WMSMoible[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

WMSMoible.exe
Size

180KB
MD5

b3be28edb12ec39cf2307bbd013d44f5
SHA1

85f3946cc64c46d5398da574c0303b428cae3ea2
SHA256

3cb338f64baaea84249d32c4318571f669af6eae0b984c6b5e8becc4204d3753
SHA512

f32a29af4c95ce28e8a5d02004688437938b0ab0ad52cd6feb41a6fad25e765203446c1b4ed9adc909a8295b678045428e789d4efbdda3cfe16753f2886772b5
SSDEEP

1536:RbkojcOtJue82K57bNTNBfjENVDAE+K3daerS22v+vivC43jKpLRFEPStDladymQ:Rbk0cOtJO7x4ASgmU+qKUjKbKPSk6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
WMSMoible.exe

Files

WMSMoible.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ