SETUP[.]EXE | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SETUP.EXE
Size

274KB
MD5

2008687c8bab431a4943f1f8447f29af
SHA1

65a03b0edccd479271012403ed300b7bc7f1a268
SHA256

610a44a71db60fd2eb5999fad7536f24457e383d86e6e841d004f347eb1aac31
SHA512

c6bc8227cc2d509b6f9f10652f0ddf256b4282ae1fbba42d7ee1203f61143b9c4f5af2ced707b6ee8410a7fc1fee371f3f61b1f0ad90e0faa9c8c30971b81536
SSDEEP

3072:yoz5YYvbGDo2+Sz/B5JHZZTFMpVtkLiltUn73Ju/t34RG035r1pI2vy/5p4fPw95:BzYDjZ9v1MVNg4d0b3pNmp6wzpg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SETUP.EXE

Files

SETUP.EXE
.exe windows x86

b21e39d4efceab0bd7f8fee8cc353773

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetSystemDirectoryA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessA
GetModuleFileNameA
GetFullPathNameA
GetSystemDefaultLCID
GetVersionExA
CreateFileA
GetLocaleInfoW
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSection
InterlockedExchange
SetConsoleCtrlHandler
IsValidCodePage
GetFileAttributesA
LocalAlloc
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
Sleep
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapReAlloc
VirtualAlloc
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GlobalAlloc
GlobalFree
lstrcmpA
lstrcpynA
IsDBCSLeadByte
SetLastError
CreateMutexA
GetCurrentProcess
lstrcmpiA
LocalReAlloc
GetLastError
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrlenA
_lopen
IsValidLocale
_llseek
SetEnvironmentVariableA
_lread
LocalFree
_lclose
MulDiv
FreeLibrary
LoadLibraryA
GetProcAddress
FlushFileBuffers
CompareStringA
CompareStringW
EnumSystemLocalesA
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
RtlUnwind
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
RaiseException
GetCPInfo
GetACP
GetOEMCP
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType

user32

IsDlgButtonChecked
EnableWindow
SetWindowPos
MessageBoxA
UnregisterClassA
DestroyWindow
ShowWindow
InvalidateRect
UpdateWindow
SetForegroundWindow
CreateWindowExA
SetWindowLongA
LoadCursorA
RegisterClassA
GetSystemMetrics
GetWindowLongA
BeginPaint
GetWindowRect
GetSysColor
SendMessageA
EndPaint
DefWindowProcA
DialogBoxParamA
SetWindowTextA
SetFocus
SendDlgItemMessageA
LoadIconA
GetDC
ReleaseDC
GetClientRect
LoadBitmapA
LoadStringA
EndDialog
GetDlgItem

gdi32

TextOutA
CreateFontIndirectA
GetDeviceCaps
CreateCompatibleBitmap
SetStretchBltMode
BitBlt
CreateCompatibleDC
SelectObject
StretchBlt
DeleteDC
GetObjectA
SetBkMode
SetTextColor
GetStockObject
DeleteObject
GetTextExtentPoint32A

advapi32

RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
EqualSid
FreeSid
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteExA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b21e39d4efceab0bd7f8fee8cc353773

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 88KB - Virtual size: 88KB