wmighost[.]exe

General

Target

wmighost.exe
Size

20KB
MD5

0df40b226a4913a57668b83b7c7b443c
SHA1

81b26dfabd1094678a21a016dc2692f67c6cde03
SHA256

a6ff8dfe654da70390cd71626cdca8a6f6a0d7980cd7d82269373737b04fd206
SHA512

dc7872cf2d8e370f4c0f88c6a5b0ad8f4bca883f134bcd46609f059de34d1f0327114a56111dba449630428ba026bc7c3a5320b74ccb9d9bbdb2fe53699901d2
SSDEEP

384:ltJ8FWfDSt3YHc51GW9qs7Uso0503kdVi7:j+hYHAGW9h7Vi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
wmighost.exe

Files

wmighost.exe
.exe windows:4 windows x86 arch:x86

8812ff21aeb160e8800257140acae54b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
InitializeCriticalSection
DeleteCriticalSection
OutputDebugStringA
LeaveCriticalSection
CloseHandle
SetFileTime
SystemTimeToFileTime
GetSystemTime
WriteFile
SetFilePointer
CreateFileA
GetSystemDirectoryA
EnterCriticalSection
GetFileAttributesA
MultiByteToWideChar
InterlockedDecrement
Sleep
WaitForSingleObject
CreateProcessA
MoveFileA
GetTempPathA
GetModuleFileNameA
GetStartupInfoA
GetModuleHandleA
LocalFree

msvcrt

_beginthread
malloc
strcpy
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??1type_info@@UAE@XZ
_CxxThrowException
memset
__CxxFrameHandler
??2@YAPAXI@Z
_vsnprintf
_strtime
sprintf
strcat
strlen
??3@YAXPAX@Z

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString
GetErrorInfo

msvcp60

??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8812ff21aeb160e8800257140acae54b

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

oleaut32

msvcp60

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 5KB