SETUP_patched[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SETUP_patched.zip
Size

37KB
MD5

694d8a75438f560ce088dc031d7b83fe
SHA1

7770a91836daf067d8a4a6a2ca2af83feb741719
SHA256

64e095b13e95e9a2d53f160ca6ebaf38ea64c94826e8aa60cca81aca3265a302
SHA512

345d02b9360561d02a41ffeee0e77a1081447c326c9064b9c8a540e2d7968e09a3ed6df5cc5604ddda62c0a78e0a1803f216848119b4b33b9d068266ad2d4e26
SSDEEP

768:JujQdWLRFzvWChZymwV1cZ9V0igPmNTcqO1Tj19gap9dFVfJdjlbrVq:JuMduTvhwmYcZ9raYTcqO1nX5fdbBdjO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SETUP_patched.malz

Files

SETUP_patched.zip
.zip
SETUP_patched.malz
.exe windows x86

c2e4487f461edff82f81a902e3e4f0b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
memset
strlen
malloc
strtok_s
atexit
memcmp

kernel32

lstrcatA
lstrlenA
GetCurrentProcessId

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ