2024-06-09_fb7796d6aa28124bb86372573e81e6ee_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-09_fb7796d6aa28124bb86372573e81e6ee_magniber
Size

2.2MB
MD5

fb7796d6aa28124bb86372573e81e6ee
SHA1

89e26fe0e24836ba863c9b4aec1848e43198cde0
SHA256

fece345e9ff8d6aade5588da83036d2f3820b3817b373a23f4f71a8f7a5c84a6
SHA512

ca081eca91a7a9f9cf1d9ac6ff8e5f641aae8e89477636c4d9147bde0d0d6241eea976cffee289f246d85716c78fca049c2954a3d29276531257bf85bffd03ee
SSDEEP

24576:jIFONac8HevggsGTjWTY7grQWP/fi/LFMB4eFoHBW1UCokbS:ccN7sGTjWT8k3XqjgLGM0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-09_fb7796d6aa28124bb86372573e81e6ee_magniber

Files

2024-06-09_fb7796d6aa28124bb86372573e81e6ee_magniber
.exe windows:4 windows x86 arch:x86

4d00aeb753a3bc2159b36ccd78c85547

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_Trunk\workspace\8.3Patch_SourceJob\qqpcmgr_proj\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
InitializeCriticalSection
SearchPathW
SetUnhandledExceptionFilter
WriteProcessMemory
VirtualAllocEx
lstrcpynW
GetCommandLineW
RaiseException
SetLastError
FreeLibrary
FreeResource
DeviceIoControl
FlushInstructionCache
GetDiskFreeSpaceExW
LoadLibraryExW
lstrcmpiW
UnmapViewOfFile
OpenMutexW
MapViewOfFileEx
CreateFileMappingW
MoveFileW
GetLocalTime
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualFree
VirtualAlloc
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
GetCurrentDirectoryW
SetEndOfFile
GetSystemInfo
LoadLibraryA
VirtualQuery
ReleaseMutex
GetSystemDefaultLangID
ExpandEnvironmentStringsW
IsBadReadPtr
GetCPInfo
CreatePipe
DuplicateHandle
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
ExitProcess
GetModuleHandleA
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
ExitThread
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
HeapSize
HeapReAlloc
HeapDestroy
CreateFileA
HeapAlloc
InterlockedIncrement
GetProcessHeap
HeapFree
DeleteCriticalSection
InterlockedDecrement
WaitForMultipleObjects
GetTempPathW
MultiByteToWideChar
lstrlenA
LocalAlloc
CreateMutexW
GetVersionExW
GetTickCount
SetErrorMode
CreateThread
GlobalMemoryStatus
SetEvent
WriteFile
CreateEventW
ResetEvent
GetFileAttributesW
GetModuleHandleW
GetModuleFileNameW
GetCurrentProcess
CreateFileW
GetFileSize
Process32NextW
OpenProcess
GetCurrentProcessId
Process32FirstW
CreateToolhelp32Snapshot
GetVersion
QueryDosDeviceW
GetProcAddress
LoadLibraryW
CloseHandle
GetExitCodeProcess
WideCharToMultiByte
WaitForSingleObject
CreateProcessW
OutputDebugStringW
GetSystemDirectoryW
lstrlenW
ReadFile
CopyFileW
SetFilePointer
CreateDirectoryW
GetLastError
GetTempFileNameW
RemoveDirectoryW
DeleteFileW
FindClose
SetFileAttributesW
FindNextFileW
lstrcmpW
MoveFileExW
TerminateProcess
FindFirstFileW
Sleep
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW

user32

KillTimer
SetFocus
GetFocus
SetTimer
UnregisterClassA
CopyImage
LoadImageW
LoadStringW
SendMessageW
DestroyWindow
PostMessageW
CharUpperW
CreateWindowExW
SetWindowLongW
MessageBoxW
GetActiveWindow
GetDesktopWindow
SetRect
IsWindowEnabled
EnableWindow
RedrawWindow
InvalidateRgn
GetWindowTextW
FrameRect
LoadIconW
GetSysColor
FillRect
GetWindowDC
DestroyAcceleratorTable
CreateAcceleratorTableW
mouse_event
GetSystemMetrics
GetClassNameW
IsChild
SetWindowTextW
TrackPopupMenu
GetDlgCtrlID
GetSystemMenu
IsWindowVisible
GetWindowTextLengthW
CharLowerW
DefWindowProcW
DrawTextW
EqualRect
DrawFrameControl
SetCursor
GetPropW
MapWindowPoints
SystemParametersInfoW
GetParent
GetWindow
PeekMessageW
SetWindowPos
IsWindow
GetMessageW
SetActiveWindow
TranslateMessage
DispatchMessageW
MoveWindow
GetWindowRect
GetClientRect
GetWindowLongW
RegisterClassExW
PtInRect
SetPropW
SetWindowRgn
DrawIconEx
PostThreadMessageW
ReleaseCapture
GetKeyState
OffsetRect
SetCapture
ClientToScreen
GetMonitorInfoW
MonitorFromWindow
EndPaint
BeginPaint
CallWindowProcW
ScreenToClient
RegisterWindowMessageW
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
GetDC
GetWindowThreadProcessId
ReleaseDC
InflateRect
CharNextW
FindWindowExW
ShowWindow
LoadCursorW
InvalidateRect
GetDlgItem
GetClassInfoExW
CopyRect

gdi32

BitBlt
ExtTextOutW
GetStockObject
OffsetRgn
DeleteDC
GetObjectW
SelectObject
SetTextColor
SetBkColor
StretchBlt
MoveToEx
CreateRectRgnIndirect
SelectClipRgn
SaveDC
RoundRect
CreatePen
GetDeviceCaps
ExtSelectClipRgn
CreateSolidBrush
GetCurrentObject
GetTextMetricsW
GetClipRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
TextOutW
SetBkMode
RectInRegion
CreateFontIndirectW
Rectangle
RestoreDC
CombineRgn
GetTextExtentPoint32W
CreateRectRgn
DeleteObject
LineTo

advapi32

OpenServiceW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
DeleteService
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CloseServiceHandle
ControlService
OpenSCManagerW

shell32

SHGetSpecialFolderPathW
ord680
ShellExecuteW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHCreateDirectoryExW
SHGetPathFromIDListW

ole32

CoGetClassObject
CoFreeUnusedLibrariesEx
CoInitialize
StgCreateDocfile
StgOpenStorage
CLSIDFromString
OleInitialize
CLSIDFromProgID
OleLockRunning
StringFromGUID2
CreateStreamOnHGlobal
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoUninitialize

oleaut32

SysAllocStringLen
VariantInit
DispCallFunc
VarBstrCmp
SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VariantClear
VariantCopy
SysStringLen
SysFreeString
VarUI4FromStr
SysAllocString
OleLoadPicture

shlwapi

PathFileExistsW
PathAppendW
PathAddBackslashW
StrToIntA
PathRemoveBackslashW

comctl32

_TrackMouseEvent
InitCommonControlsEx

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

htons
htonl

wininet

InternetGetConnectedState
HttpQueryInfoW
InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle

netapi32

Netbios

Sections

.text
Size: 688KB - Virtual size: 685KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d00aeb753a3bc2159b36ccd78c85547

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

version

ws2_32

wininet

netapi32

Sections

.text Size: 688KB - Virtual size: 685KB

.rdata Size: 120KB - Virtual size: 118KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 688KB - Virtual size: 685KB

.rdata
Size: 120KB - Virtual size: 118KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB