omniaim_[unknowncheats[.]me]_[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

omniaim_[unknowncheats.me]_.exe
Size

1.5MB
MD5

4c4000f636d6ae717b705612832dfd05
SHA1

5febb8078fa38043640f87d226cf3c25d706ad65
SHA256

9db95f13249f006a9e235479cb44fab005f5e907c5ff596028a53c47b715da3b
SHA512

30fa4f581648f99a7cb458a6e810da09010a90095e89da1320735b05d1c47d9acb8c81896a203a90dcd91c878d7ba2bc46206b3420e3ad9317337e9b1c6b3bfe
SSDEEP

24576:bOiQL+SpmvZo75fgypsBek6eU90o02VdsafhGc0uB+AIxQxSD2nAEf:wKsFsBv6eU908VdphGlukb6nA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
omniaim_[unknowncheats.me]_.exe

Files

omniaim_[unknowncheats.me]_.exe
.exe windows:6 windows x64 arch:x64

1c1639421fac9f956d7a6244e5c79b15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ich\Omniaim\target\release\deps\omniaim.pdb

Imports

user32

GetKeyboardLayout
GetKeyboardState
ReleaseCapture
SetCapture
SetWindowLongW
ShowWindow
RegisterRawInputDevices
RegisterWindowMessageA
GetWindowLongW
GetMenu
GetRawInputData
ToUnicodeEx
GetClassInfoExW
GetClassNameW
GetActiveWindow
GetClipCursor
ClipCursor
CallNextHookEx
SetWindowsHookExW
SetWindowLongPtrW
ShowCursor
GetWindowRect
AdjustWindowRectEx
SendMessageW
SystemParametersInfoA
SetCursorPos
MsgWaitForMultipleObjectsEx
GetDC
ClientToScreen
GetClientRect
IsWindow
FindWindowW
DestroyIcon
RegisterTouchWindow
GetSystemMetrics
SendInput
SetWindowPlacement
GetWindowPlacement
ChangeDisplaySettingsExW
GetMessageW
CreateWindowExW
RegisterClassExW
MapVirtualKeyA
GetWindowLongPtrW
DispatchMessageW
TranslateMessage
SetForegroundWindow
InvalidateRgn
SetWindowDisplayAffinity
GetForegroundWindow
SetClassLongPtrW
IsProcessDPIAware
SetWindowPos
GetMonitorInfoW
MonitorFromWindow
GetCursorPos
SetCursor
LoadCursorW
MonitorFromRect
CloseTouchInputHandle
GetTouchInputInfo
TrackMouseEvent
DestroyWindow
ScreenToClient
MapVirtualKeyW
PostMessageW
DefWindowProcW
RedrawWindow
GetUpdateRect
PeekMessageW
PostThreadMessageW
ValidateRect
GetKeyState

ole32

RegisterDragDrop
CoCreateInstance
CoUninitialize
RevokeDragDrop
OleInitialize
CoInitializeEx

kernel32

UnhandledExceptionFilter
CreateMutexA
WaitForSingleObjectEx
SetThreadErrorMode
WaitForSingleObject
TryAcquireSRWLockExclusive
GetSystemTimeAsFileTime
GetCurrentThread
CreateThread
WriteConsoleW
MultiByteToWideChar
LoadLibraryA
IsDebuggerPresent
LoadLibraryExW
GetFullPathNameW
ExitProcess
Module32NextW
FormatMessageW
GetCurrentThreadId
GetModuleHandleW
SetUnhandledExceptionFilter
LoadLibraryW
ReadProcessMemory
GetFileType
Sleep
GetModuleHandleA
InitializeSListHead
OpenProcess
AddVectoredExceptionHandler
SetThreadStackGuarantee
SwitchToThread
CreateWaitableTimerExW
SetWaitableTimer
QueryPerformanceCounter
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
GetCurrentProcess
Process32NextW
CreateToolhelp32Snapshot
HeapAlloc
GetStdHandle
GetConsoleMode
GetLastError
CloseHandle
FreeLibrary
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetProcAddress
LoadLibraryExA
HeapFree
GetCurrentProcessId
GetProcessHeap
TerminateProcess
QueryPerformanceFrequency
GetModuleFileNameW
HeapReAlloc
AcquireSRWLockShared
ReleaseSRWLockShared
ReleaseMutex
CreateFileW
GetFileInformationByHandle
GetFileInformationByHandleEx
IsProcessorFeaturePresent

opengl32

wglShareLists
wglGetCurrentDC
wglCreateContext
wglGetProcAddress
wglGetCurrentContext
wglMakeCurrent
wglDeleteContext

gdi32

SwapBuffers
SetPixelFormat
DescribePixelFormat
DeleteObject
CreateRectRgn
GetPixelFormat
GetDeviceCaps
ChoosePixelFormat

dwmapi

DwmEnableBlurBehindWindow

bcrypt

BCryptGenRandom

advapi32

SystemFunction036

oleaut32

GetErrorInfo
SysFreeString
SysStringLen

winmm

timeEndPeriod
timeGetDevCaps
timeBeginPeriod

shell32

DragQueryFileW
DragFinish

uxtheme

SetWindowTheme

imm32

ImmAssociateContextEx
ImmReleaseContext
ImmGetContext
ImmGetCompositionStringW

ntdll

NtReadFile
NtWriteFile
RtlNtStatusToDosError

vcruntime140

memset
__current_exception
__C_specific_handler
_CxxThrowException
__current_exception_context
memchr
__CxxFrameHandler3
strstr
memmove
memcpy
memcmp

api-ms-win-crt-math-l1-1-0

trunc
atan2f
floor
fmodf
atanf
sqrtf
pow
logf
truncf
tanf
log
acosf
cosf
sinf
powf
round
ceilf
__setusermatherr

api-ms-win-crt-string-l1-1-0

strlen
strcmp
strncpy
strncmp

api-ms-win-crt-runtime-l1-1-0

_get_initial_narrow_environment
_initterm
_initterm_e
exit
_initialize_narrow_environment
_exit
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_crt_atexit
_register_onexit_function
_initialize_onexit_table
terminate
_seh_filter_exe
_set_app_type
_wassert
_configure_narrow_argv
__p___argc

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
fopen
fread
__stdio_common_vsscanf
fseek
fflush
__p__commode
_set_fmode
__stdio_common_vsprintf
ftell
__stdio_common_vfprintf
fclose
fwrite

api-ms-win-crt-heap-l1-1-0

free
malloc
_set_new_mode

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c1639421fac9f956d7a6244e5c79b15

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

ole32

kernel32

opengl32

gdi32

dwmapi

bcrypt

advapi32

oleaut32

winmm

shell32

uxtheme

imm32

ntdll

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 336KB - Virtual size: 336KB

.data Size: 2KB - Virtual size: 48KB

.pdata Size: 48KB - Virtual size: 48KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 336KB - Virtual size: 336KB

.data
Size: 2KB - Virtual size: 48KB

.pdata
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 4KB