OPPO_Unlock_Tool_top-gsm[.]ir[.]exe | Triage

Submit
Reports

Overview

overview

5

Static

static

1

OPPO_Unloc...ir.exe

windows7-x64

5

OPPO_Unloc...ir.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

OPPO_Unlock_Tool_top-gsm.ir.exe

Resource

win7-20230220-en

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral2

Sample

OPPO_Unlock_Tool_top-gsm.ir.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

300 seconds

General

Target

OPPO_Unlock_Tool_top-gsm.ir.exe
Size

1.7MB
MD5

60782715912a1a63d21d029c48acc597
SHA1

680ad12a1a01f43f8bd28aeb663a0119ac2e6e0d
SHA256

9b88c53492defee2697a8601fcd2d6343cf1ed1078f431f645e6cea068c65abf
SHA512

0cb83f9eed73138784db416e268f11a07cf8047c223dc0ddf34f18888a5e6952e217fe6c51666abe21a3c5975c0573416c5c2cdacc031ed129ed73a95e70fd4e
SSDEEP

49152:u7quvXyWqfufM1tMq45C3OCh2n/AFsFUXHv6SR:zHWVM1tiuOCkAFRCy

Score

1^/10

Malware Config

Signatures

Files

OPPO_Unlock_Tool_top-gsm.ir.exe
.exe windows x86

30c387aff2e1c96f7202b8c5adda4365

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
TlsSetValue
lstrcpyA
Sleep
Process32Next

user32

GetKeyboardType
CreateWindowExA

advapi32

RegQueryValueExA
SetSecurityDescriptorDacl

oleaut32

SysFreeString
SafeArrayPtrOfIndex
GetErrorInfo

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

OleUninitialize

comctl32

ImageList_SetIconSize

winspool.drv

OpenPrinterA

shell32

SHGetFileInfoA
SHGetSpecialFolderLocation

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

CODE
Size: 630KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy