Setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Setup.exe
Size

4.0MB
MD5

93e9a7b6faee87dca18870bc840ba761
SHA1

7a8ba598eb6a7567e475a2d4827cd28da8780c9d
SHA256

9f47198b35478784b38b1094f82d96cb6d50c3edc4a0139ac4ccd9e822c86feb
SHA512

4f9f84cbb01c1997f7e5c91d588401ce5a4157a589dab3339a34097227714d4116b3e349155e598e245ee7dfea132eec89ebead2546ef0b3da5eb630280f24c0
SSDEEP

98304:U39zUF9aNgo9hfm3pBsdNhDYbSNkH3jNHtJ1DTzY0Djgz9Q:UxUOgulCzsZDYtXjNNrXcz9Q

Score

N/A

Malware Config

Signatures

Files

Setup.exe
.exe windows x86

80a65fa6dfd5f90a19614fd9f581e0bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualProtect
FindFirstFileW
LocalAlloc
GetProcessHeap
FindNextFileW
ExitProcess
SetEndOfFile
CreateFileW
CreateFileA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
EncodePointer
DecodePointer
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetLastError
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
LCMapStringW
GetCPInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
GetModuleHandleW
WriteFile
GetStdHandle
GetModuleFileNameW
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
ReadFile
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetLocaleInfoW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
LoadLibraryW
SetStdHandle
WriteConsoleW
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

Sections

.text
Size: - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.--- 0
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.--- 1
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.--- 2
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 215KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80a65fa6dfd5f90a19614fd9f581e0bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: - Virtual size: 206KB

.rdata Size: - Virtual size: 57KB

.data Size: - Virtual size: 84KB

.--- 0 Size: - Virtual size: 1.7MB

.--- 1 Size: 1024B - Virtual size: 744B

.--- 2 Size: 3.8MB - Virtual size: 3.8MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 215KB - Virtual size: 281KB

.text
Size: - Virtual size: 206KB

.rdata
Size: - Virtual size: 57KB

.data
Size: - Virtual size: 84KB

.--- 0
Size: - Virtual size: 1.7MB

.--- 1
Size: 1024B - Virtual size: 744B

.--- 2
Size: 3.8MB - Virtual size: 3.8MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 215KB - Virtual size: 281KB