SETUPEX[.]EXE | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SETUPEX.EXE
Size

156KB
MD5

641d018de477e685b24c528bc0fdb67f
SHA1

5b9433c20916cbed48cfc46b9821d474f0bc39a4
SHA256

25e1d8f110169ba61b6f64281ceec710aaba0df2a38ebc464975c8106fa4295d
SHA512

2cbaf5ab952be37e141cb6a86a6dc46702a7e7426ae13f367c3112e2fce47d2998976bfc7fa8ce23bd0eedaece01944bf8df135f661d3fff9b005acd62696e6b
SSDEEP

3072:dRcxWUl7UWbwDs5POV68qQUmRQLoo349xEpNLI:dROloo4rjqQnjxEp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SETUPEX.EXE

Files

SETUPEX.EXE
.exe windows x86

43cb5d8241fd8eb152ac50a40190d66a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
SetFileAttributesA
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
GetTimeZoneInformation
GetACP
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
SetEndOfFile
GlobalFindAtomA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetStdHandle
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindClose
CopyFileA
GetFullPathNameA
GetWindowsDirectoryA
WaitForSingleObject
CreateProcessA
GetLastError
FormatMessageA
LocalFree
Sleep
GetShortPathNameA
GetVersionExA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
GetModuleFileNameA
GetSystemDirectoryA
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
GetOEMCP
SetErrorMode
GetProcessVersion
GetCPInfo
SizeofResource
TlsGetValue
GlobalFlags
GlobalReAlloc
LocalReAlloc
TlsSetValue
TlsAlloc
TlsFree
GlobalHandle
EnterCriticalSection
LocalAlloc
lstrcpynA
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MulDiv
FileTimeToLocalFileTime
FileTimeToSystemTime
FreeLibrary
SetLastError
LoadLibraryA
GlobalAddAtomA
lstrcatA
GlobalGetAtomNameA
HeapCreate
lstrcpyA
GetModuleHandleA
DeleteFileA
GetProcAddress
GlobalUnlock
LockResource
FindResourceA
LoadResource
CloseHandle
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetVersion
WritePrivateProfileStringA
GlobalLock
GlobalFree
GetProfileStringA
FindFirstFileA
VirtualFree
LCMapStringA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW

user32

SetFocus
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadStringA
LoadCursorA
GetClassNameA
PtInRect
GetSysColorBrush
DestroyMenu
InvalidateRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
AdjustWindowRectEx
GetSysColor
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
LoadIconA
RegisterClassA
ScreenToClient
GetMenu
SystemParametersInfoA
GetMessagePos
ShowCaret
DefDlgProcA
IsWindowUnicode
CharNextA
InflateRect
UnregisterClassA
DrawFocusRect
ExcludeUpdateRgn
HideCaret

gdi32

GetClipBox
SetBkColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
CreateBitmap
GetDeviceCaps
CreateSolidBrush
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape
CreateDIBitmap
BitBlt
GetTextExtentPointA
CreateCompatibleDC
SetTextColor
PatBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

DeleteService
RegCloseKey
StartServiceA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
ControlService
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43cb5d8241fd8eb152ac50a40190d66a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 16KB - Virtual size: 12KB