AppSetup[.]rar | Triage

Submit
Reports

Overview

overview

Static

static

AppSetup.rar

windows7-x64

3

AppSetup.rar

windows10-2004-x64

3

AppSetup.exe

windows7-x64

AppSetup.exe

windows10-2004-x64

9

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

AppSetup.rar

Resource

win7-20221111-en

windows7-x64

8 signatures

300 seconds

Behavioral task

behavioral2

Sample

AppSetup.rar

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

300 seconds

Behavioral task

behavioral3

Sample

AppSetup.exe

Resource

win7-20220812-en

vidar 754 bootkit evasion persistence spyware stealer trojan

windows7-x64

14 signatures

300 seconds

Behavioral task

behavioral4

Sample

AppSetup.exe

Resource

win10v2004-20221111-en

bootkit evasion persistence trojan

windows10-2004-x64

8 signatures

300 seconds

General

Target

AppSetup.rar
Size

5.6MB
MD5

3320baa8777b655d4be63fb56a35f875
SHA1

9f1f90e1ab9feb0396f4e7d921d56a97b527ffb4
SHA256

2f626154e982310a3efc265a8c279dea6c857dac99a96ae698cd797f9dcac174
SHA512

69a542eabe263575e56f51902213d024786e62f117943ad724d86c54a54d02d299a4c0f77fced040b435e24fc8f18dd87c3869c7b02bd512acc2db29d7a9e5ee
SSDEEP

98304:yiJu9vxyWDY0NXBn7bv4ML50l30EZFZNAAKv64rOtMKzsfB1lKIBFty:yl9pyKlNx7bv4ML50xnFZqAKv64r4I1m

Score

N/A

Malware Config

Signatures

Files

AppSetup.rar
.rar

Password: 2023
About/Readme.txt
AppSetup.exe
.exe windows x64

Password: 2023

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 615KB - Virtual size: 616KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 9KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.winlice
Size: - Virtual size: 9.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Readme.txt

© 2018-2024

Terms | Privacy