CreateInterface
Static task
static1
Behavioral task
behavioral1
Sample
OGX Reborn v1.4.1/OGX-Reborn-v1.4.1.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
OGX Reborn v1.4.1/OGX-Reborn-v1.4.1.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
OGX Reborn v1.4.1/OGX-Reborn-v1.4.1.exe
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
OGX Reborn v1.4.1/OGX-Reborn-v1.4.1.exe
Resource
win10v2004-20231222-en
General
-
Target
1381a02f0b175485721a47fa074eb9ad
-
Size
636KB
-
MD5
1381a02f0b175485721a47fa074eb9ad
-
SHA1
c1bd764c822d752763610efc7b930f5945bcbd0c
-
SHA256
6aca84906fbb1371dff396018316052234a9500c6d88e16088ee78422135554a
-
SHA512
0e2b0d42e5e761085e484066569846c304aea7b90b2e548fb2258b46591c71568016139d3fdac007f88bac679391025d1532ed3eb9a07ac7b6a2e84e2887a59f
-
SSDEEP
12288:Zdip7w/lfKJWe4fHe7Ll3Pb3cZSmkLDvYJi066FbCohPXXWdYs9HAwEOk1Iee:+ps/luWe0e7Ll3DsQmkLrYk06nuu59Hj
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/OGX Reborn v1.4.1/OGX-Reborn-v1.4.1.dll unpack001/OGX Reborn v1.4.1/OGX-Reborn-v1.4.1.exe
Files
-
1381a02f0b175485721a47fa074eb9ad.zip
-
OGX Reborn v1.4.1/Mini.ttf
-
OGX Reborn v1.4.1/OGX-Reborn-v1.4.1.dll.dll windows:4 windows x86 arch:x86
493141694356c92395ae8635601a4615
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
winmm
timeGetTime
kernel32
lstrcmpA
LoadLibraryA
IsBadReadPtr
Sleep
GetModuleFileNameA
VirtualQueryEx
VirtualQuery
GetModuleHandleA
SetEndOfFile
CreateFileA
GetLocaleInfoW
ReadFile
SetStdHandle
GetProcAddress
VirtualProtect
ReadProcessMemory
RaiseException
GetOEMCP
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsBadCodePtr
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetSystemInfo
CloseHandle
SetFilePointer
FlushFileBuffers
WriteFile
IsBadWritePtr
VirtualAlloc
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
FlushInstructionCache
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
LCMapStringA
MultiByteToWideChar
GetLastError
LCMapStringW
GetCPInfo
ExitProcess
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
user32
SetCursorPos
GetAsyncKeyState
gdi32
SelectObject
GetTextExtentPointA
DeleteObject
CreateFontA
opengl32
glGetBooleanv
glVertex2i
glColor3ub
glRasterPos2i
glHint
glPushAttrib
glListBase
glCallLists
glPopAttrib
wglGetCurrentDC
glGenLists
wglUseFontBitmapsA
glPushMatrix
glLoadIdentity
glVertex2f
glPopMatrix
glColor3f
glGetFloatv
glColor4f
glTexEnvi
glPolygonMode
glViewport
glClearColor
glClear
glDisable
glEnable
glBlendFunc
glLineWidth
glColor4ub
glBegin
glVertex3fv
glEnd
Exports
Exports
Sections
.text Size: 196KB - Virtual size: 192KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
OGX Reborn v1.4.1/OGX-Reborn-v1.4.1.exe.exe windows:4 windows x86 arch:x86
0b3b13dd895fdf372c92e50bba47b027
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Process32Next
Process32First
CreateToolhelp32Snapshot
Thread32Next
Thread32First
FindFirstFileA
CloseHandle
ResumeThread
TerminateProcess
SuspendThread
OpenProcess
Sleep
ExitProcess
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GlobalFree
ReadProcessMemory
GlobalAlloc
SetThreadContext
WriteProcessMemory
VirtualProtectEx
GetThreadContext
GetExitCodeThread
WaitForSingleObject
CreateRemoteThread
GetVersion
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
GetSystemInfo
user32
EndDialog
GetDlgItemTextA
MessageBoxA
GetAsyncKeyState
DialogBoxParamA
Sections
.text Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
OGX Reborn v1.4.1/binds.cfg
-
OGX Reborn v1.4.1/colors.cfg
-
OGX Reborn v1.4.1/colors/black_orange.cfg
-
OGX Reborn v1.4.1/colors/black_red.cfg
-
OGX Reborn v1.4.1/colors/grasshopper.cfg
-
OGX Reborn v1.4.1/colors/grey_orange.cfg
-
OGX Reborn v1.4.1/colors/lightblue_orange.cfg
-
OGX Reborn v1.4.1/colors/lightblue_white.cfg
-
OGX Reborn v1.4.1/colors/pink.cfg
-
OGX Reborn v1.4.1/colors/readme_colors.txt
-
OGX Reborn v1.4.1/colors/steam.cfg
-
OGX Reborn v1.4.1/colors/xbox.cfg
-
OGX Reborn v1.4.1/config.cfg
-
OGX Reborn v1.4.1/cvars.cfg
-
OGX Reborn v1.4.1/menu.txt
-
OGX Reborn v1.4.1/readme.txt
-
OGX Reborn v1.4.1/vecs.cfg