OttoMatic[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

OttoMatic.exe
Size

995KB
MD5

098520360adecde5dbab222b3ba4b396
SHA1

b60c93c0ea440e71ea5deac4d8f63a1a910c828a
SHA256

69876de8839ebedd89606a04abdb015043e5cbbe142107f4bbb6199f0d8b8bef
SHA512

90d06163d68e46cc07b069ee79fefa88854409b4065c0bf8c9614dff8a733bcad6055d1b66eac941deed076df40e9b777eb4cc8973905860f11111b30dc478da
SSDEEP

12288:dp7M+xV6gU8fSoYQ6Xg87I1TAMB9NDhTTjj9ZWqSK79644kY4BxKdhD9LAiRMM:dpnMgU8fKQ6VI5AMBvDhoDRdM

Score

N/A

Malware Config

Signatures

Files

OttoMatic.exe
.exe windows x64

4acf2bb53c005f6a4247b6a2e4d9543a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

sdl2

SDL_strlen
SDL_iconv_string
SDL_InitSubSystem
SDL_CloseAudioDevice
SDL_PauseAudioDevice
SDL_OpenAudioDevice
SDL_SetMainReady
SDL_UnlockMutex
SDL_LockMutex
SDL_CreateMutex
SDL_PollEvent
SDL_GameControllerClose
SDL_GameControllerRumble
SDL_DestroyMutex
SDL_GameControllerOpen
SDL_IsGameController
SDL_JoystickGetDeviceInstanceID
SDL_JoystickNameForIndex
SDL_NumJoysticks
SDL_SetRelativeMouseMode
SDL_GetKeyboardState
SDL_PumpEvents
SDL_GL_GetCurrentContext
SDL_SetWindowFullscreen
SDL_HideWindow
SDL_ShowWindow
SDL_SetWindowPosition
SDL_SetWindowDisplayMode
SDL_GetTicks
SDL_GetWindowFlags
SDL_FlushEvents
SDL_Delay
SDL_GameControllerGetButton
SDL_GameControllerGetAxis
SDL_FreeCursor
SDL_GetCursor
SDL_SetCursor
SDL_CreateSystemCursor
SDL_GetMouseState
SDL_GetPreferredLocales
SDL_free
SDL_GameControllerName
SDL_GetDisplayName
SDL_GameControllerGetStringForButton
SDL_GameControllerGetStringForAxis
SDL_GetScancodeName
SDL_QuitSubSystem
SDL_Init
SDL_ShowSimpleMessageBox
SDL_GameControllerAddMappingsFromRW
SDL_GL_SetAttribute
SDL_DestroyWindow
SDL_CreateWindow
SDL_GetNumVideoDisplays
SDL_RWFromFile
SDL_ShowCursor
SDL_GL_DeleteContext
SDL_GL_SwapWindow
SDL_GL_SetSwapInterval
SDL_GL_MakeCurrent
SDL_GL_CreateContext
SDL_GetWindowSize
SDL_GetError
SDL_GL_GetProcAddress
SDL_wcslen

opengl32

glFogfv
glScalef
glTranslatef
glVertex3fv
glLineWidth
glFogf
glReadPixels
glFogi
glBlendFunc
glEnable
glBindTexture
glGenTextures
glTexImage2D
glPixelStorei
glColorMaterial
glMaterialfv
glLightModelfv
glLightfv
glLoadMatrixf
glPopMatrix
glPushMatrix
glViewport
glFrustum
glDepthMask
glHint
glGetString
glGetError
glGetIntegerv
glGetFloatv
glGetBooleanv
glIsEnabled
glPolygonMode
glFrontFace
glCullFace
glAlphaFunc
glColorMask
glClear
glClearColor
glDeleteTextures
glTexParameteri
glTexParameterf
glTexEnvi
glTexGeni
glDrawElements
glTexCoordPointer
glColorPointer
glNormalPointer
glVertexPointer
glVertex3f
glRotatef
glMultMatrixf
glOrtho
glDisableClientState
glEnableClientState
glTexCoord2f
glColor4fv
glColor4f
glDisable
glVertex2f
glEnd
glBegin
glLoadIdentity
glMatrixMode
glColor3f

shell32

CommandLineToArgvW
SHGetKnownFolderPath

ole32

CoTaskMemFree

msvcp140

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?swap@?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??Bid@locale@std@@QEAA_KXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
_Thrd_sleep
_Query_perf_frequency
_Query_perf_counter
_Xtime_get_ticks
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?uncaught_exceptions@std@@YAHXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

vcruntime140

strchr
__RTDynamicCast
_purecall
memchr
memmove
__current_exception
__current_exception_context
memset
memcpy
memcmp
_CxxThrowException
__std_terminate
__std_exception_copy
__std_exception_destroy
__C_specific_handler

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-math-l1-1-0

cos
sqrt
sqrtf
atan2f
sin
tan
ldexp
tanf
__setusermatherr
ceilf
cosf
sinf
acos

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsscanf
_get_stream_buffer_pointers
fclose
fflush
fgetc
fgetpos
fputc
fsetpos
_set_fmode
__stdio_common_vsprintf
__p__commode
ungetc
setvbuf
fwrite
fread
_fseeki64

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_c_exit
_invalid_parameter_noinfo_noreturn
_initterm_e
_set_app_type
_seh_filter_exe
_initialize_onexit_table
_configure_narrow_argv
_register_onexit_function
exit
_register_thread_local_exe_atexit_callback
_exit
_crt_atexit
terminate
_cexit
_initterm
_get_narrow_winmain_command_line

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
_set_new_mode
free

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-time-l1-1-0

_localtime64
_time64

api-ms-win-crt-string-l1-1-0

isalnum
strncmp

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
___lc_codepage_func

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
LocalFree
FormatMessageA
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetFileInformationByHandle
AreFileApisANSI
CloseHandle
GetLastError
GetFileInformationByHandleEx
MultiByteToWideChar
WideCharToMultiByte
HeapFree
GetCommandLineW
GetProcessHeap
HeapAlloc

Sections

.text
Size: 628KB - Virtual size: 627KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4acf2bb53c005f6a4247b6a2e4d9543a

Headers

DLL Characteristics

File Characteristics

Imports

sdl2

opengl32

shell32

ole32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

kernel32

Sections

.text Size: 628KB - Virtual size: 627KB

.rdata Size: 123KB - Virtual size: 122KB

.data Size: 7KB - Virtual size: 3.2MB

.pdata Size: 31KB - Virtual size: 31KB

.rsrc Size: 202KB - Virtual size: 201KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 628KB - Virtual size: 627KB

.rdata
Size: 123KB - Virtual size: 122KB

.data
Size: 7KB - Virtual size: 3.2MB

.pdata
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 202KB - Virtual size: 201KB

.reloc
Size: 2KB - Virtual size: 1KB