StartSetup_20221[.]exe

Resubmissions

02-07-2023 09:04

230702-k1y2facb9x 7

02-07-2023 08:58

230702-kw5y7abb23 7

Sharing

Copy URL

Twitter E-mail

General

Target

StartSetup_20221.exe
Size

18.4MB
MD5

75940e4f81cb53b42a360a99b8e3d28d
SHA1

99c645179e44bfa80114055ce4268e7ed1f34d7b
SHA256

96fa171c087fcbac6811c01f023e88d4eee8ccc16a1ed29f4ad364785666b671
SHA512

e115e632749498f6a3de7b3b2062bd0fab81a6fb19c652c0ccd53d8809804122d1a19e57da1d68945c0d3ddbcfc8354eedb4e2d64c8844f1b13b913b0cbab908
SSDEEP

393216:gbKii/SuEdN3EZIMGQosDeM4yTpEFgG7DrhtIQ:gWB/LWMCkSFgG7D1tL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
StartSetup_20221.exe

Files

StartSetup_20221.exe
.exe windows x86

4d8ec92bd7543a0d078d704e2567c712

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

timeGetTime

comctl32

ImageList_Add
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_GetIcon
InitializeFlatSB
ImageList_Draw
ImageList_Destroy
ImageList_SetBkColor
ImageList_DragEnter
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
FlatSB_SetScrollInfo
ImageList_DrawIndirect
ImageList_DrawEx
FlatSB_GetScrollInfo
FlatSB_SetScrollPos
ImageList_Write
FlatSB_GetScrollPos
ImageList_GetIconSize
_TrackMouseEvent
ImageList_SetImageCount
ImageList_Remove
ImageList_Create
ImageList_GetBkColor
ImageList_DragLeave
ImageList_Read
FlatSB_SetScrollProp
ImageList_GetDragImage
ImageList_SetIconSize

shell32

ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
SHGetFolderPathW

user32

DrawEdge
EndPaint
BeginPaint
GetParent
FillRect
TranslateMessage
CharLowerW
GetWindowRect
SwitchToThisWindow
GetFocus
FrameRect
InsertMenuW
CreateIcon
GetMenuState
DrawIconEx
SetScrollPos
EnumClipboardFormats
DestroyMenu
EnumWindows
PeekMessageW
DrawMenuBar
LoadStringW
PostQuitMessage
DispatchMessageA
GetSysColorBrush
SetFocus
SetParent
CheckMenuItem
GetLastActivePopup
GetSubMenu
GetWindowTextW
RegisterClassW
EnableMenuItem
IsWindow
SetWindowLongW
IsZoomed
CreateIconIndirect
MsgWaitForMultipleObjectsEx
DrawFrameControl
ActivateKeyboardLayout
RemovePropW
GetCursor
SetCapture
GetActiveWindow
IsDialogMessageA
ScreenToClient
FindWindowExW
MapWindowPoints
CharLowerBuffW
CreateWindowExW
MessageBoxW
GetCapture
MapVirtualKeyW
RegisterClipboardFormatW
IsIconic
GetSystemMetrics
SetMenu
GetSystemMenu
DrawIcon
SystemParametersInfoW
GetKeyNameTextW
CreateMenu
IsDialogMessageW
SendMessageA
GetScrollInfo
UpdateWindow
LoadCursorW
SetScrollRange
IsWindowVisible
SetRect
GetForegroundWindow
SetCursorPos
AdjustWindowRectEx
CharNextW
GetMenuItemCount
MonitorFromPoint
LoadBitmapW
SetScrollInfo
WaitMessage
IsChild
SetWindowsHookExW
SetForegroundWindow
WindowFromPoint
CallNextHookEx
MsgWaitForMultipleObjects
SetPropW
DeleteMenu
EnumChildWindows
SetWindowPlacement
GetMenuItemInfoW
TrackPopupMenu
CreatePopupMenu
SetWindowPos
DrawTextExW
ShowCaret
InsertMenuItemW
GetWindowThreadProcessId
LoadKeyboardLayoutW
IsClipboardFormatAvailable
GetDC
GetKeyboardLayoutList
ReleaseCapture
GetWindow
InvalidateRect
GetClientRect
GetMenu
GetKeyboardState
HideCaret
PeekMessageA
SendMessageW
GetDesktopWindow
DispatchMessageW
DefWindowProcW
GetKeyState
MessageBeep
MonitorFromWindow
EnableScrollBar
GetCursorPos
SetWindowRgn
ShowWindow
GetMonitorInfoW
GetWindowDC
ScrollWindow
CharUpperW
GetPropW
SetClassLongW
GetIconInfo
ShowOwnedPopups
ReleaseDC
IsWindowUnicode
PostMessageW
GetDlgCtrlID
DrawFocusRect
EnumDisplayMonitors
KillTimer
GetTopWindow
GetClassNameW
GetScrollRange
DefMDIChildProcW
UnregisterClassW
ClientToScreen
GetClassLongW
SetTimer
DestroyWindow
EndMenu
DrawTextW
ShowScrollBar
GetClassInfoW
FindWindowW
GetWindowPlacement
GetMenuItemID
DestroyCursor
EnableWindow
DefFrameProcW
CharUpperBuffW
CallWindowProcW
RemoveMenu
GetSysColor
IsWindowEnabled
GetMessagePos
GetWindowLongW
GetMenuStringW
SetMenuItemInfoW
GetDCEx
SetCursor
UnhookWindowsHookEx
TranslateMDISysAccel
GetClipboardData
CopyImage
RegisterWindowMessageW
LoadIconW
GetMessageExtraInfo
SetWindowTextW
GetKeyboardLayout
EnumThreadWindows
GetScrollPos
GetKeyboardLayoutNameW
DestroyIcon
RedrawWindow
SetActiveWindow

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

oleaut32

VariantClear
SafeArrayPtrOfIndex
SafeArrayGetLBound
VariantChangeType
VariantCopy
GetErrorInfo
SafeArrayGetUBound
SafeArrayCreate
VariantInit
SysReAllocStringLen
SysFreeString
SysAllocStringLen

advapi32

QueryServiceStatus
RegFlushKey
AdjustTokenPrivileges
RegOpenKeyExW
OpenSCManagerW
OpenProcessToken
GetUserNameW
OpenServiceW
LookupPrivilegeValueW
RegQueryValueExW
RegCloseKey

netapi32

NetWkstaGetInfo
NetApiBufferFree

msvcrt

memcpy

winhttp

WinHttpQueryOption
WinHttpWriteData
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetTimeouts
WinHttpSetCredentials
WinHttpOpenRequest
WinHttpConnect
WinHttpReceiveResponse
WinHttpAddRequestHeaders
WinHttpQueryDataAvailable
WinHttpSetStatusCallback
WinHttpSetOption
WinHttpQueryHeaders
WinHttpSendRequest
WinHttpQueryAuthSchemes
WinHttpCloseHandle
WinHttpReadData
WinHttpGetProxyForUrl
WinHttpOpen

kernel32

GlobalAlloc
VerSetConditionMask
CreateMutexW
MultiByteToWideChar
DeleteCriticalSection
GetCurrentThreadId
IsValidLocale
LockResource
LoadLibraryExW
GetTempPathW
GetModuleFileNameW
GetLocalTime
GetEnvironmentVariableW
GetThreadPriority
GetCurrentProcessId
WaitForSingleObject
FindFirstFileW
GlobalHandle
CreateEventW
SetLastError
TlsSetValue
GetStartupInfoW
GetDiskFreeSpaceW
InitializeCriticalSection
GlobalUnlock
IsDebuggerPresent
GetFileSize
EnumResourceNamesW
CloseHandle
GetSystemInfo
ReadFile
VirtualAlloc
GlobalFindAtomW
LocalAlloc
GetLastError
GetCurrentThread
ExitProcess
WaitForMultipleObjectsEx
VirtualQueryEx
GetFileAttributesW
VirtualProtect
GlobalLock
GetCPInfo
FindClose
LocalFree
GetACP
FreeLibrary
ExitThread
TlsGetValue
HeapFree
FormatMessageW
LoadLibraryW
CreateThread
QueryPerformanceCounter
VerifyVersionInfoW
FindResourceW
WideCharToMultiByte
HeapCreate
ResumeThread
GlobalSize
GetVersionExW
SetErrorMode
SuspendThread
GetExitCodeThread
GetDriveTypeW
FindNextFileW
QueryPerformanceFrequency
GetUserDefaultUILanguage
SetThreadPriority
SetEvent
LoadResource
GetCurrentProcess
VirtualQuery
GetStdHandle
HeapAlloc
GlobalFree
GetCommandLineW
RaiseException
SwitchToThread
GetTickCount
FileTimeToSystemTime
GlobalDeleteAtom
GetComputerNameW
CreateDirectoryW
RtlUnwind
GetCPInfoExW
GetLocaleInfoW
VirtualFree
GetModuleHandleW
GetVersion
TerminateThread
UnhandledExceptionFilter
MoveFileW
LeaveCriticalSection
ResetEvent
GetThreadLocale
GetFullPathNameW
FreeResource
GetDateFormatW
EnumCalendarInfoW
CreateFileW
LCMapStringW
HeapDestroy
WriteFile
GlobalAddAtomW
SetThreadLocale
SetFilePointer
CompareStringW
LoadLibraryA
GetTimeZoneInformation
Sleep
MulDiv
GetSystemDefaultUILanguage
DeviceIoControl
GetProcAddress
lstrlenW
EnterCriticalSection
SizeofResource
SetEndOfFile

ole32

IsEqualGUID
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
OleUninitialize
OleInitialize

gdi32

ExcludeClipRect
SelectPalette
GetEnhMetaFileDescriptionW
BitBlt
RectVisible
MaskBlt
ArcTo
RealizePalette
DeleteObject
EnumFontFamiliesExW
GetObjectW
SetStretchBltMode
CreateBitmap
AngleArc
GetEnhMetaFilePaletteEntries
GetDIBits
CreateDIBSection
Rectangle
PlayEnhMetaFile
CreateCompatibleBitmap
GetPixel
RoundRect
SetTextColor
GetNearestPaletteIndex
CreateDIBitmap
GetClipBox
UnrealizeObject
SetDIBColorTable
GetBrushOrgEx
DeleteDC
DeleteEnhMetaFile
StretchBlt
MoveToEx
SetBrushOrgEx
SetBkColor
RestoreDC
SetEnhMetaFileBits
GetCurrentPositionEx
SetWindowOrgEx
SetDIBits
Ellipse
PolyBezierTo
GetTextExtentPointW
GetPaletteEntries
SelectObject
CreateRectRgn
Arc
CreateSolidBrush
SetBkMode
GetWinMetaFileBits
SaveDC
SetWinMetaFileBits
GetStretchBltMode
FrameRgn
GetDIBColorTable
CreateFontIndirectW
SetViewportOrgEx
Chord
GetRgnBox
GetEnhMetaFileBits
GetBitmapBits
PolyBezier
SetROP2
GetSystemPaletteEntries
GdiFlush
GetEnhMetaFileHeader
ExtTextOutW
SetRectRgn
CreatePenIndirect
CopyEnhMetaFileW
CreateHalftonePalette
GetDeviceCaps
Pie
CreateBrushIndirect
ExtFloodFill
CreatePalette
PatBlt
Polygon
CreateCompatibleDC
SetPixel
Polyline
LineTo
GetTextMetricsW
GetStockObject
IntersectClipRect
GetTextExtentPoint32W
GetWindowOrgEx

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 27KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 149B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 88B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

4d8ec92bd7543a0d078d704e2567c712

Headers

File Characteristics

Imports

winmm

comctl32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

ole32

gdi32

Exports

Exports

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.itext Size: 10KB - Virtual size: 9KB

.data Size: 133KB - Virtual size: 133KB

.bss Size: - Virtual size: 27KB

.idata Size: 12KB - Virtual size: 12KB

.didata Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 149B

.tls Size: - Virtual size: 88B

.rdata Size: 512B - Virtual size: 93B

.reloc Size: 271KB - Virtual size: 271KB

.rsrc Size: 132KB - Virtual size: 132KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.itext
Size: 10KB - Virtual size: 9KB

.data
Size: 133KB - Virtual size: 133KB

.bss
Size: - Virtual size: 27KB

.idata
Size: 12KB - Virtual size: 12KB

.didata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 149B

.tls
Size: - Virtual size: 88B

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 271KB - Virtual size: 271KB

.rsrc
Size: 132KB - Virtual size: 132KB