Set-up[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Set-up.zip
Size

6.2MB
MD5

aa75412e9407d12743b217eeb5bcfde0
SHA1

7e2eb00b231ce9d6710f015e3892c9a3f232fb66
SHA256

f5ac259292d0d3452e2a17356a95db7139ab1d75ae21ac097dc898cb19e3fa41
SHA512

1c15a07ddaf53caafb8090f8caeddbe6ab0436db6a8a6a03b6c113fefcb6f0ef2a531953ac61acf391ed02d5770324603387a195420390adec22ce5f2d46b314
SSDEEP

196608:ZJAk6ISHf4NiKI6HjFjaBAxlLZOGKmQrOfL5W/:nXlsG1H0BilLZOaQrOi

Score

N/A

Malware Config

Signatures

Files

Set-up.zip
.zip
ColorSync.resources/Profiles/AdobeRGB1998.icc
ColorSync.resources/Profiles/BGR.icc
ColorSync.resources/Profiles/Black & White.icc
ColorSync.resources/Profiles/Blue Tone.icc
ColorSync.resources/Profiles/Camera RGB Profile.icc
ColorSync.resources/Profiles/Generic CMYK Profile.icc
ColorSync.resources/Profiles/Generic Gray Gamma 2.2 Profile.icc
ColorSync.resources/Profiles/Generic Gray Profile.icc
ColorSync.resources/Profiles/Generic Lab Profile.icc
ColorSync.resources/Profiles/Generic RGB Profile.icc
CoreFoundation.resources/CFCharacterSetBitmaps.bitmap
CoreFoundation.resources/CFUniCharPropertyDatabase.data
CoreFoundation.resources/CFUnicodeData-L.mapping
CoreFoundation.resources/Info.plist
.xml
CoreFoundation.resources/ar.lproj/Error.strings
CoreFoundation.resources/ca.lproj/Error.strings
CoreFoundation.resources/cs.lproj/Error.strings
CoreFoundation.resources/da.lproj/Error.strings
CoreFoundation.resources/de.lproj/Error.strings
CoreFoundation.resources/el.lproj/Error.strings
CoreFoundation.resources/en.lproj/Error.strings
CoreFoundation.resources/es.lproj/Error.strings
CoreFoundation.resources/es_419.lproj/Error.strings
CoreFoundation.resources/fi.lproj/Error.strings
CoreFoundation.resources/fr.lproj/Error.strings
CoreFoundation.resources/he.lproj/Error.strings
CoreFoundation.resources/hr.lproj/Error.strings
CoreFoundation.resources/hu.lproj/Error.strings
CoreFoundation.resources/id.lproj/Error.strings
CoreFoundation.resources/it.lproj/Error.strings
CoreFoundation.resources/ja.lproj/Error.strings
CoreFoundation.resources/ko.lproj/Error.strings
CoreFoundation.resources/ms.lproj/Error.strings
CoreFoundation.resources/nb.lproj/Error.strings
CoreFoundation.resources/nl.lproj/Error.strings
CoreFoundation.resources/pl.lproj/Error.strings
CoreFoundation.resources/pt.lproj/Error.strings
CoreFoundation.resources/pt_PT.lproj/Error.strings
CoreFoundation.resources/ro.lproj/Error.strings
CoreFoundation.resources/ru.lproj/Error.strings
CoreFoundation.resources/sk.lproj/Error.strings
CoreFoundation.resources/sv.lproj/Error.strings
CoreFoundation.resources/th.lproj/Error.strings
CoreFoundation.resources/tr.lproj/Error.strings
CoreFoundation.resources/uk.lproj/Error.strings
CoreFoundation.resources/vi.lproj/Error.strings
CoreFoundation.resources/zh_CN.lproj/Error.strings
CoreFoundation.resources/zh_TW.lproj/Error.strings
CoreMedia.resources/AVAssetExportPresets.plist
.xml
CoreMedia.resources/AVExportBitRate.plist
.xml
CoreMedia.resources/CoreMedia.icxs
CoreMedia.resources/Info.plist
.xml
CoreText.resources/DefaultFontFallbacks.plist
.xml
CoreText.resources/Info.plist
.xml
CoreText.resources/LastResort.ttf
Foundation.resources/Info.plist
.xml
Foundation.resources/en.lproj/Document.strings
Foundation.resources/en.lproj/EncodingNames.strings
Foundation.resources/en.lproj/Formatter.strings
Foundation.resources/en.lproj/FoundationErrors.strings
Foundation.resources/en.lproj/URL.strings
Set-up.exe
.exe windows x64

a134c70472750a73bd9faac2db8b0d3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteProcessMemory
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kbt0
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kbt1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kbt2
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a134c70472750a73bd9faac2db8b0d3a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: - Virtual size: 153KB

.rdata Size: - Virtual size: 75KB

.data Size: - Virtual size: 450KB

.pdata Size: - Virtual size: 8KB

_RDATA Size: - Virtual size: 348B

.kbt0 Size: - Virtual size: 3.2MB

.kbt1 Size: 2KB - Virtual size: 2KB

.kbt2 Size: 5.8MB - Virtual size: 5.8MB

.rsrc Size: 512B - Virtual size: 469B

.text
Size: - Virtual size: 153KB

.rdata
Size: - Virtual size: 75KB

.data
Size: - Virtual size: 450KB

.pdata
Size: - Virtual size: 8KB

_RDATA
Size: - Virtual size: 348B

.kbt0
Size: - Virtual size: 3.2MB

.kbt1
Size: 2KB - Virtual size: 2KB

.kbt2
Size: 5.8MB - Virtual size: 5.8MB

.rsrc
Size: 512B - Virtual size: 469B