Extracted

• 2024-11-01_5381e8088a4d5443a40e1316522f8b79_magniber_qakbot

  .exe windows:5 windows x86 arch:x86

  0ed9bb83b46883e5a2e5037acb0b0efe

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  TlsAlloc

  TlsSetValue

  LocalReAlloc

  DeleteCriticalSection

  GlobalFree

  TlsFree

  GetProcAddress

  InterlockedDecrement

  FreeLibrary

  GetCurrentProcessId

  lstrlenW

  FormatMessageW

  GetCurrentThreadId

  InterlockedIncrement

  lstrcmpA

  lstrlenA

  GetVersionExA

  GlobalUnlock

  LoadLibraryA

  LoadLibraryW

  GlobalDeleteAtom

  GlobalFindAtomW

  GlobalAddAtomW

  GlobalFlags

  FlushFileBuffers

  SetEndOfFile

  GetCurrentProcess

  GetModuleHandleA

  InitializeCriticalSection

  GetStartupInfoW

  RtlUnwind

  RaiseException

  HeapReAlloc

  HeapSize

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetConsoleCP

  GetConsoleMode

  GetStdHandle

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  SetHandleCount

  GetFileType

  GetStartupInfoA

  HeapCreate

  VirtualFree

  QueryPerformanceCounter

  GetSystemTimeAsFileTime

  VirtualAlloc

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  InitializeCriticalSectionAndSpinCount

  SetStdHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  CreateFileA

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  GlobalReAlloc

  GlobalLock

  EnterCriticalSection

  TlsGetValue

  LeaveCriticalSection

  LocalFree

  LocalAlloc

  SetLastError

  GlobalAlloc

  GlobalHandle

  WideCharToMultiByte

  LocalFileTimeToFileTime

  GetCurrentDirectoryW

  SystemTimeToFileTime

  SetFilePointer

  GetLastError

  SetFileAttributesW

  WriteFile

  GetFileSizeEx

  FreeResource

  LockResource

  LoadResource

  SizeofResource

  FindResourceW

  GetModuleHandleW

  MultiByteToWideChar

  HeapFree

  GetProcessHeap

  HeapAlloc

  GetModuleFileNameA

  GetTempPathA

  CreateFileW

  ReadFile

  DeviceIoControl

  GetVersionExW

  CreateThread

  GetSystemWindowsDirectoryW

  GetFileAttributesW

  GetTickCount

  ExitProcess

  Sleep

  CreateEventW

  CloseHandle

  OpenEventW

  DeleteFileW

  GetSystemDirectoryW

  GetModuleFileNameW

  lstrcmpW

  GetTempPathW

  user32

  DestroyMenu

  TabbedTextOutW

  DrawTextW

  DrawTextExW

  GrayStringW

  WinHelpW

  GetCapture

  GetClassLongW

  GetClassNameW

  SetPropW

  GetPropW

  RemovePropW

  IsWindow

  GetForegroundWindow

  GetDlgItem

  GetTopWindow

  GetMessageTime

  GetMessagePos

  MapWindowPoints

  SetMenu

  SetForegroundWindow

  GetClientRect

  PostMessageW

  GetClassInfoExW

  GetClassInfoW

  ClientToScreen

  AdjustWindowRectEx

  GetDlgCtrlID

  CallWindowProcW

  CopyRect

  GetMenu

  SetWindowLongW

  SetWindowPos

  SystemParametersInfoA

  IsIconic

  GetWindowPlacement

  GetWindowRect

  GetWindow

  SetMenuItemBitmaps

  GetMenuCheckMarkDimensions

  LoadBitmapW

  GetFocus

  ModifyMenuW

  EnableMenuItem

  CheckMenuItem

  GetWindowTextW

  GetSystemMetrics

  GetDC

  ReleaseDC

  GetSysColor

  GetSysColorBrush

  SetWindowsHookExW

  CallNextHookEx

  GetKeyState

  PeekMessageW

  ValidateRect

  GetMenuState

  GetMenuItemID

  GetMenuItemCount

  GetSubMenu

  GetWindowThreadProcessId

  wsprintfW

  LoadStringW

  LoadAcceleratorsW

  SendMessageW

  GetParent

  GetWindowLongW

  GetLastActivePopup

  IsWindowEnabled

  EnableWindow

  MessageBoxW

  UnhookWindowsHookEx

  SetWindowTextW

  DispatchMessageW

  LoadIconW

  LoadCursorW

  RegisterClassExW

  CreateWindowExW

  DialogBoxParamW

  DestroyWindow

  DefWindowProcW

  BeginPaint

  EndPaint

  PostQuitMessage

  EndDialog

  RegisterClassW

  RegisterWindowMessageW

  PtInRect

  advapi32

  RegQueryValueExW

  RegCloseKey

  RegSetValueExW

  RegOpenKeyExW

  shell32

  ShellExecuteW

  ShellExecuteA

  ws2_32

  gethostbyaddr

  htonl

  socket

  closesocket

  send

  recv

  gethostbyname

  inet_addr

  htons

  WSAStartup

  WSAGetLastError

  connect

  iphlpapi

  GetAdaptersAddresses

  oleacc

  LresultFromObject

  CreateStdAccessibleObject

  gdi32

  DeleteDC

  GetStockObject

  CreateBitmap

  GetClipBox

  SetTextColor

  SetBkColor

  DeleteObject

  ExtTextOutW

  SaveDC

  RestoreDC

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetMapMode

  SetViewportExtEx

  OffsetViewportOrgEx

  PtVisible

  SetViewportOrgEx

  SelectObject

  Escape

  RectVisible

  GetDeviceCaps

  TextOutW

  winspool.drv

  OpenPrinterW

  DocumentPropertiesW

  ClosePrinter

  oleaut32

  VariantClear

  VariantChangeType

  VariantInit

  Sections

  .text

  Size: 157KB - Virtual size: 160KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 38KB - Virtual size: 40KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data

  Size: 8KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 241KB - Virtual size: 244KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 8KB - Virtual size: 32KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  IHHYNNN

  Size: 5KB - Virtual size: 8KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .adata

  Size: - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  FRlnmaey

  Size: 9KB - Virtual size: 9KB

  UkDreOTi

  Size: 7KB - Virtual size: 7KB

  qwhdTjlk

  Size: 22KB - Virtual size: 22KB

  zdrvocWR

  Size: 543KB - Virtual size: 542KB

  ffScwCGP

  Size: 61KB - Virtual size: 60KB

  BfKeDpUz

  Size: 6KB - Virtual size: 6KB

  PwYvlkgb

  Size: 56KB - Virtual size: 56KB

  gxWcsUPw

  Size: 4KB - Virtual size: 4KB

  cLmKVGCe

  Size: 86KB - Virtual size: 86KB

  FplfjtMk

  Size: 80KB - Virtual size: 80KB

  MKFYMbFO

  Size: 16KB - Virtual size: 15KB

  urTwsOBw

  Size: 4KB - Virtual size: 3KB

  eRUuSChZ

  Size: 2KB - Virtual size: 1KB

  cuYAxcrr

  Size: 4KB - Virtual size: 3KB

  iscCJBQo

  Size: 253KB - Virtual size: 253KB

  bitTcrpD

  Size: 57KB - Virtual size: 56KB

  tTiZCcXZ

  Size: 1024B - Virtual size: 724B

  QglqanHi

  Size: 711KB - Virtual size: 710KB

  WoKMKnro

  Size: 73KB - Virtual size: 73KB

  dJEwzTEs

  Size: 40KB - Virtual size: 40KB

  WExTzuXg

  Size: 14KB - Virtual size: 13KB

  viiUvZgj

  Size: 70KB - Virtual size: 69KB

  iyCLCJvY

  Size: 36KB - Virtual size: 36KB

  bSTAxSZb

  Size: 59KB - Virtual size: 59KB

  YPXcczbQ

  Size: 44KB - Virtual size: 43KB

  bYqfIyJB

  Size: 37KB - Virtual size: 37KB

  ktXcyYdz

  Size: 8KB - Virtual size: 8KB

  eYirCSiw

  Size: 55KB - Virtual size: 54KB

  KNcIeUDs

  Size: 512B - Virtual size: 261B

  PmMgvIrL

  Size: 2KB - Virtual size: 1KB

  MaTKUcTt

  Size: 51KB - Virtual size: 50KB

  zbjoAuyR

  Size: 72KB - Virtual size: 71KB

  BxuQUTDR

  Size: 9KB - Virtual size: 9KB

  ajiduiQv

  Size: 42KB - Virtual size: 42KB

  zSqiadzC

  Size: 21KB - Virtual size: 21KB

  SrVINjmM

  Size: 10KB - Virtual size: 9KB

  ltcDiGSE

  Size: 35KB - Virtual size: 34KB

  gBTFXbZo

  Size: 71KB - Virtual size: 70KB

  kmtsPLff

  Size: 132KB - Virtual size: 132KB

  PNhwOkDN

  Size: 149KB - Virtual size: 148KB

  ucMVYWsp

  Size: 37KB - Virtual size: 37KB

  gHrNJHRl

  Size: 265KB - Virtual size: 265KB

  AmagnRUY

  Size: 23KB - Virtual size: 22KB

  oExzMsfU

  Size: 54KB - Virtual size: 54KB

  MhThpGok

  Size: 73KB - Virtual size: 72KB

  rJqgoQZP

  Size: 25KB - Virtual size: 25KB

  qWtROHAD

  Size: 24KB - Virtual size: 23KB

  YWuieIql

  Size: 59KB - Virtual size: 59KB

  rmVILVHs

  Size: 150KB - Virtual size: 149KB

  wrwJyqmC

  Size: 1024B - Virtual size: 589B

  LwjzIZpl

  Size: 29KB - Virtual size: 29KB

  ohDXKCQf

  Size: 18KB - Virtual size: 17KB

  ERIhiItp

  Size: 61KB - Virtual size: 60KB

  LQyEQnlk

  Size: 35KB - Virtual size: 34KB

  JdEmqgpW

  Size: 22KB - Virtual size: 21KB

  CPATdQkK

  Size: 6KB - Virtual size: 5KB

  nURMLSJL

  Size: 27KB - Virtual size: 26KB

  nLrlKjqu

  Size: 89KB - Virtual size: 88KB

  DvUnUVOB

  Size: 25KB - Virtual size: 25KB

  mXQIQXwd

  Size: 4KB - Virtual size: 3KB

  HPLvRkAR

  Size: 44KB - Virtual size: 43KB

  HrxxvWPv

  Size: 3KB - Virtual size: 2KB

  qrQHXAeM

  Size: 9KB - Virtual size: 9KB

  arLvxdcB

  Size: 50KB - Virtual size: 49KB

  utMWlRUm

  Size: 194KB - Virtual size: 194KB

  yrVgjWeE

  Size: 61KB - Virtual size: 60KB

  vEwtMyrj

  Size: 2KB - Virtual size: 1KB