General

Malware Config

Signatures

Files

• ofivo.bin

  .exe windows x86

  c99ebcc652129d2e5a7cddebe08c73bb

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  lstrlenW

  GetLastError

  FreeLibrary

  LoadLibraryW

  SetLastError

  WriteConsoleW

  GetFileType

  GetStdHandle

  MultiByteToWideChar

  GetModuleHandleA

  FindFirstFileW

  FindNextFileW

  GetFileAttributesW

  GetCommandLineW

  LocalAlloc

  LocalFree

  VerifyVersionInfoW

  FormatMessageW

  GetModuleHandleW

  OpenMutexW

  DeleteFileW

  FoldStringW

  Heap32ListNext

  MoveFileWithProgressW

  OutputDebugStringW

  _lopen

  GetOverlappedResult

  GenerateConsoleCtrlEvent

  ClearCommError

  CreateFileMappingW

  DeleteAtom

  SetFilePointerEx

  CreateDirectoryW

  GetThreadSelectorEntry

  GlobalFix

  FindNextVolumeA

  lstrlenA

  QueueUserWorkItem

  DeviceIoControl

  SetupComm

  GetCurrentConsoleFont

  GetNumberOfConsoleMouseButtons

  WritePrivateProfileStringA

  SetConsoleMode

  SetTimeZoneInformation

  Module32FirstW

  WaitForMultipleObjectsEx

  GlobalLock

  Sleep

  GetConsoleMode

  WriteFileGather

  CloseHandle

  CreateMutexW

  CreateSemaphoreA

  ExitProcess

  GetCommandLineA

  GetCurrentProcessId

  GetCurrentThreadId

  GetProcAddress

  GetStartupInfoA

  InterlockedDecrement

  InterlockedIncrement

  ReleaseMutex

  ReleaseSemaphore

  SetUnhandledExceptionFilter

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  WaitForMultipleObjects

  WaitForSingleObject

  VirtualAllocEx

  user32

  LoadStringW

  ExitWindowsEx

  DdeInitializeW

  SetProcessDefaultLayout

  DdeCreateStringHandleW

  LoadCursorA

  GetClassInfoW

  EnumPropsA

  SetRect

  CloseClipboard

  wvsprintfW

  CreateIcon

  MapVirtualKeyW

  GetInputState

  DdeFreeDataHandle

  CreateMDIWindowA

  GetWindowTextA

  UpdateLayeredWindow

  InvertRect

  CharUpperBuffW

  SetWindowsHookW

  SetTimer

  CallWindowProcW

  IsCharLowerA

  GetMenuItemCount

  SetWindowContextHelpId

  GetMenu

  CheckRadioButton

  wsprintfW

  ScrollWindowEx

  CloseDesktop

  ChangeDisplaySettingsA

  FindWindowExW

  CountClipboardFormats

  EditWndProc

  GetWindowTextLengthW

  DdeNameService

  GetMessageTime

  GetMouseMovePointsEx

  DestroyAcceleratorTable

  OffsetRect

  GetUserObjectSecurity

  FindWindowW

  EnumClipboardFormats

  DrawTextA

  CheckMenuItem

  BeginDeferWindowPos

  RealGetWindowClass

  GetTabbedTextExtentA

  GetKeyboardState

  LoadIconA

  GetDoubleClickTime

  gdi32

  StretchBlt

  StretchDIBits

  DeleteObject

  GetTextAlign

  CreateRoundRectRgn

  EnableEUDC

  SetAbortProc

  RemoveFontResourceExW

  GdiConvertRegion

  GdiStartDocEMF

  EngFindResource

  CreateColorSpaceA

  SelectClipPath

  GdiGetLocalDC

  GetMetaFileA

  SetWinMetaFileBits

  GetStringBitmapW

  QueryFontAssocStatus

  GdiGetPageCount

  GetTextExtentPointW

  GdiEntry10

  GetCharABCWidthsFloatA

  GetStockObject

  advapi32

  RegOpenKeyW

  shell32

  DragAcceptFiles

  Shell_NotifyIconA

  SHGetPathFromIDList

  shlwapi

  StrStrA

  StrStrW

  Sections

  .text

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 197KB - Virtual size: 196KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 929KB - Virtual size: 929KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 13KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ