oovCMaker[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

oovCMaker.exe
Size

381KB
MD5

cac7d76697b1c4c25abd592d3601b725
SHA1

8ab34aaa4923bfda8fbe8bd4d3dffa948a352e03
SHA256

201261accd85b4feac5e6b466110c8dbdfc0583188899dca10f8f03252a6ad44
SHA512

5892cb4d5b8a2b77739280afba9de81f4843426ace215d3c42081e28e04d6879e7f376bb4e70cba83f0ca2027c263162d092abbb93eba1e01f39d4193340ccfa
SSDEEP

6144:AjrG9EhmrYjs3TcPFd8e+pdTTkiCSNKfVAEWE4fHWe0zaUc6cVu:A2EhmrYjs3giTTRcNyfxs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
oovCMaker.exe

Files

oovCMaker.exe
.exe windows:4 windows x86

c91308675003b1000448e8d3ded5fe64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libgcc_s_dw2-1

_Unwind_Resume
__deregister_frame_info
__divdi3
__register_frame_info
__udivdi3
__umoddi3

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_chsize
_close
_errno
_fileno
_fmode
_fstat
_getcwd
_initterm
_iob
_lock
_lseek
_mkdir
_onexit
_read
_sopen
_stat
_unlink
_unlock
_write
abort
atoi
calloc
exit
fclose
ferror
fflush
fgets
fopen
fprintf
fputc
fputs
free
fseek
ftell
fwrite
getc
getenv
isalpha
islower
isspace
isupper
localeconv
isxdigit
malloc
memcmp
memcpy
realloc
rename
rewind
setlocale
signal
strchr
strerror
strlen
strncmp
strtoul
strtol
tolower
toupper
ungetc
vfprintf
wcslen

libstdc++-6

_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEPKcjj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEcj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE5rfindEcj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7compareEPKc
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7compareEjjPKc
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7compareEjjRKS4_
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7compareEjjRKS4_jj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_replaceEjjPKcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12_M_constructEjc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE14_M_replace_auxEjjjc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4swapERS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6appendEPKc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6assignEPKc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6resizeEjc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7reserveEj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE8_M_eraseEjj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_appendEPKcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERjj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_mutateEjjPKcj
_ZSt17__throw_bad_allocv
_ZSt18_Rb_tree_decrementPSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPKSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPSt18_Rb_tree_node_base
_ZSt19__throw_logic_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt29_Rb_tree_insert_and_rebalancebPSt18_Rb_tree_node_baseS0_RS_
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZdlPv
_Znwj
__cxa_begin_catch
__cxa_end_catch
__cxa_guard_acquire
__cxa_guard_release
__cxa_pure_virtual
__cxa_rethrow
__gxx_personality_v0

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 512B - Virtual size: 137B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 512B - Virtual size: 297B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c91308675003b1000448e8d3ded5fe64

Headers

File Characteristics

Imports

libgcc_s_dw2-1

kernel32

msvcrt

libstdc++-6

Sections

.text Size: 235KB - Virtual size: 235KB

.data Size: 512B - Virtual size: 188B

.rdata Size: 14KB - Virtual size: 13KB

/4 Size: 26KB - Virtual size: 25KB

.bss Size: - Virtual size: 3KB

.idata Size: 5KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

/14 Size: 512B - Virtual size: 56B

/29 Size: 3KB - Virtual size: 3KB

/41 Size: 512B - Virtual size: 137B

/55 Size: 512B - Virtual size: 297B

/67 Size: 512B - Virtual size: 56B

.text
Size: 235KB - Virtual size: 235KB

.data
Size: 512B - Virtual size: 188B

.rdata
Size: 14KB - Virtual size: 13KB

/4
Size: 26KB - Virtual size: 25KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 5KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

/14
Size: 512B - Virtual size: 56B

/29
Size: 3KB - Virtual size: 3KB

/41
Size: 512B - Virtual size: 137B

/55
Size: 512B - Virtual size: 297B

/67
Size: 512B - Virtual size: 56B