wiatwain_JC[.]ds | Triage

Sharing

Copy URL Twitter E-mail

General

Target

wiatwain_JC.ds
Size

7KB
MD5

66cf5b19f1824a71af0faf541869061d
SHA1

02ec6ef7b0ff3d31228cf876d67eeb9dcd06cf01
SHA256

1fb128ee21cb684c65165b4f8c001c38f57cd3ef49af9d4c9a0eba71fb27d017
SHA512

ab53cc7fd4f6e130dee88b2f8169471135d472c29606a542fe61e46cd77e310dc50f6239aeae4798a5d85dfe277905773e9740c3d8e8509579bde97c07fb266f
SSDEEP

96:JpNkdYWxBSEYEX/4z36Nx1gLWQ8xTdAz7tl1EW+gWwG4I9:JpNk3BSBEP+QQAxTdAzJMW+gW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
wiatwain_JC.ds

Files

wiatwain_JC.ds
.dll windows x86

e0bd3263fd5ea99b1d0c2f6f5194cc24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_except_handler4_common
_XcptFilter
_initterm
malloc
free
_amsg_exit

kernel32

Sleep
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ