Static task
static1
General
-
Target
WeMod Portable.exe
-
Size
171KB
-
MD5
b822ab0ddc77a25513dad600b0b77d76
-
SHA1
3e91689db4c503ec88d4dc9d6bf89754fd7efaf3
-
SHA256
6cc12e7f0987aec0e5dda98aa9da53ee17ee15db7f56bb65c4b8f23ca4a55e4b
-
SHA512
fa7de3a2a70fa66c18df805f91f7bb63438075713501a24ed08881c3c336071939befa79656a879e5a24fbffcd559f680d59874c13fbbf670c4b90da5409e0c7
-
SSDEEP
3072:z5qwpiHWOCi7P8iFcms1Ev1smNFulAhma5IZl1hxuM+sIuERwpSS/1ApdOuPsOCE:lqwpiHWOCiP8iFcms1c1smNFulAhma5n
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource WeMod Portable.exe
Files
-
WeMod Portable.exe.exe windows:4 windows x64 arch:x64
a2335a5575f185cdc0dee69d84d2ea32
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
msvcrt
memset
wcsncmp
_wcsnicmp
wcsncpy
_wcsdup
free
wcsstr
memmove
wcslen
wcscpy
wcscat
wcscmp
strlen
strcpy
strcat
memcmp
_stricmp
memcpy
_localtime64
_mktime64
_itow
_wtoi
_gmtime64
malloc
_vsnwprintf
kernel32
GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
GetCurrentProcessId
GetCurrentProcess
SetProcessWorkingSetSize
GetStartupInfoW
CreateProcessW
WaitForSingleObject
GetWindowsDirectoryW
ExpandEnvironmentStringsW
CreateMutexW
GetLastError
GetVersionExA
Sleep
HeapAlloc
HeapFree
WideCharToMultiByte
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentThreadId
CloseHandle
InitializeCriticalSection
GetEnvironmentVariableW
SetEnvironmentVariableW
GetModuleFileNameW
GetCommandLineW
DuplicateHandle
CreatePipe
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
PeekNamedPipe
ReadFile
HeapReAlloc
CreateFileW
SetFilePointer
SetEndOfFile
WriteFile
GetFileSize
MultiByteToWideChar
GetTempPathW
GetDriveTypeW
FindFirstFileW
FindClose
GetFileAttributesW
FindNextFileW
SetFileAttributesW
SetCurrentDirectoryW
DeleteFileW
CopyFileW
CreateDirectoryW
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetLocalTime
AllocConsole
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
SetConsoleTitleW
GlobalAlloc
GlobalLock
GlobalUnlock
user32
MessageBoxW
SystemParametersInfoW
GetDesktopWindow
GetWindow
GetWindowTextLengthW
GetWindowTextW
CharUpperW
CharLowerW
EnableWindow
DefWindowProcW
GetWindowLongPtrW
DestroyWindow
UnregisterClassW
LoadIconW
LoadCursorW
RegisterClassExW
IsWindowEnabled
GetSystemMetrics
CreateWindowExW
SetWindowLongPtrW
SendMessageW
SetFocus
CreateAcceleratorTableW
SetForegroundWindow
BringWindowToTop
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
PostMessageW
GetWindowThreadProcessId
IsWindowVisible
GetWindowLongPtrA
GetForegroundWindow
EnumWindows
SetWindowPos
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClipboardData
advapi32
OpenSCManagerW
CloseServiceHandle
RegOpenKeyExW
RegOpenKeyW
RegConnectRegistryW
RegEnumValueW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW
shell32
ShellExecuteW
ShellExecuteExW
winmm
timeBeginPeriod
ole32
CoInitialize
CoTaskMemFree
shlwapi
PathMatchSpecW
wininet
InternetGetConnectedState
gdi32
GetStockObject
comdlg32
GetSaveFileNameW
GetOpenFileNameW
comctl32
InitCommonControlsEx
Sections
.code Size: 83KB - Virtual size: 82KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.text Size: 45KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 22KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ