General

Malware Config

Signatures

Files

• Setup_File.exe

  .exe windows x86

  619ea37bdfbff7e675af72540c0fc653

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LoadLibraryA

  GetSystemTimeAsFileTime

  LocalAlloc

  LocalFree

  GetModuleFileNameW

  ExitProcess

  LoadLibraryA

  GetModuleHandleA

  GetProcAddress

  ole32

  CoInitialize

  user32

  CharUpperBuffW

  Exports

  Exports

  +������{��;kr0m�8�AK��k�x4d�Ȳ��?�ge+����,u���ƕ=�N�G���dB��";�n<Q00��n���\��f��c��8�@���G}�^�c ��X�B�r����~W���5�ެ���N��[��bl�R�*T�L�Z���,F�-Sn��3sV~w�Lݽm9��G
  �C8P�u��>���&�Kq�������L����]H)is�`�k���wpqZ��(;��B{�ש�S��Gc����&�+�B��ky.��ߟ.�)�s��KaA,3sb«��OU���$�T0ZPXsxD�x� z���Ŕ�.W���\Ύd]�cx�:�B�F����Y����8���"��_ �tj?7��}�Ą�������l�Py/���V���U,!/yKQ��p�Y�[�G o�����N���:�m yd��"Q0�B��8�17��B�*:h�6$����ʤ�<I� .���KG�3F�tA�ZZ�;<�q�������F�r�h�iV�"����Nwx�Ӝ#ެ4��� �dU�ɍ�A�I'��5Z�KM��J6�ێ�O��\[-�86�.��ͨ��ëne��~�#M�o�!�δE*�B��%g}U�j).��\��T�c~&�,�!B��f<��������}�)KA9������i��Dz�$3zʧ"<R�����å_Xނ�t�%V9�6�z�L���B2�+>�)�a��~�b�B�������׼�6OP�N��[���[��*�V��y�w������b�� ڔ�X:�я�t�Ͱ�0�mUg��~��qo<ci��w�~O����{�ZhQ�]���Q�5�R��rs1-����V8pU7��1�sv�*�{���D:�;D�i��/D������qQ�<����H��MN�M~/dz(� Kc�(��d��4�����
  /�� ��A�cOl��$m����CT� �E��j�A� s\ ��-_L�2t�8�A+E���Y���<4C�HM��Y"o�7�� ��������EF�Z_�|$�1?'�|HSU��:ao{O�L�J���/<�@a�������bV~�������y��9M��zpmm|�/���(V�gA͑f�nY{ۿ��9���4�����}O��RxcT �#�y��NN��҅�q�� sN��l?��,��7���j��|�e9d���a��}��j���u}���I��Gf�E��%(�}�Q}`�mX:��Y7����2��i�$w��!�ٗ%��] �-������95����Qh �9mn��.�+\.�������QQCqDFb���[��h�4� [�qD�v%񈰢Ϧ�x��[�P�T��zu��)��-�pEk� q����f_�<,-m�KK$7�j�#������.��wne�TwP��S���B*�b5w��L���;�̦������`��v �e.�9��ؠ&�,��@HQ��WR:���E�}μO:�C"�k�3�)~"0*K�b>O��1> � G��=�B��L|߸�>f/c�O�#��}O9(�ds�Q!4M6*�BP�����;�%��c���vȺZ� /(��M `x��w~��(b��r���Ɨ�P��En��$�? W�ޥB���ê������EY�n�U�?\};�"Er�˓����|]C2 p<\�D9�+nU�Gj��9���FT=�AG�{\�����<�|�dG
  ��u͞Ӳ� h_A�'�3`�~����������P;dM:;�P�u�"5
  #֟C���bJ�7�H�f��$lWu7�&��+m��J y ȱ�h��p�VTz���g�9�$sT��*�Тux.N�T������̢(ߋ�N�\fR�7c����o������K {��]������`��Dɫl�*p+����r5G�]yfI�p��r RVZ;��փ�踅�t���MNu훙�{#�^�}��q��2і��BaB���Ǩxjv�↔��亂$gɝߥM������H�����KJi�KK64�:r���ID3��6<Q�+��s�P�/ u���ɑ9�s���*��/�f pѤ9�M1R��>_����1a �G
  ���0 |E障L��.�k�){��U~q� A���d����^��UѼ�N[ˆ�F�u�ɷ�>�=�u[��������o(²; �33'�-qAˊ����)�`�"����c}E-�ۗ�T��yg��Hd��O*D��B-�T�-U�R :�i����J��ʙ%T������ ̪<@�g㤄�gz�����B��<;�p3?��jp����������=_�֠�u�J�x��$A\�Ģ�i_ㄆ�o�򬂑7r�w��ˎ�>TG�� Ш���/}ߠ��0�!{�W��=}������" ;Bp��+L�6]�U�!�G�5_�|L1��32%`����>������Ѝ5����]2����]�0��ǵ�Hѽ*>b�������ɂ�͉(b/���-d{�Jo���h�'�DEk�1k,W'�/���wp�ܭ�~刨3�H���S" um)(�d�3K贤Y�=�K���^q��K9׉*8ʉ-�t��W�jO���i8z��X1�VqP�v��bk�0����der8o��b���:Bn�}g�o���i8���jb��<���XavlcV����7z@�Y��I,3_���I_K�:�v����VRB�;���g����f\{��QI1C8\�m�CvQ��br*�*�T�J�����p38>�b����ĸm��j3Ł���7ۺ��P��dX0�إn�I�������&@hX���W���ەڞ7��8�}m�?�!��MT�ԅ���8�Q�^�KG������ȹc�-�O�ޚr�ס�b�X̀��3p����{Fu�h17R_4/K�P�1��q���ݭk����|�=��t�����B��(�����U[v2��]z#t��(5���{DA�'�YcI6ڕw=�<J7�d��\ ن���[l�/�T��"����:�������l�#i�]��d}���0`B!0l�u�
  ���H����"���nDO#���_豶9����hnjB)c���N`F�$�O�m#�U��g��F�=����ʣH�l=K9'詤

  Sections

  .text

  Size: - Virtual size: 91KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .x@6

  Size: - Virtual size: 11.5MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .wzN

  Size: 1024B - Virtual size: 876B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .^zJ

  Size: 13.9MB - Virtual size: 13.9MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 86KB - Virtual size: 85KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ