omniaim[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

omniaim.exe
Size

1.7MB
MD5

67093fe197091bc584afcbbf1f948799
SHA1

6d8162d7e100fcd5f3c65729bf6bb863c2ae8697
SHA256

204e57d27551c9b692b03769d97807b7b16f987af94d4089fc29b1b81ff0e62c
SHA512

fdfbf469ac383d6a4360df20b94443da799f554ef3e549bfc6bbc1239de6fca9ea36a9d2c52bc26d46c9d2865fcffeb2b80043207d1d33ec7154e65f3156838f
SSDEEP

24576:hbRuPFHKpSXSIvicpPMDoBxNSibLulAdBnKv53mTvk/GEi8byHfro2Ef1TXJrUoQ:dRuVLScvk/GEZbyj3w1Tq8nx6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
omniaim.exe

Files

omniaim.exe
.exe windows:6 windows x64 arch:x64

1e0004657863dac0df4159fdd4cfbbd4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ich\Omniaim\target\release\deps\omniaim.pdb

Imports

bcrypt

BCryptGenRandom

advapi32

SystemFunction036

kernel32

GetModuleFileNameW
LoadLibraryExW
GetModuleHandleW
LoadLibraryW
FormatMessageW
WaitForSingleObject
HeapAlloc
GetLastError
FreeLibrary
LoadLibraryExA
HeapFree
GetProcessHeap
SetConsoleMode
GetConsoleMode
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
Module32NextW
ReadProcessMemory
OpenProcess
Process32NextW
LoadLibraryA
CreateToolhelp32Snapshot
GetCurrentThreadId
CloseHandle
InitializeSListHead
SetThreadErrorMode
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateMutexA
WaitForSingleObjectEx
GetSystemTimeAsFileTime
GetCurrentThread
TryAcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetProcAddress
CreateThread
Sleep
GetModuleHandleA
WriteConsoleW
AddVectoredExceptionHandler
SetThreadStackGuarantee
SwitchToThread
CreateWaitableTimerExW
SetWaitableTimer
QueryPerformanceCounter
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
GetCurrentProcess
MultiByteToWideChar
SetFileInformationByHandle
IsProcessorFeaturePresent
GetFullPathNameW
ExitProcess
GetStdHandle
GetCurrentProcessId
TerminateProcess
QueryPerformanceFrequency
HeapReAlloc
AcquireSRWLockShared
ReleaseSRWLockShared
ReleaseMutex
CreateFileW
GetFileInformationByHandle
GetFileInformationByHandleEx

user32

GetForegroundWindow
SetWindowDisplayAffinity
GetMonitorInfoW
MonitorFromWindow
GetCursorPos
SetCursor
LoadCursorW
MonitorFromRect
SetClassLongPtrW
SetWindowPos
InvalidateRgn
IsProcessDPIAware
GetSystemMetrics
RegisterClassExW
CloseTouchInputHandle
CreateWindowExW
GetTouchInputInfo
DestroyIcon
GetWindowRect
ShowCursor
ClipCursor
GetClipCursor
GetActiveWindow
AdjustWindowRectEx
GetMenu
GetWindowLongW
ShowWindow
SetWindowLongW
SendMessageW
GetRawInputData
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
ReleaseCapture
SetCapture
SetForegroundWindow
MsgWaitForMultipleObjectsEx
MapVirtualKeyA
RegisterRawInputDevices
GetMessageW
RegisterWindowMessageA
TrackMouseEvent
DestroyWindow
GetClassInfoExW
GetClassNameW
ScreenToClient
DefWindowProcW
RedrawWindow
CallNextHookEx
SetWindowsHookExW
MapVirtualKeyW
GetKeyState
GetUpdateRect
PeekMessageW
PostThreadMessageW
ValidateRect
SetWindowLongPtrW
PostMessageW
SetCursorPos
GetDC
ClientToScreen
GetClientRect
IsWindow
FindWindowW
SendInput
SystemParametersInfoA
SetWindowPlacement
GetWindowPlacement
ChangeDisplaySettingsExW
GetWindowLongPtrW
DispatchMessageW
TranslateMessage
RegisterTouchWindow

ole32

CoInitializeEx
RegisterDragDrop
OleInitialize
CoUninitialize
CoCreateInstance
RevokeDragDrop

opengl32

wglMakeCurrent
wglGetCurrentContext
wglGetCurrentDC
wglDeleteContext
wglCreateContext
wglGetProcAddress
wglShareLists

gdi32

CreateRectRgn
GetDeviceCaps
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
DeleteObject
GetPixelFormat
SwapBuffers

dwmapi

DwmEnableBlurBehindWindow

oleaut32

SysFreeString
SysStringLen
GetErrorInfo

winmm

timeBeginPeriod
timeGetDevCaps
timeEndPeriod

shell32

DragFinish
DragQueryFileW

uxtheme

SetWindowTheme

imm32

ImmGetContext
ImmGetCompositionStringW
ImmReleaseContext
ImmAssociateContextEx

ntdll

RtlNtStatusToDosError
NtWriteFile
NtReadFile

vcruntime140

__current_exception
memchr
__current_exception_context
memmove
__C_specific_handler
_CxxThrowException
memcmp
memset
__CxxFrameHandler3
strstr
memcpy

api-ms-win-crt-math-l1-1-0

powf
fmodf
cosf
truncf
atanf
log
sinf
logf
sqrtf
pow
atan2f
floor
trunc
ceilf
tanf
round
__setusermatherr
acosf

api-ms-win-crt-string-l1-1-0

strncpy
strcmp
strlen
strncmp

api-ms-win-crt-runtime-l1-1-0

_initterm
_initialize_narrow_environment
_configure_narrow_argv
_initterm_e
_set_app_type
_seh_filter_exe
exit
_exit
__p___argc
_wassert
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_get_initial_narrow_environment
_cexit

api-ms-win-crt-stdio-l1-1-0

fopen
__stdio_common_vsscanf
__stdio_common_vfprintf
fflush
fread
fseek
_set_fmode
__p__commode
fclose
__acrt_iob_func
__stdio_common_vsprintf
fwrite
ftell

api-ms-win-crt-heap-l1-1-0

free
malloc
_set_new_mode

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e0004657863dac0df4159fdd4cfbbd4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bcrypt

advapi32

kernel32

user32

ole32

opengl32

gdi32

dwmapi

oleaut32

winmm

shell32

uxtheme

imm32

ntdll

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 348KB - Virtual size: 347KB

.data Size: 2KB - Virtual size: 48KB

.pdata Size: 51KB - Virtual size: 50KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 348KB - Virtual size: 347KB

.data
Size: 2KB - Virtual size: 48KB

.pdata
Size: 51KB - Virtual size: 50KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 5KB - Virtual size: 4KB