octux[.]exe[.]bin

Resubmissions

10-10-2024 00:33

241010-awkyxaxgql 7

10-10-2024 00:32

241010-avpkpsxgpj 7

Sharing

Copy URL

Twitter E-mail

General

Target

octux.exe.bin
Size

257KB
MD5

226c7a3371a4918c6ac24ab9f31b5d96
SHA1

93f055fe1d199a8f68df2a7992fc35a855158dee
SHA256

6f5a124dc74f6727682da26a964ba87d1f63fbb951b291b756ce3c3cfe783dc8
SHA512

c4814fff195efc0478aa1c145cb061c4d92c8edfa3c53923842283d0f4503a27516461098814c3cc09e44e744b2347f4530c9ecff9d735f8f26a03844f5f0398
SSDEEP

6144:RFgVGD5gxCLWTAgCfWCCE9+2r0AOOYZTT:48gkGAgQjT3gMMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
octux.exe.bin

Files

octux.exe.bin
.exe windows:5 windows x86 arch:x86

c6971b8ffe6ea217a1c47a178402ba28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
CreateDirectoryA
GetVolumeInformationA
WriteProcessMemory
VirtualAlloc
ResumeThread
GetModuleHandleA
VirtualProtectEx
CloseHandle
GetProcAddress
VirtualAllocEx
ReadProcessMemory
CreateProcessA
SetThreadContext
GetSystemWow64DirectoryA
WideCharToMultiByte
GetComputerNameA
GetLastError
CopyFileA
Sleep
CreateMutexA
GetEnvironmentVariableA
GetModuleFileNameW
InterlockedDecrement
GetThreadContext
GetModuleFileNameA
SetEndOfFile
HeapSize
CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
LocalFree
SetEvent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
GetCurrentProcess
TerminateProcess
RaiseException
RtlUnwind
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
HeapAlloc
HeapReAlloc
HeapFree
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
GetProcessHeap

advapi32

GetUserNameA
FreeSid
CheckTokenMembership
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
AllocateAndInitializeSid

ole32

CoUninitialize
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoCreateInstance

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit

wininet

InternetOpenUrlA
InternetOpenW
InternetCloseHandle
HttpSendRequestA
InternetReadFile
HttpOpenRequestA
InternetConnectA

netapi32

NetApiBufferFree
NetGetJoinInformation

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

c6971b8ffe6ea217a1c47a178402ba28

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

wininet

netapi32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 61KB - Virtual size: 61KB

.data Size: 4KB - Virtual size: 7KB

.gfids Size: 1024B - Virtual size: 612B

.tls Size: 512B - Virtual size: 9B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 61KB - Virtual size: 61KB

.data
Size: 4KB - Virtual size: 7KB

.gfids
Size: 1024B - Virtual size: 612B

.tls
Size: 512B - Virtual size: 9B

.reloc
Size: 9KB - Virtual size: 8KB