wmpconfig[.]exe

General

Target

wmpconfig.exe
Size

102KB
MD5

975e6535cfc8215efc3319bea5c0b3aa
SHA1

6a0b781fa30af784ddf95359474b1f7c507359af
SHA256

17e046df922f5d2f91c9b2431edced70952c150e75008370ad3d6a975970184f
SHA512

f685978b9fa13f67920f8b1b2fb7f82fcdb44d627b199fab9454f528036b26fa2045a019b6ee9a64fc4a5f47c866ef8320fce2e6146f6ff69f8039a461960327
SSDEEP

1536:aFNugZ+hhuKL8lkQRrkcm464OBbYL53GJr95WAxJnolVz:yugohYkQr0jeLwJr95rJo3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
wmpconfig.exe

Files

wmpconfig.exe
.exe windows:10 windows x64 arch:x64

0fe27e5c660843e76910737378f61f5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

wmpconfig.pdb

Imports

kernel32

LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
GetStartupInfoW
Sleep
TerminateProcess

msvcrt

_commode
?terminate@@YAXXZ
_XcptFilter
_amsg_exit
_fmode
_wcmdln
__C_specific_handler
_initterm
__setusermatherr
_cexit
_exit
exit
__set_app_type
__wgetmainargs

ole32

CoInitializeEx
CoUninitialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

0fe27e5c660843e76910737378f61f5b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

ole32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 204B

.rsrc Size: 93KB - Virtual size: 93KB

.reloc Size: 512B - Virtual size: 32B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 204B

.rsrc
Size: 93KB - Virtual size: 93KB

.reloc
Size: 512B - Virtual size: 32B