2024-06-09_68a0589b6a420dc837ecf367be679674_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-09_68a0589b6a420dc837ecf367be679674_magniber
Size

3.8MB
MD5

68a0589b6a420dc837ecf367be679674
SHA1

2944341c9781e46655ada59e5489401599a885dd
SHA256

07f71b4324bf652b56e84be9da5ec87831a08e1147389a50d12c69e5c4788ba0
SHA512

6b18112e4266f4f12ef0e5fa7767cc6ec43e612870ed0b80f9cf80158bbbc0636bf4a54b547f20393ef9d8b0d7d75a0cd8f373fc68ada0c78d3bac0791226a52
SSDEEP

98304:2E6tkd0I13Bqzr+lnAv+cKNa+jwCBy7VHBeoFyf:w80IZQP+lAsNTwCBgVHBez

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-09_68a0589b6a420dc837ecf367be679674_magniber

Files

2024-06-09_68a0589b6a420dc837ecf367be679674_magniber
.exe windows:4 windows x86 arch:x86

e9479aa14d44dc7218beaeb69f1a6a54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

GetTempPathW
GetTickCount
LeaveCriticalSection
UnmapViewOfFile
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
OpenMutexW
CreateMutexW
MapViewOfFileEx
LoadLibraryExW
CreateFileMappingW
lstrcmpiW
SetFilePointer
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualAlloc
GetVersionExW
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
GetFullPathNameW
MoveFileW
SetEndOfFile
GetSystemInfo
DeviceIoControl
CreatePipe
DuplicateHandle
GetCPInfo
IsDBCSLeadByte
GetSystemDefaultLangID
VirtualQuery
ReleaseMutex
LocalAlloc
GetCurrentProcessId
WideCharToMultiByte
WriteConsoleW
Process32FirstW
WriteConsoleA
SetStdHandle
GetDriveTypeA
GetCurrentDirectoryA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
FreeLibrary
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
ExitThread
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleA
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
CreateFileA
LoadLibraryA
GetLocaleInfoW
GetUserDefaultUILanguage
SetLastError
FlushInstructionCache
RaiseException
CreateToolhelp32Snapshot
GetVersion
QueryDosDeviceW
GetModuleHandleW
GetCurrentProcess
GetModuleFileNameW
GetProcAddress
lstrlenW
LoadLibraryW
GetSystemDirectoryW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
RemoveDirectoryW
FindClose
CreateProcessW
FindNextFileW
OutputDebugStringW
GetLastError
ReadFile
CreateDirectoryW
GetFileAttributesW
GetTempFileNameW
FindResourceExW
CopyFileW
WriteFile
FreeResource
lstrlenA
GetDiskFreeSpaceExW
MultiByteToWideChar
GetLocalTime
GetCurrentThreadId
GetProcessHeap
HeapAlloc
GetCommandLineW
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
SearchPathW
EnterCriticalSection
HeapFree
InitializeCriticalSection
SetErrorMode
Sleep
CreateThread
SetEvent
CreateEventW
DeleteFileW
LoadResource
SetFileAttributesW
LockResource
GetFileSize
lstrcmpW
SizeofResource
CreateFileW
FindFirstFileW
Process32NextW
TerminateProcess
FindResourceW
IsValidLocale
OpenProcess
GetConsoleOutputCP
MoveFileExW

user32

CopyImage
LoadStringW
DestroyWindow
LoadCursorW
GetParent
GetDlgItem
UnregisterClassA
SetActiveWindow
MessageBoxW
SendMessageW
GetWindowTextW
LoadIconW
RedrawWindow
SetFocus
GetFocus
IsChild
KillTimer
SetTimer
ScreenToClient
GetClassNameW
GetSystemMetrics
mouse_event
GetWindowDC
FindWindowExW
CreateAcceleratorTableW
FillRect
DestroyAcceleratorTable
FrameRect
CharUpperW
CharLowerW
LoadImageW
InvalidateRgn
GetSysColor
GetKeyState
InvalidateRect
MoveWindow
ShowWindow
CreateWindowExW
CopyRect
SetRect
DispatchMessageW
DrawFrameControl
OffsetRect
PtInRect
BeginPaint
ClientToScreen
GetMonitorInfoW
GetPropW
MonitorFromWindow
SetPropW
EndPaint
PostThreadMessageW
DrawIconEx
RegisterClassW
CallWindowProcW
SetWindowTextW
ReleaseCapture
PostMessageW
SetCapture
GetDlgCtrlID
IsWindowVisible
GetWindowTextLengthW
SetWindowRgn
TrackPopupMenu
DrawTextW
DestroyIcon
SetCursor
GetSystemMenu
EqualRect
RegisterWindowMessageW
SetForegroundWindow
AttachThreadInput
CharNextW
GetForegroundWindow
GetDC
GetWindowThreadProcessId
ReleaseDC
InflateRect
DefWindowProcW
GetWindowLongW
TranslateMessage
GetMessageW
GetClassInfoExW
IsWindow
SetWindowPos
PeekMessageW
RegisterClassExW
GetWindow
SystemParametersInfoW
SetWindowLongW
MapWindowPoints
GetClientRect
GetWindowRect
EnableWindow
IsWindowEnabled
GetDesktopWindow
GetActiveWindow

gdi32

ExtSelectClipRgn
GetTextMetricsW
CreateSolidBrush
MoveToEx
LineTo
RectInRegion
GetTextExtentPoint32W
SetBkMode
OffsetRgn
CreateRectRgn
TextOutW
RoundRect
RestoreDC
CreateRectRgnIndirect
SaveDC
SelectClipRgn
GetDeviceCaps
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
CreateBitmap
StretchBlt
SetBkColor
SetTextColor
SelectObject
DeleteDC
ExtTextOutW
GetObjectW
GetStockObject
CreatePen
Rectangle
DeleteObject
GetClipRgn
CombineRgn
GetCurrentObject

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteValueW
IsTextUnicode
OpenProcessToken
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

shell32

SHGetSpecialFolderPathW
ShellExecuteW
ord680
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW

ole32

CoFreeUnusedLibrariesEx
CreateStreamOnHGlobal
StringFromGUID2
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoGetClassObject
CoInitialize
CoTaskMemRealloc
CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
OleInitialize

oleaut32

VariantClear
SysFreeString
OleCreateFontIndirect
LoadRegTypeLi
OleLoadPicture
LoadTypeLi
VariantCopy
SysStringByteLen
VarBstrCmp
VariantInit
DispCallFunc
VarUI4FromStr
SysAllocStringLen
SysStringLen
SysAllocString

shlwapi

PathAddBackslashW
PathAppendW
StrToIntA
PathFileExistsW
PathRemoveBackslashW

comctl32

InitCommonControlsEx
_TrackMouseEvent

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

htonl
htons

netapi32

Netbios

Sections

.text
Size: 832KB - Virtual size: 830KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9479aa14d44dc7218beaeb69f1a6a54

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

version

ws2_32

netapi32

Sections

.text Size: 832KB - Virtual size: 830KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 832KB - Virtual size: 830KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB