Setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Setup.exe
Size

375.0MB
MD5

89b7a58ce22637f23481c689cf718047
SHA1

61025a27d17515aae0f863a730826210d5b3ee29
SHA256

c53f22e03e5bceb0cc65d3eb206ac9da987e9868d6330609fe727e7757128182
SHA512

5387aed83219ee7fe104f65ff9424ade560ed0ee110663c9a498f409e2e4129d9334d51ad3943b963aa217ded1a3c8c42a10104e67cefb3105fd2462075a6feb
SSDEEP

98304:EMMmzN7U33KqcEw1/5w534OodcpoHXKjBsk+rc2fDgaE4rTCGaD3Gs2Ly6caCC:EdmzxD/2pjrmKQrciDQ4rTnaDWDya

Score

N/A

Malware Config

Signatures

Files

Setup.exe
.exe windows x86

9bb6ea1d51266c0a44f32f065762ae5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

shell32

ShellExecuteA

crypt32

CryptStringToBinaryA

user32

GetProcessWindowStation
GetUserObjectInformationW

Sections

.text
Size: - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Ũ⋒Ủ
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ũ⋒Ủ
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ũ⋒Ủ
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

≜≝��
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

≜≝��
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

≜≝��
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bb6ea1d51266c0a44f32f065762ae5d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

crypt32

user32

Sections

.text Size: - Virtual size: 199KB

.rdata Size: - Virtual size: 51KB

.data Size: - Virtual size: 84KB

Ũ⋒Ủ Size: - Virtual size: 1KB

Ũ⋒Ủ Size: - Virtual size: 1.5MB

Ũ⋒Ủ Size: - Virtual size: 1.9MB

≜≝�� Size: - Virtual size: 1.7MB

≜≝�� Size: 512B - Virtual size: 508B

≜≝�� Size: 6.7MB - Virtual size: 6.7MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 47KB - Virtual size: 189KB

.text
Size: - Virtual size: 199KB

.rdata
Size: - Virtual size: 51KB

.data
Size: - Virtual size: 84KB

Ũ⋒Ủ
Size: - Virtual size: 1KB

Ũ⋒Ủ
Size: - Virtual size: 1.5MB

Ũ⋒Ủ
Size: - Virtual size: 1.9MB

≜≝��
Size: - Virtual size: 1.7MB

≜≝��
Size: 512B - Virtual size: 508B

≜≝��
Size: 6.7MB - Virtual size: 6.7MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 47KB - Virtual size: 189KB