oxide-loader[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

oxide-loader.exe
Size

234KB
MD5

b139e255a56e2a2e0e71716ad94d476c
SHA1

aa69c1cc7fbd621bd24b0febbf0bf88a90b9b276
SHA256

46a3e3ef9803c689880ed3736e6113364919b139595db6d6b263e7b6217a6637
SHA512

c979548cea195a3484ff19338ff7b02af1e403d4950a1d7fe9610a632ab41e3fd484a9d8aaeae771f8c86d1d80d4dbce429eb5a2608c4a5ac7d9e894a6d8525c
SSDEEP

6144:wBT4ynd8Oumtk7bor13YVhb9u6xNC5jUDIhza3wW:wvHSk50u6y5jUDwa3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
oxide-loader.exe

Files

oxide-loader.exe
.exe windows x86

365f72abd4b74e2b01a11862ccc78319

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

kernel32

QueryPerformanceCounter
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
MultiByteToWideChar
IsProcessorFeaturePresent
GetModuleHandleA
GetModuleHandleW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
SetUnhandledExceptionFilter
FreeLibrary
GetProcAddress
QueryPerformanceFrequency
IsDebuggerPresent
LoadLibraryA
UnhandledExceptionFilter
GetStartupInfoW
TerminateProcess

user32

GetKeyState
SetClipboardData
GetClipboardData
CloseClipboard
OpenClipboard
UpdateWindow
ScreenToClient
GetCapture
ClientToScreen
TrackMouseEvent
PostQuitMessage
GetForegroundWindow
LoadCursorW
SetCapture
SetCursor
GetClientRect
IsWindowUnicode
ReleaseCapture
SetCursorPos
GetCursorPos
DefWindowProcW
GetWindowRect
DestroyWindow
SetWindowPos
TranslateMessage
SetLayeredWindowAttributes
PeekMessageW
DispatchMessageW
ShowWindow
RegisterClassExW
UnregisterClassW
CreateWindowExW
EmptyClipboard

shell32

ShellExecuteW

msvcp140

_Query_perf_frequency
_Xtime_get_ticks
?_Xlength_error@std@@YAXPBD@Z
_Thrd_sleep
_Query_perf_counter

imm32

ImmSetCandidateWindow
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

vcruntime140

memset
_CxxThrowException
__std_exception_copy
memmove
memcpy
__current_exception
__std_exception_destroy
strstr
__std_terminate
_purecall
__CxxFrameHandler3
_except_handler4_common
memchr
__current_exception_context

api-ms-win-crt-runtime-l1-1-0

_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
exit
_exit
_invalid_parameter_noinfo_noreturn
_c_exit
_register_thread_local_exe_atexit_callback
_crt_atexit
terminate
_controlfp_s
_cexit
_register_onexit_function
_initialize_onexit_table

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
_set_fmode
_wfopen
__p__commode
fflush
fclose
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
ftell
fwrite
fseek
__stdio_common_vfprintf

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
_set_new_mode
free

api-ms-win-crt-math-l1-1-0

_libm_sse2_acos_precise
_libm_sse2_sin_precise
ceil
_libm_sse2_cos_precise
__setusermatherr
_libm_sse2_sqrt_precise

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

365f72abd4b74e2b01a11862ccc78319

Headers

DLL Characteristics

File Characteristics

Imports

d3d9

kernel32

user32

shell32

msvcp140

imm32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 194KB - Virtual size: 194KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 194KB - Virtual size: 194KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 6KB - Virtual size: 6KB