OptiDroid V1[.]1[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

OptiDroid V1.1.exe
Size

386.7MB
MD5

0e32aa700f09123d863aeafd8f92640d
SHA1

13909150fc55b6f56a8207c6a01a14d38fa9de03
SHA256

f48ce452abdba695a6bfcbcf8acd213e78c2a435b6f11c2b1db08f6951994ca1
SHA512

ec6420d2747e4425682a33ce7ee9d22c88670905ea6fbf01b2e15b281324f3a6ea5866f8a292cedb9e8946aef077237117d853e1d784287ca768140b08c760aa
SSDEEP

6291456:O1V+nS1rA7qE3ift7mMf7zj39asBFgx09kr3QntwzM9gr2l6tSf4gs2iUY/Y4OLR:0onS158i5R9asjgGW9zM9gk6teOPL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
OptiDroid V1.1.exe

Files

OptiDroid V1.1.exe
.exe windows:5 windows x86 arch:x86

d28187e4492bece014f8eb3b83c53b75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceW
FindResourceExW
OutputDebugStringW
GetExitCodeProcess
CreateNamedPipeW
ConnectNamedPipe
ReadFile
WriteFile
DisconnectNamedPipe
CallNamedPipeW
WideCharToMultiByte
GetModuleHandleW
ResumeThread
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateFileW
GetTempFileNameW
MultiByteToWideChar
SetLastError
lstrcmpiW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
GetCurrentProcessId
GetCurrentThreadId
SetThreadPriority
GetTickCount
GetPrivateProfileStringA
GetPrivateProfileStringW
WritePrivateProfileStringA
WritePrivateProfileStringW
CreateMutexA
SetFileAttributesW
GetFileAttributesW
FreeResource
GetVersionExW
GlobalFree
GetCommandLineA
DecodePointer
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
IsBadReadPtr
DeleteFileW
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
LockResource
SizeofResource
GetLastError
LocalAlloc
GetModuleFileNameW
LocalFileTimeToFileTime
SystemTimeToFileTime
GetDiskFreeSpaceExW
lstrcpyW
SetEnvironmentVariableA
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
FlushFileBuffers
GetTimeZoneInformation
RaiseException
MoveFileExW
SetStdHandle
ReadConsoleW
GetConsoleCP
GetFileType
GetModuleHandleExW
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
UnhandledExceptionFilter
GetCPInfo
ExitThread
VirtualQuery
VirtualProtect
RtlUnwind
AreFileApisANSI
ExitProcess
EncodePointer
GetStringTypeW
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
IsDebuggerPresent
WaitForMultipleObjects
GlobalMemoryStatus
FileTimeToDosDateTime
GetSystemTimeAsFileTime
MoveFileW
RemoveDirectoryW
CreateDirectoryW
SetCurrentDirectoryW
SetFileTime
GetCurrentProcess
IsWow64Process
GetSystemInfo
LoadLibraryW
FreeLibrary
GetProcAddress
LoadLibraryExW
Process32NextW
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
GetCommandLineW
CreateProcessW
GetStartupInfoW
Sleep
TerminateProcess
SetEvent
CreateEventW
GetTempPathW
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
SetFilePointer
SetEndOfFile
GetFileSize
DeviceIoControl
GetFileInformationByHandle
SetConsoleMode
GetConsoleMode
FileTimeToSystemTime
CreateSemaphoreW
ReleaseSemaphore
ResetEvent
CompareFileTime
VirtualFree
VirtualAlloc
GetCurrentDirectoryW
GetConsoleScreenBufferInfo
SetFileApisToOEM
GetProcessTimes
SetConsoleCtrlHandler
FormatMessageW
LocalFree
OpenFileMappingW
OpenEventW
UnmapViewOfFile
MapViewOfFile
SetProcessAffinityMask
QueryPerformanceCounter
FileTimeToLocalFileTime
FindNextFileW
HeapDestroy
WaitForSingleObject
CreateThread
FindFirstFileW
GetModuleHandleA
GetLogicalDriveStringsW
FindClose
SetFilePointerEx
CloseHandle

user32

GetWindowRect
SetForegroundWindow
GetDC
SetWindowLongW
GetMessageW
DispatchMessageW
RegisterClassExW
DefWindowProcW
PeekMessageW
SetWindowPos
GetWindowLongW
ShowWindow
CharUpperW
EqualRect
InvalidateRect
CopyRect
CreateWindowExW
LoadMenuW
RegisterWindowMessageW
TrackPopupMenu
GetCursorPos
SetMenuDefaultItem
GetSubMenu
IsMenu
SetTimer
GetActiveWindow
RedrawWindow
PtInRect
DrawTextW
EndPaint
BeginPaint
KillTimer
MonitorFromWindow
GetMonitorInfoW
GetClientRect
LoadImageW
LoadCursorW
SetCursor
MapWindowPoints
ReleaseDC
PostQuitMessage
EnableWindow
GetDlgItem
SendMessageW
SetWindowTextW
IsDialogMessageW
SetPropA
CreateDialogParamW
UnregisterClassW
TranslateMessage
CharNextW
PostMessageW
IsIconic
GetPropA
GetDesktopWindow
GetWindow
FindWindowW
RemovePropA
IsWindow
EnumWindows
keybd_event
GetKeyboardState
GetWindowInfo
GetParent
GetWindowThreadProcessId
IsWindowVisible
MessageBoxW
GetSystemMetrics
DestroyWindow

gdi32

StretchBlt
SetTextColor
CreateDIBSection
GetStockObject
CreateFontIndirectW
GetObjectW
SetBkMode
CreateCompatibleDC
DeleteDC
DeleteObject
SetPixelFormat
ChoosePixelFormat
SelectObject

advapi32

RegQueryValueExW
SetFileSecurityW
GetFileSecurityW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
OpenProcessToken
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueW
SetEntriesInAclW
AllocateAndInitializeSid
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
RegFlushKey

shell32

SHChangeNotify
ShellExecuteExW
SHGetPathFromIDListW
Shell_NotifyIconW
SHBrowseForFolderW
CommandLineToArgvW
ord680
SHFileOperationW
SHCreateDirectoryExW
SHGetSpecialFolderLocation
SHGetFolderPathW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CreateStreamOnHGlobal

oleaut32

VariantClear
VariantCopy
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocString
VarUI4FromStr

shlwapi

PathIsDirectoryEmptyW
PathCombineW
PathIsRootW
PathRemoveFileSpecW
PathIsUNCW
PathFindFileNameW
PathIsNetworkPathW
PathIsNetworkPathA
PathIsDirectoryW
PathAddBackslashW
PathFileExistsW
PathAppendW
StrCpyW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

opengl32

wglMakeCurrent
wglDeleteContext
wglGetProcAddress
wglCreateContext

gdiplus

GdipCreateBitmapFromFileICM
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromResource
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromFile
GdipAlloc
GdiplusShutdown
GdipFree
GdiplusStartup

ws2_32

freeaddrinfo
WSAEventSelect
WSASetEvent
WSACreateEvent
WSARecv
WSAGetOverlappedResult
WSASend
WSAResetEvent
WSAEnumNetworkEvents
WSAConnect
WSAGetLastError
WSASocketW
WSACloseEvent
closesocket
getaddrinfo
WSASetLastError
WSAStartup
WSACleanup

winmm

timeEndPeriod
timeBeginPeriod

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 891KB - Virtual size: 890KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 385.5MB - Virtual size: 385.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d28187e4492bece014f8eb3b83c53b75

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

opengl32

gdiplus

ws2_32

winmm

version

iphlpapi

Sections

.text Size: 891KB - Virtual size: 890KB

.rdata Size: 229KB - Virtual size: 228KB

.data Size: 22KB - Virtual size: 61KB

.rsrc Size: 385.5MB - Virtual size: 385.5MB

.reloc Size: 38KB - Virtual size: 38KB

.text
Size: 891KB - Virtual size: 890KB

.rdata
Size: 229KB - Virtual size: 228KB

.data
Size: 22KB - Virtual size: 61KB

.rsrc
Size: 385.5MB - Virtual size: 385.5MB

.reloc
Size: 38KB - Virtual size: 38KB