetFileAttributesW
SizeofResource
FindResourceW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
GetCurrentProcess
GetLastError
InitializeCriticalSectionAndSpinCount
HeapAlloc
InterlockedIncrement
GetProcessHeap
HeapFree
DeleteCriticalSection
GlobalFree
InterlockedDecrement
WaitForMultipleObjects
SetEvent
WaitForSingleObject
ResetEvent
CreateEventW
GetVersionExW
CopyFileW
Sleep
GetTickCount
ReadFile
CloseHandle
GetFileSize
CreateFileW
DeleteFileW
GetTempPathW
lstrlenA

user32

PostQuitMessage
GetWindowPlacement
CharLowerW
LoadIconW
LoadStringW
CopyImage
CreateWindowExW
SetWindowLongW
DestroyWindow
MessageBoxW
FindWindowW
SetWindowPos
InvalidateRect
LoadImageW
PostThreadMessageW
SetCapture
GetKeyState
TrackPopupMenu
DestroyIcon
SendMessageTimeoutW
SetActiveWindow
DefWindowProcW
PostMessageW
IsWindow
GetClassInfoExW
GetMessageW
TranslateMessage
UnregisterClassA
GetSystemMenu
GetMonitorInfoW
MonitorFromWindow
SetWindowRgn
DrawFrameControl
OffsetRect
UpdateLayeredWindow
EqualRect
GetDlgCtrlID
DrawIconEx
IsWindowVisible
EndPaint
SetCursor
BeginPaint
ReleaseCapture
PtInRect
FrameRect
FillRect
CallWindowProcW
GetWindowDC
ClientToScreen
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetTimer
KillTimer
DrawTextW
CharUpperW
GetForegroundWindow
GetWindowThreadProcessId
GetDC
ReleaseDC
InflateRect
SetForegroundWindow
CharNextW
AttachThreadInput
RegisterClassExW
GetClientRect
DispatchMessageW
GetWindowRect
PeekMessageW
GetWindow
MsgWaitForMultipleObjectsEx
SystemParametersInfoW
GetWindowLongW
MapWindowPoints
SendMessageW
SetRect
EnableWindow
IsWindowEnabled
CopyRect
GetDesktopWindow
GetActiveWindow
MoveWindow
GetDlgItem
GetParent
ShowWindow
LoadCursorW

gdi32

GetClipRgn
RoundRect
SetBkMode
Rectangle
SelectObject
CreateCompatibleBitmap
GetObjectW
GetStockObject
CreateDIBSection
BitBlt
CreateBitmap
StretchBlt
CreateRectRgn
SetTextColor
DeleteDC
ExtTextOutW
CreateFontIndirectW
CreatePen
DeleteObject
AddFontResourceW
MoveToEx
CombineRgn
RestoreDC
RectInRegion
TextOutW
CreateRectRgnIndirect
GetTextMetricsW
SelectClipRgn
CreateSolidBrush
ExtSelectClipRgn
OffsetRgn
GetTextExtentPoint32W
SetBkColor
LineTo
CreateCompatibleDC
SaveDC

advapi32

AllocateAndInitializeSid
DeleteService
QueryServiceStatus
ControlService
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegEnumKeyExW
RegQueryInfoKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyW
RegLoadKeyW
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegOpenKeyW
GetTokenInformation
AdjustTokenPrivileges
IsValidSid
GetLengthSid
GetAce
LookupAccountNameW
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
GetAclInformation
SetNamedSecurityInfoW
SetSecurityInfo
AddAce
CopySid
GetSecurityInfo
InitializeAcl
GetNamedSecurityInfoW
RegCloseKey
RegOpenKeyExW
IsTextUnicode
FreeSid
SetEntriesInAclW

shell32

SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHGetSpecialFolderPathW
ord680
SHCreateDirectoryExW

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoTaskMemRealloc

oleaut32

VariantCopy
VariantClear
SysAllocString
SysFreeString
VarUI4FromStr
OleLoadPicture
VariantInit

shlwapi

StrToIntExW
PathFileExistsW
PathRemoveFileSpecW
PathAppendW
PathIsDirectoryW
StrStrW
StrChrW
StrCatW
PathAddBackslashW
StrToIntA
PathFindFileNameW
PathRemoveBackslashW

comctl32

InitCommonControlsEx
_TrackMouseEvent

ws2_32

htonl
ntohl
htons

wininet

InternetGetConnectedState
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW

userenv

UnloadUserProfile

psapi

GetModuleFileNameExW
GetProcessImageFileNameW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

netapi32

Netbios

Sections

.text
Size: 992KB - Virtual size: 988KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a791c35372df1c531b858e65bd601d3a

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

wininet

userenv

psapi

version

netapi32

Sections

.text Size: 992KB - Virtual size: 988KB

.rdata Size: 160KB - Virtual size: 157KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 992KB - Virtual size: 988KB

.rdata
Size: 160KB - Virtual size: 157KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB