Static task
static1
General
-
Target
WishyApp.exe
-
Size
5.6MB
-
MD5
595228f56e151803e2f365968263aab6
-
SHA1
d92ce91f028e5942e3012ba669ee0d46287de3b7
-
SHA256
5f74e62d204662faef64758c5d8a798e343c07af0650356fdd6bebc93a20a463
-
SHA512
012bd1fff14858a9065ee15ac4732e43f2d8ec7d595719d2614c5bdab27ef2c4ecbe2dc85daff4eda5c4e470367aab53f25e5b5e566a5cfac0bf3130fbe4b427
-
SSDEEP
98304:hw34L9OecICm/YoCQVTvqZb8+/fbYfwsWJKZwLevWRScCHwnON:hxAICm/YoCC2b85g0Ge1cCQnK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource WishyApp.exe
Files
-
WishyApp.exe.exe windows:6 windows x86 arch:x86
17203bb31391e949a5e953092bd8d6f7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualAlloc
VirtualFree
VirtualProtect
FreeLibrary
GetProcAddress
lstrlenA
LoadLibraryA
IsBadReadPtr
GetThreadLocale
IsProcessorFeaturePresent
GetVersion
GetSystemDirectoryW
GetModuleHandleA
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventA
ResumeThread
SetThreadAffinityMask
CreateSemaphoreA
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GlobalLock
GlobalUnlock
GetModuleFileNameA
GetModuleFileNameW
LoadLibraryExA
LoadLibraryW
LocalFree
FormatMessageA
FormatMessageW
SetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrentDirectoryW
CreateDirectoryA
CreateDirectoryW
CreateFileW
DeleteFileA
DeleteFileW
RemoveDirectoryA
RemoveDirectoryW
SetFileAttributesA
SetFileAttributesW
SetFileTime
GetTempPathW
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetSystemDirectoryA
GetWindowsDirectoryA
GetWindowsDirectoryW
GetModuleHandleW
GetTempPathA
MoveFileA
MoveFileW
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetLogicalDriveStringsW
GetLogicalDriveStringsA
CreateFileA
GetFileSize
GetNativeSystemInfo
SetEndOfFile
SetFilePointer
WriteFile
GlobalAlloc
GlobalReAlloc
GlobalFree
CompareFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalSize
GetCurrentProcess
GetSystemInfo
GlobalMemoryStatus
GetProcessAffinityMask
GetStdHandle
Sleep
SetPriorityClass
WaitForMultipleObjects
GetCommandLineW
GetVersionExA
lstrlenW
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapSize
SetStdHandle
GetFileType
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
DecodePointer
GetOEMCP
IsValidCodePage
FindFirstFileExA
LCMapStringW
GetStringTypeW
HeapReAlloc
GetACP
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
RaiseException
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcessHeap
HeapFree
HeapAlloc
SetLastError
ReadFile
GetLastError
user32
SetClipboardData
CloseClipboard
CharUpperW
CharUpperA
EmptyClipboard
IsClipboardFormatAvailable
OpenClipboard
LoadIconA
LoadCursorA
SetCursor
KillTimer
SetTimer
IsDlgButtonChecked
CheckDlgButton
InvalidateRect
EnableWindow
GetKeyState
GetFocus
SetFocus
EndDialog
PostMessageA
MessageBoxW
CharPrevExA
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
SetWindowTextW
SetWindowTextA
CreateWindowExW
RegisterClassW
RegisterClassA
RegisterClipboardFormatA
LoadStringW
LoadStringA
SetWindowLongW
CreateWindowExA
CallWindowProcW
CallWindowProcA
GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoA
MapDialogRect
GetParent
SetWindowLongA
GetWindowLongA
GetWindowRect
GetDialogBaseUnits
GetDlgItem
DialogBoxParamW
DialogBoxParamA
CreateDialogParamW
CreateDialogParamA
MoveWindow
ShowWindow
SendMessageW
SendMessageA
ScreenToClient
comdlg32
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetSaveFileNameW
shell32
SHBrowseForFolderA
SHGetDesktopFolder
CommandLineToArgvW
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ole32
CoCreateInstance
ReleaseStgMedium
CoInitialize
CoTaskMemFree
CoUninitialize
OleInitialize
oleaut32
VariantCopy
VariantClear
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
Sections
.text Size: 399KB - Virtual size: 399KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 272B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ