SpotifyInstaller[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SpotifyInstaller.exe
Size

905KB
MD5

e7a12c9060da69e7d67253a91db02e22
SHA1

ea7ca8b95f6b1c79d4b7efeb6fe6c71ac581e990
SHA256

af56dead22b6e7c4b7da2ba58d1fd896a71fe52cd96a958abb856a2ae7bc17f7
SHA512

5e5a1e8d3d8cb0538b50c46ccccfed7777e2d1d946e7db479c89237ec3ee49b3c4a865f0fb2cf00dc92837be9ec9042c32459b192aa6c91318fde8dc29ee28e1
SSDEEP

12288:EnjR8WwB4YmWnH2F5RxhNoJ//8PCOxVKrXSNFOkHbTOB:EjR8WwiYmVxhNoJ/EHVKTAOk2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SpotifyInstaller.exe

Files

SpotifyInstaller.exe
.exe windows x86

bcc0aaf1ea3ca0a8c5d466c0b3d6f4fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

advapi32

RegOpenKeyExW
OpenProcessToken
GetTokenInformation
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW

ntdll

RtlUnwind
VerSetConditionMask

shell32

SHGetFolderPathW
SHChangeNotify
ShellExecuteW

kernel32

LoadLibraryExW
FreeLibrary
VirtualQuery
VirtualProtect
GetCommandLineW
CreateFileW
WriteFile
CloseHandle
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
CreateMutexW
OpenMutexW
Sleep
GetCurrentProcess
GetExitCodeProcess
CreateProcessW
GetLocalTime
LoadLibraryExA
VerifyVersionInfoW
CompareStringW
MultiByteToWideChar
WideCharToMultiByte
SetEvent
CreateEventW
CreateThread
GetTickCount
GetModuleHandleW
GetLocaleInfoA
GetUserDefaultUILanguage
MapViewOfFile
UnmapViewOfFile
OpenMutexA
CreateFileMappingA
OpenFileMappingA
LocalFree
GetProcAddress
LoadLibraryW
TerminateProcess
OpenProcess
GetModuleFileNameW
CreateDirectoryW
DeleteFileW
GetFileAttributesW
MoveFileExW
GetCurrentProcessId
DeleteCriticalSection
FormatMessageA
FormatMessageW
FindClose
FindFirstFileW
FindNextFileW
AreFileApisANSI
FlushFileBuffers
GetFileAttributesExW
GetFileInformationByHandle
SetEndOfFile
SetFilePointerEx
DeviceIoControl
GetCurrentThreadId
GetSystemTimeAsFileTime
GetStdHandle
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
SetLastError
CreateFileA
GetFileSize
SetFilePointer
GetSystemInfo
MapViewOfFileEx
GetModuleHandleA
TlsFree
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
HeapReAlloc
ReadConsoleW
GetFileSizeEx
TlsSetValue
ReadFile
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetFileType
ResetEvent
HeapAlloc
HeapFree
ExitProcess
GetLocaleInfoEx
FindFirstFileExW
SetFileInformationByHandle
CopyFileW
GetFileInformationByHandleEx
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
InitOnceBeginInitialize
InitOnceComplete
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
QueryPerformanceCounter
GetStringTypeW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RaiseException
TlsAlloc
TlsGetValue
GetModuleHandleExW

user32

ReleaseDC
GetDC
GetSystemMetrics
GetWindowThreadProcessId
SendMessageTimeoutA
FindWindowA
LoadIconW
LoadCursorW
GetWindowLongW
MessageBoxW
AdjustWindowRect
SetTimer
GetActiveWindow
SetWindowLongW
GetDlgItem
ShowWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
PostMessageW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
wsprintfA
SetDlgItemTextW

gdi32

GetStockObject
GetDeviceCaps

ole32

CoCreateInstance
CoInitializeEx

Sections

.text
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcc0aaf1ea3ca0a8c5d466c0b3d6f4fb

Headers

File Characteristics

Imports

comctl32

advapi32

ntdll

shell32

kernel32

user32

gdi32

ole32

Sections

.text Size: 427KB - Virtual size: 426KB

.rdata Size: 396KB - Virtual size: 396KB

.data Size: 24KB - Virtual size: 29KB

.rsrc Size: 56KB - Virtual size: 56KB

.text
Size: 427KB - Virtual size: 426KB

.rdata
Size: 396KB - Virtual size: 396KB

.data
Size: 24KB - Virtual size: 29KB

.rsrc
Size: 56KB - Virtual size: 56KB