2024-06-25_9184eb164b73859d8b277da0135478f6_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-25_9184eb164b73859d8b277da0135478f6_magniber
Size

2.1MB
MD5

9184eb164b73859d8b277da0135478f6
SHA1

57cb7aaa912c3c343ac59e7d4612f9c06d21a988
SHA256

26ea7788c0d3833b19fa2b903e0a267edf3bf24890b2d1a7ed1f5c85098dc863
SHA512

354ebc458e2decbc3bbb7896f7dcf40c019c58b6357dac5be5381bb3472558f77ac1c838b89ddec6b479d971c994e29423492588cbd12d69b41739cd73937a01
SSDEEP

24576:PqRG0VduIt0h79LyQvZhJ2cTaH4Y7grQWP/fc/LFMBi4laHBW1UCY:yR3+PlJ2cTaH48k3XUjgDIMg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-25_9184eb164b73859d8b277da0135478f6_magniber

Files

2024-06-25_9184eb164b73859d8b277da0135478f6_magniber
.exe windows:4 windows x86 arch:x86

a75dfe2b517f6068a7f237f2f14c14ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_Trunk\workspace\8.5Patch_SourceJob\qqpcmgr_proj\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

GlobalMemoryStatus
LoadLibraryExW
UnmapViewOfFile
OpenMutexW
CreateMutexW
MapViewOfFileEx
lstrcmpiW
CreateFileMappingW
SetCurrentDirectoryW
lstrlenW
GetFileAttributesW
MoveFileExW
RemoveDirectoryW
CreateDirectoryW
SetFilePointer
OutputDebugStringW
GetExitCodeProcess
QueryDosDeviceW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
LocalAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetDriveTypeW
VirtualAlloc
VirtualFree
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
GetTempFileNameW
SetFileAttributesW
MoveFileW
GetFullPathNameW
GetCurrentDirectoryW
SetEndOfFile
GetSystemInfo
ReleaseMutex
ExpandEnvironmentStringsW
IsBadReadPtr
SetLastError
GetDriveTypeA
GetCurrentDirectoryA
GetLocaleInfoW
FindClose
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
IsDebuggerPresent
UnhandledExceptionFilter
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleA
ExitThread
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateFileA
GetLocalTime
CreatePipe
GetCPInfo
LoadLibraryA
GetSystemDefaultLangID
VirtualQuery
WideCharToMultiByte
FindNextFileW
FindFirstFileW
FreeLibrary
RaiseException
GetDiskFreeSpaceExW
FlushInstructionCache
DeviceIoControl
GetVersion
WriteFile
lstrcmpW
FreeResource
CreateThread
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
InitializeCriticalSection
SetErrorMode
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
GetCommandLineW
MultiByteToWideChar
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
TerminateProcess
CreateProcessW
OpenProcess
SearchPathW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
GetCurrentProcess
GetLastError
HeapAlloc
InterlockedIncrement
GetProcessHeap
HeapFree
DeleteCriticalSection
InterlockedDecrement
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
ResetEvent
CreateEventW
GetVersionExW
CopyFileW
Sleep
GetTickCount
SetEvent
WaitForSingleObject
ReadFile
CloseHandle
GetFileSize
CreateFileW
DeleteFileW
GetTempPathW
lstrlenA
FlushFileBuffers

user32

LoadImageW
PostMessageW
DefWindowProcW
CreateWindowExW
SetWindowLongW
FrameRect
CopyImage
GetActiveWindow
SetWindowTextW
GetWindowTextW
InvalidateRgn
LoadIconW
RedrawWindow
GetWindowTextLengthW
SetFocus
GetFocus
IsChild
KillTimer
CharUpperW
CharLowerW
LoadStringW
UnregisterClassA
DestroyWindow
GetSysColor
FillRect
GetWindowDC
SendMessageW
mouse_event
GetSystemMetrics
DestroyAcceleratorTable
GetDesktopWindow
IsWindowEnabled
GetWindowRect
EnableWindow
SetRect
GetClientRect
RegisterClassExW
ShowWindow
MapWindowPoints
SystemParametersInfoW
InvalidateRect
GetClassInfoExW
GetWindow
FindWindowExW
SetWindowPos
MessageBoxW
CreateAcceleratorTableW
GetClassNameW
SetTimer
ClientToScreen
GetMonitorInfoW
MonitorFromWindow
EqualRect
GetDlgCtrlID
IsWindowVisible
DrawIconEx
ReleaseCapture
DrawTextW
SetCapture
SetCursor
PtInRect
SetWindowRgn
TrackPopupMenu
GetSystemMenu
PostThreadMessageW
DrawFrameControl
GetKeyState
OffsetRect
EndPaint
BeginPaint
CallWindowProcW
ScreenToClient
RegisterWindowMessageW
GetDC
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
GetWindowThreadProcessId
InflateRect
ReleaseDC
CharNextW
GetDlgItem
GetParent
CopyRect
MoveWindow
DispatchMessageW
TranslateMessage
GetMessageW
IsWindow
GetWindowLongW
PeekMessageW
SetActiveWindow
LoadCursorW

gdi32

StretchBlt
SetBkColor
SetTextColor
CreateCompatibleDC
DeleteDC
GetObjectW
GetStockObject
ExtTextOutW
CreatePen
CreateFontIndirectW
DeleteObject
CreateDIBSection
RectInRegion
CombineRgn
SelectClipRgn
SaveDC
CreateBitmap
TextOutW
CreateRectRgnIndirect
RoundRect
CreateRectRgn
OffsetRgn
GetTextExtentPoint32W
SetBkMode
LineTo
MoveToEx
GetDeviceCaps
ExtSelectClipRgn
CreateSolidBrush
GetTextMetricsW
GetCurrentObject
GetClipRgn
CreateCompatibleBitmap
RestoreDC
BitBlt
Rectangle
SelectObject

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
DeleteService
ControlService
CloseServiceHandle
OpenServiceW
OpenSCManagerW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
ord680
SHCreateDirectoryExW

ole32

CoTaskMemFree
CoTaskMemRealloc
StgOpenStorage
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoGetClassObject
StringFromGUID2
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoUninitialize
StgCreateDocfile

oleaut32

VariantCopy
SysStringLen
SysAllocString
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
VarBstrCmp
VariantInit
DispCallFunc
VariantClear
SysAllocStringLen
SysFreeString
VarUI4FromStr
OleLoadPicture

shlwapi

PathRemoveBackslashW
StrToIntA
PathAddBackslashW
PathAppendW
PathFileExistsW

comctl32

InitCommonControlsEx
_TrackMouseEvent

ws2_32

htons
htonl

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
InternetGetConnectedState

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

netapi32

Netbios

Sections

.text
Size: 708KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a75dfe2b517f6068a7f237f2f14c14ea

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

wininet

version

netapi32

Sections

.text Size: 708KB - Virtual size: 705KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 708KB - Virtual size: 705KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB