oxygen_u[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

oxygen_u.zip
Size

1.9MB
MD5

67f974f19b68b1d6285a6f4db760cd07
SHA1

19fa79d2a689bb52d009c86981ab4a85d8d617f5
SHA256

d0755ea9cff91d81ecdd88d9fde355438c88c023b0cb434501b40da2ab9f140f
SHA512

f5a8300fd317a5d23dd1f7e245b2a2998c6e3f6e20e62995114ce6bfaf69969811171c230385245f77511cdc5683f3366195b94be3ab4d68ffde6469cb722b59
SSDEEP

49152:puqR3ct6Q7hZPrcJeSwzrGGhXTDsyswtKvMBoJBn:pukAtN5AJeSwzrGwDsyswwUMBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/oxygen_u/OxygenU.exe

Files

oxygen_u.zip
.zip
oxygen_u/OxygenU.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ