setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

setup.exe
Size

148KB
MD5

4dcf7d39ed517dee8a3340ea631d395e
SHA1

a34f6011ab6d517e71e53abe1689852df2e1257c
SHA256

9a89d3146304e0136b2ed4a2f4d856c5357e883a4f884698ef5c40a3824f3a02
SHA512

c2759845a1d45780c8d3774dbed76efe28449464b1fc6b40406496732995c972ee9142de87e02233044cee99eaf33ceef8cd1c3f441300004a28047aae662480
SSDEEP

1536:U2pueZGPwKxgHfPr1h0B6GyLw8nJkzjDCIq/DEhDuTVgkgb2qn0E1um/61Y/vtmj:U2gQr28IaIsEhDygLnMxiXAg0FuWyl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
setup.exe

Files

setup.exe
.exe windows x86

5d6d5b78d1a4c243d461da7f3e65bdeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
FreeLibrary
GetProcAddress
GetModuleHandleA
GetDiskFreeSpaceA
CreateDirectoryA
DeleteFileA
RemoveDirectoryA
GetTickCount
GetPrivateProfileStringA
GetVersionExA
GlobalMemoryStatusEx
FindFirstFileA
SetConsoleTitleA
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
AllocConsole
GetFullPathNameA
RaiseException
SetEndOfFile
LoadLibraryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
InterlockedExchange
FindNextFileA
FindClose
GetLastError
CreateProcessA
CloseHandle
GetExitCodeProcess
MultiByteToWideChar
WriteConsoleW
GetModuleFileNameA
GetLocaleInfoA
SetConsoleWindowInfo
GetStdHandle
HeapAlloc
HeapFree
SetFileAttributesA
GetFileAttributesA
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
LCMapStringA
WideCharToMultiByte
LCMapStringW
WriteFile
FlushFileBuffers
ReadFile
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
GetDriveTypeA
GetCurrentDirectoryA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
CreateFileA
SetFilePointer
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
HeapSize
RtlUnwind
SetCurrentDirectoryA

user32

MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
IsCharAlphaA

gdi32

GetDeviceCaps
DeleteDC
CreateCompatibleDC

advapi32

RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d6d5b78d1a4c243d461da7f3e65bdeb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 1KB