instnm[.]exe | Triage

General

Target

instnm.exe
Size

8KB
MD5

faa8c00e3c6576b8a13cd488ff892421
SHA1

1f96d565e4381a119a0917a7a08a9d2473d16e9e
SHA256

2dfb3766406cc5e931de9f08d7e336e72cd5ce33aa8036cd017ae46c76114808
SHA512

feaa3781c9437e2b720c99b665e2ca26cdc063b859bf5fdb245b4f52b83ba2a6ef52758b41475b58171b9daaa6f038899616bbaacf3a7d70439d9326c7acd4aa
SSDEEP

96:RHthVYhm/uEp2keirJDGj4fDVHOEMsff/gEW7lIXuWwHBesb:f78m/rItS5NMC/ZWa+WgBeg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
instnm.exe

Files

instnm.exe
.exe windows x86

34ef1d42eb1da272f024f086ee53f0d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler4_common
_controlfp
__setusermatherr
?terminate@@YAXXZ
_initterm
_XcptFilter
__p__fmode
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__p__commode

setupapi

SetupScanFileQueueA
SetupOpenInfFileW
SetupTermDefaultQueueCallback
SetupCommitFileQueueA
SetupCloseFileQueue
SetupCloseInfFile
SetupOpenAppendInfFileW
SetupInstallFilesFromInfSectionW
SetupInitDefaultQueueCallbackEx
SetupOpenFileQueue
SetupInstallFromInfSectionW
SetupDefaultQueueCallbackW

kernel32

GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
Sleep
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34ef1d42eb1da272f024f086ee53f0d2

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

setupapi

kernel32

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 880B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 332B

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 880B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 332B