INSTALL[.]EXE | Triage

Resubmissions

19/04/2023, 21:40

230419-1h8qxsde95 7

19/04/2023, 21:37

230419-1gnz5ade86 7

19/04/2023, 21:35

230419-1fk7vade79 7

Sharing

Copy URL Twitter E-mail

General

Target

INSTALL.EXE
Size

725KB
MD5

032c68f594eeae9f05bb66e899211cbe
SHA1

1e68f1303f259faf2558297bbc713ae74f5ba496
SHA256

415ca98f93629abefcfb3bc050859f4bc2ccf7e71dafc6a204a4371d0947ca5f
SHA512

f580402f35c86d7f4d16d7a664eac3234a7612f0e6077d888d046b6b4be3594f376e942216e0c2a843ef16c1427e9c847ac1f2c01e5a6fb45a7e518d03389c46
SSDEEP

12288:3R1vQH6Pdt2gD8tTDYupKMNvC9EAEpJdmm+kz5xUNDXfrgxSLPZVzZUE:B1IaPd9D6T7phNO4Jsm+eqOOnUE

Score

1^/10

Malware Config

Signatures

Files

INSTALL.EXE
.exe windows x86

0903b3a06ce5226066510fc3baf02b2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

mpr

WNetGetUniversalNameW
WNetEnumResourceW
WNetCloseEnum
WNetOpenEnumW

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchangeAdd
InterlockedIncrement
GetLastError
LoadLibraryW
GetFileInformationByHandle
GetLogicalDriveStringsW
GetVolumeInformationW
CloseHandle
WriteFile
ReadFile
SetFilePointer
LockFile
LockFileEx
UnlockFile
UnlockFileEx
FlushFileBuffers
SetEndOfFile
SetFileValidData
SetErrorMode
SetFileTime
SetLastError
GetFileTime
SystemTimeToFileTime
FileTimeToSystemTime
CreateFileW
Sleep
DeleteFileW
GetFileAttributesW
CreateDirectoryW
RemoveDirectoryW
FindFirstFileW
FindClose
SetFileAttributesW
FindFirstFileExW
FindNextFileW
GetTempPathW
GetCurrentDirectoryW
GetTempFileNameW
GetFullPathNameW
GetDriveTypeW
QueryDosDeviceW
FileTimeToLocalFileTime
FreeLibrary
LocalFree
GetModuleFileNameW
CompareStringW
CompareStringA
GetPrivateProfileStringW
GetTimeZoneInformation
GetVersionExW
GetCurrentProcess
CreateProcessW
LCMapStringW
GetPrivateProfileIntW
SetEnvironmentVariableW
GetExitCodeProcess
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
SetStdHandle
WriteConsoleW
HeapReAlloc
DecodePointer
GetStringTypeW
HeapAlloc
HeapFree
GetACP
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
GetStdHandle
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
LockResource
LoadResource
FindResourceW
FormatMessageW
GetProcAddress
GetModuleHandleW
HeapSize
GetConsoleCP
GetConsoleMode
SetFilePointerEx
OpenProcess
RtlUnwind
RaiseException
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent

user32

GetDlgItemTextW
IsDlgButtonChecked
CheckDlgButton
GetDlgItem
SetDlgItemTextW
SetWindowPos
GetParent
DialogBoxParamW
EndDialog
IsWindow
SendDlgItemMessageW
CharUpperW
SetWindowTextW
LoadStringW
SendMessageW
ReleaseDC
DrawTextW
FillRect
GetDC
DestroyWindow
UpdateWindow
ShowWindow
GetClientRect
GetSystemMetrics
CreateWindowExW
RegisterClassW
GetSysColor
LoadIconW
DefWindowProcW
MessageBoxW

gdi32

GetStockObject
SelectObject
SetROP2
SetTextColor
SetBkMode
CreateSolidBrush
DeleteObject

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
ShellExecuteW

ole32

OleInitialize

Exports

Exports

CommandeComposante

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

0903b3a06ce5226066510fc3baf02b2f

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

mpr

kernel32

user32

gdi32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 91KB - Virtual size: 90KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 91KB - Virtual size: 90KB

.reloc
Size: 8KB - Virtual size: 8KB