oujunoshima[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

oujunoshima.exe
Size

2.0MB
MD5

1a9cfce9e76a610e241ba3654af9f80c
SHA1

3de77fa250f2b6589f81846591da1b4014b095c6
SHA256

99804566ff0966a3bce0206abb550d7060aa208350d3beeeca17f6898038284c
SHA512

3d0e9a75dcead224fd3cbcd3312d99271604a7e5c68c919d1c62eff21382c2e79eef9a91d32949683a3b5d1a016b7573101e586055f5ed2d13fd65b59130cf06
SSDEEP

24576:lM9rcoC6yzX6/CUy6Bps3ClBuaCE+iWDB/79d4mRY/I3zIBvAWnGZNBlgn6rqsX8:lPhY/Ig4qABlU3sX7OUZEg1KXkD7s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
oujunoshima.exe

Files

oujunoshima.exe
.exe windows:4 windows x86 arch:x86

f35c41d611700069d4124801badf964f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
RemoveDirectoryA
DeleteFileA
CopyFileA
CreateDirectoryA
GetFileAttributesA
GetModuleHandleA
GlobalMemoryStatus
FindNextFileA
GetWindowsDirectoryA
GetDiskFreeSpaceExA
GetVersionExA
GetTempFileNameA
SetThreadIdealProcessor
GetExitCodeProcess
MapViewOfFile
CreateFileMappingA
FormatMessageA
GetSystemDefaultLangID
GetUserDefaultLangID
GetSystemInfo
CreateEventA
InitializeCriticalSection
HeapAlloc
HeapReAlloc
HeapFree
GetFileType
CreateFileA
WriteFile
ExitProcess
TerminateProcess
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
ReadFile
SetFilePointer
ResumeThread
CreateThread
TlsSetValue
ExitThread
GetTimeZoneInformation
GetSystemTime
GetCurrentThreadId
GetCommandLineA
GetVersion
GetEnvironmentVariableA
lstrlenA
HeapCreate
VirtualFree
GlobalLock
IsBadWritePtr
RtlUnwind
SetStdHandle
SetEndOfFile
SetHandleCount
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsGetValue
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
FlushFileBuffers
RaiseException
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalAlloc
ResetEvent
WideCharToMultiByte
GetSystemDirectoryA
FindFirstFileA
FindClose
HeapDestroy
GlobalUnlock
OutputDebugStringA
GetStartupInfoA
GetFileSize
CreateFileW
InterlockedExchange
InterlockedCompareExchange
GetFullPathNameA
CreateProcessA
lstrcmpiA
IsProcessorFeaturePresent
GetProcessHeap
GetCurrentProcessId
SetUnhandledExceptionFilter
DeleteCriticalSection
GlobalFree
IsBadReadPtr
IsBadCodePtr
lstrcpyA
LoadLibraryA
GetProcAddress
WaitForMultipleObjects
FreeLibrary
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetModuleFileNameA
UnmapViewOfFile
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
SetEvent
SetCurrentDirectoryA
CreateMutexA
CloseHandle
Sleep
ReleaseMutex
VirtualAlloc
GetLastError

user32

GetClassNameA
SendMessageTimeoutA
IsWindowVisible
SetWindowPlacement
EnableWindow
SetFocus
GetDlgItem
SetWindowTextA
EndDialog
DialogBoxParamA
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetClientRect
UpdateWindow
MoveWindow
PostQuitMessage
SetWindowRgn
GetWindowPlacement
SetWindowPos
ChangeDisplaySettingsExA
EnumDisplaySettingsA
RegisterClassExA
SetWindowLongA
GetSystemMenu
GetWindowLongA
SetRect
AdjustWindowRectEx
OpenIcon
CreateIconIndirect
DestroyIcon
LoadCursorA
SetClassLongA
ClientToScreen
DrawMenuBar
InsertMenuItemA
CreateMenu
EnumWindows
ChangeDisplaySettingsA
SystemParametersInfoA
GetSystemMetrics
SetCursorPos
SetMenu
ShowCursor
DestroyMenu
DestroyWindow
LoadIconA
GetWindowRect
CreateWindowExA
RegisterClassA
FindWindowA
SetForegroundWindow
SetCursor
GetWindowTextA
DeleteMenu
DefWindowProcA
IsIconic
InvalidateRect
MessageBoxA
TrackPopupMenu
GetSubMenu
ShowWindow
PostMessageA
ScreenToClient
GetCursorPos
SetKeyboardState
GetKeyboardState
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
ReleaseDC
GetDC
SendMessageA

gdi32

GetDeviceCaps
SetStretchBltMode
GetObjectA
GetDIBits
ExtCreateRegion
CreateBitmap
CreateDIBSection
SetTextColor
SetBkMode
CreateFontIndirectA
SelectObject
CreateCompatibleDC
EnumFontFamiliesExA
CreateFontA
DeleteObject
DeleteDC
GetStockObject
StretchDIBits
TextOutA

shell32

DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
DragAcceptFiles
Shell_NotifyIconA
ShellExecuteExA
SHGetSpecialFolderPathA
FindExecutableA

advapi32

RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA

comdlg32

GetSaveFileNameA

comctl32

ord17

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize
GetRunningObjectTable

winmm

waveInGetDevCapsA
waveInGetNumDevs
waveOutGetDevCapsA
mciSendStringA
timeGetTime
timeGetDevCaps
timeEndPeriod
mmioStringToFOURCCA
mmioOpenA
waveOutGetNumDevs
mmioAscend
timeBeginPeriod
joyGetNumDevs
joyGetPosEx
mmioClose
mciSendCommandA
mmioDescend
mmioRead

msacm32

acmStreamClose
acmStreamUnprepareHeader
acmStreamConvert
acmStreamPrepareHeader
acmStreamSize
acmStreamOpen
acmFormatSuggest

imm32

ImmAssociateContext

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

d3d9

Direct3DCreate9

dsound

ord1

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f35c41d611700069d4124801badf964f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comdlg32

comctl32

ole32

winmm

msacm32

imm32

version

d3d9

dsound

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 117KB - Virtual size: 2.9MB

_RDATA Size: 26KB - Virtual size: 25KB

.data1 Size: 512B - Virtual size: 200B

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 282KB - Virtual size: 282KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 117KB - Virtual size: 2.9MB

_RDATA
Size: 26KB - Virtual size: 25KB

.data1
Size: 512B - Virtual size: 200B

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 282KB - Virtual size: 282KB