The title of this post is not a secret message and I am not intoxicated.
UVWATAUAVAWH happens to be the most popular string extracted from all .exe, .dll and .sys OS files on my 64-bit Windows. The string is so popular and at the same time suspicious that if you google it you will find people theorizing about it having something to do with BSODs / being a part of some internal ZeroAccess secret language.
If you convert the characters into hex:
you will get a string of bytes like these:
55 56 57 41 54 41 55 41 56 41 57 48
and these can be also represented as opcodes:
U - push rbp
V - push rsi
W - push rdi
AT - push r12
AU - push r13
AV - push r14
AW - push r15
H - part of sub rsp, xxx opcode
The sequence is a very typical prologue for functions (64-bit code) – so typical that it is all over the place together with its variants (see below); the ‘vowelized’ properties of these strings remind me an interesting paper about shellcodes that look like English text.
UVWATAUAVAWH WATAUH WATAUAVAWH SUVWATAUAVAWH SUVWATH VWATAUAVH SUVWATAUH ATAUAVH USVWATAUAVAWH UVWATAUH SUVWATAUAVH SVWATAUAVAWH USVWATH USVWATAUH USVWATAUAVH VWATAUAVAWH WAVAWH ATAUAVAWH VWATAUAWH WATAVH UVWATAUAVH