2024-06-20_472613a969a74d89cfab3916e0f36207_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-20_472613a969a74d89cfab3916e0f36207_magniber
Size

3.9MB
MD5

472613a969a74d89cfab3916e0f36207
SHA1

13b1ae97ed4236a64f6986fef9583553a0531e2f
SHA256

70dc064a24cdb3ed41ecd13dd5eda56532d8218ca925df8ab0657cfb4e16b1bf
SHA512

328ef9c8a1eea06930ceed727ed7464819ddc7d2d1f1161152c6d3f9c7f1a6f7b268cd984ddd6478512c1b95349ab96e5bca298e785fc60e5f41d7e517a24d47
SSDEEP

49152:IUjvfXTOCiEz8k3XEjgQ7M3c2GLkquO7Xg92h1bfH9EN1lfEx9QshJh:IwfNx30jg5ukquOga9fH9afEfB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-20_472613a969a74d89cfab3916e0f36207_magniber

Files

2024-06-20_472613a969a74d89cfab3916e0f36207_magniber
.exe windows:4 windows x86 arch:x86

23467141daa95c22fc8c386b70a37edc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_Trunk\workspace\8.7Patch_SourceJob\qqpcmgr_proj\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

UnmapViewOfFile
OpenMutexW
CreateMutexW
lstrcmpiW
MapViewOfFileEx
CreateFileMappingW
Process32NextW
GetFileAttributesW
MoveFileExW
RemoveDirectoryW
CreateDirectoryW
SetFilePointer
OutputDebugStringW
GetExitCodeProcess
QueryDosDeviceW
CreateToolhelp32Snapshot
Process32FirstW
LocalAlloc
LocalFree
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetDriveTypeW
VirtualFree
VirtualAlloc
CreateSemaphoreW
ReleaseSemaphore
GetStdHandle
GetTempFileNameW
SetEndOfFile
SetFileAttributesW
MoveFileW
GetFullPathNameW
GetSystemInfo
LoadLibraryExW
GetDriveTypeA
GetCurrentDirectoryA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleW
SetCurrentDirectoryW
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleA
IsDebuggerPresent
UnhandledExceptionFilter
ExitThread
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetLocalTime
CreatePipe
GetCPInfo
LoadLibraryA
ReleaseMutex
VirtualQuery
GetSystemDefaultLangID
CreateFileA
lstrlenW
GlobalMemoryStatus
RaiseException
FreeLibrary
FlushInstructionCache
WriteFile
FreeResource
DeviceIoControl
GetVersion
CreateThread
lstrcmpW
FindClose
FindNextFileW
FindFirstFileW
SetLastError
WideCharToMultiByte
GetDiskFreeSpaceExW
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
InitializeCriticalSection
SetErrorMode
GetModuleHandleW
GetCurrentThreadId
MultiByteToWideChar
GetCurrentProcessId
GetModuleFileNameW
GetCommandLineW
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
TerminateProcess
CreateProcessW
OpenProcess
SearchPathW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
GetCurrentProcess
GetLastError
HeapAlloc
InterlockedIncrement
GetProcessHeap
HeapFree
DeleteCriticalSection
InterlockedDecrement
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
ResetEvent
CreateEventW
GetVersionExW
CopyFileW
Sleep
GetTickCount
SetEvent
WaitForSingleObject
ReadFile
CloseHandle
GetFileSize
CreateFileW
DeleteFileW
GetTempPathW
lstrlenA
GetConsoleOutputCP

user32

PostMessageW
DefWindowProcW
CreateWindowExW
SetWindowLongW
GetWindowTextW
LoadImageW
LoadIconW
RedrawWindow
GetWindowTextLengthW
SetFocus
GetFocus
IsChild
KillTimer
SetTimer
GetClassNameW
CharUpperW
CharLowerW
CopyImage
LoadStringW
UnregisterClassA
DestroyWindow
SetWindowTextW
FrameRect
InvalidateRgn
FillRect
GetSysColor
GetWindowDC
CopyRect
GetParent
GetDlgItem
SendMessageW
GetActiveWindow
GetDesktopWindow
IsWindowEnabled
EnableWindow
SetRect
RegisterClassExW
MapWindowPoints
SystemParametersInfoW
InvalidateRect
GetClassInfoExW
GetWindow
ShowWindow
MessageBoxW
mouse_event
DestroyAcceleratorTable
GetSystemMetrics
CreateAcceleratorTableW
ReleaseCapture
DrawTextW
SetCapture
SetCursor
PtInRect
SetWindowRgn
TrackPopupMenu
GetSystemMenu
PostThreadMessageW
DrawFrameControl
GetKeyState
OffsetRect
ClientToScreen
GetMonitorInfoW
MonitorFromWindow
EqualRect
GetDlgCtrlID
IsWindowVisible
DrawIconEx
CallWindowProcW
ScreenToClient
EndPaint
BeginPaint
RegisterWindowMessageW
GetForegroundWindow
GetWindowThreadProcessId
InflateRect
ReleaseDC
CharNextW
GetDC
SetForegroundWindow
AttachThreadInput
GetWindowLongW
MoveWindow
DispatchMessageW
TranslateMessage
GetMessageW
IsWindow
GetClientRect
PeekMessageW
SetActiveWindow
GetWindowRect
FindWindowExW
LoadCursorW
SetWindowPos

gdi32

GetStockObject
SetTextColor
CreatePen
Rectangle
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
StretchBlt
SetBkColor
DeleteObject
RoundRect
CreateRectRgn
OffsetRgn
GetTextExtentPoint32W
GetObjectW
LineTo
MoveToEx
RectInRegion
CombineRgn
SelectClipRgn
SaveDC
RestoreDC
TextOutW
CreateRectRgnIndirect
GetDeviceCaps
ExtSelectClipRgn
CreateSolidBrush
GetTextMetricsW
GetCurrentObject
GetClipRgn
DeleteDC
SetBkMode
SelectObject
CreateBitmap
ExtTextOutW

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegCreateKeyExW
FreeSid
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid
DeleteService
ControlService
CloseServiceHandle
OpenServiceW
OpenSCManagerW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
ord680
SHCreateDirectoryExW

ole32

CoInitialize
CoTaskMemAlloc
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoGetClassObject
StringFromGUID2
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance

oleaut32

VariantCopy
DispCallFunc
VariantInit
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
VarBstrCmp
SysFreeString
VarUI4FromStr
OleLoadPicture

shlwapi

PathRemoveBackslashW
StrToIntA
PathAddBackslashW
PathAppendW
PathFileExistsW

comctl32

InitCommonControlsEx
_TrackMouseEvent

ws2_32

htons
htonl

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
InternetGetConnectedState

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

netapi32

Netbios

Sections

.text
Size: 716KB - Virtual size: 713KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23467141daa95c22fc8c386b70a37edc

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

wininet

version

netapi32

Sections

.text Size: 716KB - Virtual size: 713KB

.rdata Size: 124KB - Virtual size: 120KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 716KB - Virtual size: 713KB

.rdata
Size: 124KB - Virtual size: 120KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB