insаll v2[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

insаll v2.exe
Size

10.5MB
MD5

5c0afbca811c360d1e95a2092f6fcd7b
SHA1

0fcf5bc4f4eafa3ae4cae1a4e3b3f75f8595e7ed
SHA256

80d06b18ff7f8da4af3d9ae12e941d20cf521b530d63fa75dfe5a4dd2d56ca14
SHA512

9ae3e019a51a4a0e4c316283d93c2dc8f526b3ef41a82940fe31b5e7768f49cdec971a539ed0176db209cd24ff64097e14be61c7e798370abfb7235ac9a91c8c
SSDEEP

24576:BYunfjgQk4EtvEA2GEwSorowHrxvY5FffV2Pvle1+s7pyVGlJITZG3HjI2nuDkIU:Hfj3O8A9xLebMdXMI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
insаll v2.exe

Files

insаll v2.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

`*c<>
Size: 871KB - Virtual size: 870KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ