Setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Setup.exe
Size

413.5MB
MD5

528eceece319b83cb85de86006ddb808
SHA1

1feda4b282161ba5fd74d4e78b827d6e71a1e5b8
SHA256

440141a60183459dbfdb2d08872e49dfa9190aa33c68de98b987fd733e79a965
SHA512

13215474a4a21d741383c2d0af35c999718f80efe5725b65380d53f2f1ed6ac8051cba6ddfdcfc90cec5091a92b8259633a94f082bcad9e8367e1cbf224fcda6
SSDEEP

12288:gL3729ro6st371A7ItkxaKMR0sWKyNFgKBoXOS/4HxweqMCjrHAQF+yhXFVqKvAC:I4Y3vm8HYagHFFh+qmddfd/DMmLUG

Score

N/A

Malware Config

Signatures

Files

Setup.exe
.exe windows x64

Code Sign

61:21:04:92:a4:3d:6c:80:46:47:f0:63:cf:1d:45:99
Certificate

Issuer

CN=Canon 12-35mm f\\/5.0L RF IS USM

Not Before

22/12/2022, 14:17

Not After

23/12/2032, 14:17

Subject

CN=Canon 12-35mm f\\/5.0L RF IS USM

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b7:12:46:89:71:59:10:38:b8:ab:9c:48:66:5a:64:8e:11:1a:70:c3:ef:ff:9b:d9:ed:37:e9:09:95:6f:fa:ed
Signer

Actual PE Digest

b7:12:46:89:71:59:10:38:b8:ab:9c:48:66:5a:64:8e:11:1a:70:c3:ef:ff:9b:d9:ed:37:e9:09:95:6f:fa:ed

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Canon 12-35mm f\\/5.0L RF IS USM

15/12/2022, 13:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

61:21:04:92:a4:3d:6c:80:46:47:f0:63:cf:1d:45:99Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

b7:12:46:89:71:59:10:38:b8:ab:9c:48:66:5a:64:8e:11:1a:70:c3:ef:ff:9b:d9:ed:37:e9:09:95:6f:fa:edSigner

Signature Validations

Verification

15/12/2022, 13:59 Valid: false

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 97KB - Virtual size: 97KB

61:21:04:92:a4:3d:6c:80:46:47:f0:63:cf:1d:45:99
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

b7:12:46:89:71:59:10:38:b8:ab:9c:48:66:5a:64:8e:11:1a:70:c3:ef:ff:9b:d9:ed:37:e9:09:95:6f:fa:ed
Signer

15/12/2022, 13:59
Valid: false

.text
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 97KB - Virtual size: 97KB