20240820878fc39778ba018d69a9a1d6b8b13142magniber

Sharing

Copy URL Twitter E-mail

General

Target

20240820878fc39778ba018d69a9a1d6b8b13142magniber
Size

3.3MB
MD5

878fc39778ba018d69a9a1d6b8b13142
SHA1

45f192433a3c63614822ec4086c8872b124e8ee6
SHA256

6774a13ae7e3f45ac06f4604c3106930671cc54c31128afb917d8f9476153987
SHA512

965e3671006b0becc891b420cf54eb280b141b4858caa6a900732d0ef6ec9c8c349d70fa56fd96d2857b2257686344728e125a2d3d1f875db66b5fa703e7856f
SSDEEP

49152:hmnMQ0cvnwq324FCmkjFzeL+sYJzC01kn0XO6yWqkTqG8tK63fqR:43ZyCOk0XO6yZU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20240820878fc39778ba018d69a9a1d6b8b13142magniber

Files

20240820878fc39778ba018d69a9a1d6b8b13142magniber
.exe windows:5 windows x86 arch:x86

7c5faf5d993a732594994b97feefbada

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\QShuru\release_line\client\Release\QQPYHandInput.pdb

Imports

kernel32

MulDiv
GetTickCount
MultiByteToWideChar
FindClose
FindFirstFileW
CreateThread
Sleep
GetVersionExW
GetShortPathNameW
ReadFile
FreeLibrary
SetLastError
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
RaiseException
HeapReAlloc
HeapSize
LeaveCriticalSection
WriteConsoleW
ReadConsoleW
SetFilePointerEx
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetConsoleMode
GetConsoleCP
GetStringTypeW
SetStdHandle
OutputDebugStringA
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualQuery
lstrcpyW
GetCurrentProcessId
GetProcAddress
LoadLibraryW
lstrcatW
GetCurrentThread
FormatMessageW
GetCurrentThreadId
CreateFileW
WriteFile
lstrlenW
IsBadWritePtr
CreateDirectoryW
GetModuleHandleW
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
MapViewOfFileEx
CreateFileMappingW
SystemTimeToFileTime
GetFileSize
QueryPerformanceFrequency
GetLocalTime
CloseHandle
GetLastError
UnmapViewOfFile
SetFilePointer
PeekNamedPipe
GetFileType
FreeLibraryAndExitThread
ResumeThread
ExitThread
RemoveDirectoryW
GetFileAttributesExW
GetTimeZoneInformation
GetACP
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
RtlUnwind
GlobalSize
CopyFileW
UnhandledExceptionFilter
IsProcessorFeaturePresent
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
EncodePointer
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
GlobalAlloc
GlobalFree
WideCharToMultiByte
SetEndOfFile
GetFileTime
LocalAlloc
GetSystemDirectoryW
InterlockedIncrement
GetSystemTime
FindNextFileW
GetFileAttributesW
LocalFileTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateMutexW
OpenMutexW
ProcessIdToSessionId
LocalFree
GlobalLock
GlobalUnlock
InterlockedDecrement
QueryDosDeviceW
GetLogicalDrives
DeviceIoControl
GetDiskFreeSpaceExW
GetDriveTypeW
lstrlenA
LoadLibraryA
lstrcatA
CopyFileA
CreateFileA
GetSystemDirectoryA
lstrcpyA
GetTempPathW
SetFileAttributesW
DeleteFileW
MoveFileExW
GetTempFileNameW
FlushFileBuffers
OpenFileMappingW
FlushViewOfFile
MapViewOfFile
InterlockedCompareExchange
WaitForSingleObject
TryEnterCriticalSection
InitializeCriticalSection
ReleaseMutex
SizeofResource
LockResource
LoadResource
SwitchToThread

user32

SystemParametersInfoW
EnumDisplayMonitors
ReleaseDC
GetMonitorInfoW
MonitorFromWindow
MonitorFromRect
SetWindowPos
MonitorFromPoint
GetCursorPos
PtInRect
GetDC
GetSystemMetrics
GetDlgCtrlID
TrackMouseEvent
BeginPaint
EndPaint
FillRect
LoadBitmapW
DrawTextW
SetRect
GetWindowLongW
GetKeyState
GetMessageExtraInfo
PostMessageW
DestroyWindow
GetWindowPlacement
OpenClipboard
OffsetRect
SetTimer
DestroyIcon
CloseClipboard
EmptyClipboard
IsWindowEnabled
EnumClipboardFormats
LoadIconW
LoadCursorW
SetCapture
SetCursor
DrawIconEx
KillTimer
PostQuitMessage
DialogBoxParamW
ReleaseCapture
LoadImageW
GetDesktopWindow
SetPropW
GetPropW
GetWindow
SetClipboardData
GetClipboardData
RegisterClipboardFormatW
UpdateWindow
GetClassInfoExW
UpdateLayeredWindow
RegisterClassExW
CreateWindowExW
DefWindowProcW
IsCharAlphaNumericW
wsprintfA
GetIconInfo
InvalidateRect
SendInput
GetMessageW
CreateDialogParamW
MessageBoxW
DispatchMessageW
GetForegroundWindow
MoveWindow
TranslateMessage
SetForegroundWindow
IsIconic
IsWindowVisible
SetWindowRgn
ScreenToClient
SendMessageW
EndDialog
UnregisterClassW
SetWindowTextW
ShowWindow
IsWindow
SetWindowLongW
GetClientRect
GetDlgItem
GetParent
EnableWindow
wvsprintfW
GetWindowRect

gdi32

DeleteDC
DeleteObject
RectVisible
PatBlt
CreateBitmap
SetStretchBltMode
CreateFontW
SetDIBitsToDevice
GetDIBits
CreateDIBPatternBrushPt
GetStockObject
StretchDIBits
RealizePalette
StretchBlt
CreateCompatibleBitmap
SetBrushOrgEx
CreateRectRgn
BitBlt
MoveToEx
CreatePen
LineTo
SelectObject
GetFontUnicodeRanges
CombineRgn
CreateFontIndirectW
CreateSolidBrush
Polygon
GetObjectW
Rectangle
SetBkMode
SetTextColor
ExtCreateRegion
GetDeviceCaps
CreateCompatibleDC
CreateDIBSection
ExtSelectClipRgn
RestoreDC
CreateRectRgnIndirect
GetClipBox
SaveDC
SetBkColor

advapi32

LookupAccountNameW
RegCloseKey
RegSetValueExW
RegOpenKeyW
RegQueryValueExW
RegDeleteValueW
ConvertSidToStringSidW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
GetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
InitializeSecurityDescriptor
InitializeAcl
AddAccessAllowedAceEx
GetLengthSid
OpenProcessToken
LookupAccountSidW
GetTokenInformation

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

OleInitialize
OleUninitialize
CoTaskMemFree

oleaut32

SysFreeString

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shlwapi

PathFileExistsW

gdiplus

GdiplusShutdown

ws2_32

WSAStartup
ntohl
htons
htonl

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 721KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 155KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c5faf5d993a732594994b97feefbada

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

shlwapi

gdiplus

ws2_32

wtsapi32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 721KB - Virtual size: 720KB

.data Size: 20KB - Virtual size: 74KB

_RDATA Size: 4KB - Virtual size: 3KB

.rsrc Size: 77KB - Virtual size: 76KB

.reloc Size: 155KB - Virtual size: 156KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 721KB - Virtual size: 720KB

.data
Size: 20KB - Virtual size: 74KB

_RDATA
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 77KB - Virtual size: 76KB

.reloc
Size: 155KB - Virtual size: 156KB