setup[.]exe | Triage

Sharing

General

Target

setup.exe
Size

739KB
MD5

a5571a1e88d0a16dd45a7cf27072d0b6
SHA1

8a690dafae610526d66f1971a57105daf5b1eea7
SHA256

c9371309802b12f374c0a8f8e28b1fe40bd72929342338b7fc769f1a845f79a3
SHA512

49f7564fed049e2dda30b2212c29d03ab32694f9baf83070bd761bb4746a0a16d2bbeca401d59071fb040c28cbd0a47d0ee713818d0ddb6a53a3dd31aa9b4264
SSDEEP

12288:q6GoB+bb+tV2C9HspgPXpkIrNON+My0TY:lGooPkAOycUN+My0TY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
setup.exe

Files

setup.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 630KB - Virtual size: 630KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ