2024-06-07_8644c80b058a6e6a7bf6eb0bc86af8d2_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-07_8644c80b058a6e6a7bf6eb0bc86af8d2_magniber
Size

11.6MB
MD5

8644c80b058a6e6a7bf6eb0bc86af8d2
SHA1

6e9bf1ced7e9bf7dee8b484b3df80b14f56e579f
SHA256

d916142cb80c005e3e181e094e6626cae81d151beff5b8f68e1228095990f777
SHA512

66f70d7fefe6304973877c353a8fdececca4b14ca59daeab6c69991b5598d469f034c3b9a4955b6676d58090ee7373e408e363004fd1f3562825f36208fa7db8
SSDEEP

196608:in+ad5YtobUh522PK0r9RjpRRiKHdKrTjPEwqINkEfsMDnrbP0yU56s6w17R/nEi:radbUPFrrnjjRibXPEwCmsMDnr7LXs6E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-07_8644c80b058a6e6a7bf6eb0bc86af8d2_magniber

Files

2024-06-07_8644c80b058a6e6a7bf6eb0bc86af8d2_magniber
.exe windows:4 windows x86 arch:x86

ba2c40ac51850abd5c2ad6acd496e2df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_Trunk\workspace\10.0Patch_SourceJob\qqpcmgr_proj\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

MapViewOfFileEx
CreateFileMappingW
lstrcmpiW
SetCurrentDirectoryW
GetExitCodeProcess
QueryDosDeviceW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
MoveFileExW
RemoveDirectoryW
CreateDirectoryW
SetFilePointer
OutputDebugStringW
LocalAlloc
LocalFree
SetThreadPriority
GetCurrentThread
ReleaseMutex
OpenThread
SuspendThread
VirtualFree
VirtualAlloc
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
SetEndOfFile
GetTempFileNameW
SetFileTime
SetFileAttributesW
MoveFileW
GetFullPathNameW
GetSystemInfo
IsBadReadPtr
CreateMutexW
OpenMutexW
LoadLibraryExW
UnmapViewOfFile
GetPrivateProfileIntW
GlobalMemoryStatus
FindClose
FindNextFileW
FindFirstFileW
CreateThread
FlushInstructionCache
GetFileAttributesW
MapViewOfFile
OpenSemaphoreW
CreateNamedPipeW
OpenEventW
LocalFileTimeToFileTime
GetDriveTypeW
ResumeThread
SystemTimeToFileTime
GetSystemTime
GetProcessTimes
TerminateThread
SleepEx
GetDriveTypeA
GetCurrentDirectoryA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleA
IsDebuggerPresent
UnhandledExceptionFilter
ExitThread
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLogicalDriveStringsW
WriteFile
FreeResource
SetLastError
RaiseException
FreeLibrary
GetDiskFreeSpaceExW
DeviceIoControl
GetPrivateProfileStringW
GetVersion
lstrcmpW
WideCharToMultiByte
lstrlenW
FindResourceW
WritePrivateProfileStringW
GetCurrentDirectoryW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
FindResourceExW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
OpenProcess
SearchPathW
InitializeCriticalSection
SetErrorMode
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
GetCommandLineW
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
TerminateProcess
CreateProcessW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
GetCurrentProcess
GetLastError
InitializeCriticalSectionAndSpinCount
HeapAlloc
InterlockedIncrement
GetProcessHeap
HeapFree
DeleteCriticalSection
GlobalFree
InterlockedDecrement
WaitForMultipleObjects
ResetEvent
CreateEventW
GetVersionExW
CopyFileW
Sleep
GetTickCount
SetEvent
WaitForSingleObject
ReadFile
CloseHandle
GetFileSize
CreateFileW
DeleteFileW
GetLocaleInfoA
GetACP
InterlockedExchange
GetLocalTime
CreatePipe
GetCPInfo
LoadLibraryA
VirtualQuery
GetSystemDefaultLangID
CreateFileA
GlobalLock
GlobalAlloc
GetTempPathW
lstrlenA

user32

PostMessageW
DestroyWindow
CreateWindowExW
IsIconic
SetPropW
GetPropW
SetWindowLongW
EnableWindow
IsWindowEnabled
GetDesktopWindow
GetClassInfoExW
GetActiveWindow
FindWindowW
FindWindowA
MessageBoxW
DefWindowProcW
CharLowerW
PostQuitMessage
GetWindowPlacement
PostThreadMessageW
DrawIconEx
GetKeyState
SetCursor
GetMonitorInfoW
MonitorFromWindow
SetWindowRgn
PtInRect
ReleaseCapture
OffsetRect
UpdateLayeredWindow
SetCapture
EndPaint
TrackPopupMenu
LoadIconW
BeginPaint
GetSystemMenu
DrawFrameControl
EqualRect
GetDlgCtrlID
IsWindowVisible
GetWindowDC
ClientToScreen
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CallWindowProcW
FrameRect
FillRect
SetTimer
KillTimer
DrawTextW
CharUpperW
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
GetWindowThreadProcessId
GetDC
CharNextW
ReleaseDC
InflateRect
SetRect
SendMessageW
SendMessageTimeoutW
GetWindowLongW
InvalidateRect
GetDlgItem
GetParent
CopyRect
RegisterClassExW
MoveWindow
SetActiveWindow
SetWindowPos
DispatchMessageW
TranslateMessage
GetClientRect
GetMessageW
GetWindowRect
GetWindow
IsWindow
SystemParametersInfoW
PeekMessageW
MapWindowPoints
ShowWindow
LoadCursorW
CopyImage
LoadStringW
LoadImageW
UnregisterClassA
GetClassNameW
EnumWindows
RemovePropW
UnregisterClassW

gdi32

GetTextMetricsW
SetBkMode
CreateRectRgnIndirect
CreateRectRgn
GetClipRgn
RoundRect
CreatePen
Rectangle
GetObjectW
SelectObject
GetStockObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
BitBlt
CreateBitmap
StretchBlt
SetBkColor
SetTextColor
CreateFontIndirectW
DeleteDC
ExtTextOutW
AddFontResourceW
DeleteObject
SelectClipRgn
CreateSolidBrush
ExtSelectClipRgn
LineTo
MoveToEx
RestoreDC
TextOutW
RectInRegion
CombineRgn
OffsetRgn
GetTextExtentPoint32W
SaveDC

advapi32

LookupAccountNameW
SetEntriesInAclW
AllocateAndInitializeSid
FreeSid
SetNamedSecurityInfoW
DeleteService
QueryServiceConfigW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CloseServiceHandle
OpenServiceW
OpenSCManagerW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
ShellExecuteW
CommandLineToArgvW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
ord680

ole32

CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromProgID
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoFreeLibrary
CoLoadLibrary
CoTaskMemFree
CoUninitialize
CoTaskMemRealloc
CoCreateInstance
CoInitialize
CoTaskMemAlloc

oleaut32

VariantClear
VariantCopy
VarUI4FromStr
SysFreeString
SysAllocString
OleLoadPicture
VariantInit
SysAllocStringByteLen

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathIsDirectoryW
PathAddBackslashW
StrToIntA
PathRemoveBackslashW
PathAppendW

comctl32

_TrackMouseEvent
InitCommonControlsEx

ws2_32

htonl
htons
ntohl

wininet

InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetGetConnectedState
InternetCloseHandle
InternetOpenW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

netapi32

Netbios

Sections

.text
Size: 916KB - Virtual size: 915KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba2c40ac51850abd5c2ad6acd496e2df

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

wininet

version

netapi32

Sections

.text Size: 916KB - Virtual size: 915KB

.rdata Size: 160KB - Virtual size: 158KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 916KB - Virtual size: 915KB

.rdata
Size: 160KB - Virtual size: 158KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB