setup3[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

setup3.exe
Size

1.2MB
MD5

aff30c5e7fb20c0942236d7dad9ada25
SHA1

eec1f6fe2928d6e62ab52401d362e0786c617a8b
SHA256

8d30e5ef4ac0fd3b249af6af394a17b1251671478533f989f4051e467428a7d5
SHA512

772d29505e19ec994d789a8fa0b33be3c76f9ccf04d398d143b6a9af75fb455c07e0048ff8cab91bd472c6824b0b82d92b844b7adfb171e3b2c6a5626f908b54
SSDEEP

24576:9KXg+xx9wiL/Zp/GPVzd/Mk/0FwgiiPtRbZxqMfx:y9w+X/GPxh0FwQ1vYMfx

Score

N/A

Malware Config

Signatures

Files

setup3.exe
.exe windows x86

2eca8f83bbee2f11ca833570183c37f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
WideCharToMultiByte
GlobalMemoryStatusEx
lstrcpyW
SetHandleInformation
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
InterlockedCompareExchange
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
SetLastError
GetCurrentThread
GetThreadTimes
QueryPerformanceFrequency
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
SetEvent
ResetEvent
IsDebuggerPresent
GetStartupInfoW
CreateThread
FreeLibraryAndExitThread
LoadLibraryExW
DuplicateHandle
InterlockedPushEntrySList
ReadConsoleW
RtlUnwind
RaiseException
CreateProcessW
ExitThread
GetModuleHandleExW
GetStdHandle
GetModuleFileNameA
ExitProcess
GetACP
CreatePipe
GetFileType
GetTimeZoneInformation
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW

Sections

.text
Size: 999KB - Virtual size: 998KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2eca8f83bbee2f11ca833570183c37f1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 999KB - Virtual size: 998KB

.rdata Size: 157KB - Virtual size: 157KB

.data Size: 18KB - Virtual size: 31KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 38KB - Virtual size: 38KB

.text
Size: 999KB - Virtual size: 998KB

.rdata
Size: 157KB - Virtual size: 157KB

.data
Size: 18KB - Virtual size: 31KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 38KB - Virtual size: 38KB