SETUP_CK[.]EXE

General

Target

SETUP_CK.EXE
Size

27KB
MD5

178a4f6a92760dd8927b4b8c51e760db
SHA1

16981a42767337d015f25d79ba6f28dc80855efc
SHA256

04b7c2d9ab2c7bfecd34d44f12272b6c1be26f9501a3eb8332cf815f5450eb55
SHA512

8649d41a121114f3453d0b097175e4b8de2318ab126c5335122946b06986ed0f5426d66f2cad014a7953f692f0696a19da849e99a8b285cb87c631903f0fcb7c
SSDEEP

384:HTuSqjNYJWatl5NkFRveuSlUfC7XK4XfFAkRON6gWRDPSUSSPR0Se:zuzO8atceukju4XdAkRODWRD2SPR0S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SETUP_CK.EXE

Files

SETUP_CK.EXE
.exe windows:4 windows x86

8486d95d07f7ba506aba109106118ec9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
Sleep
GetWindowsDirectoryA
RtlUnwind
ExitProcess
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
GetCommandLineA
GetVersion
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
CreateFileA
CloseHandle
GetLastError
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
HeapCreate
WriteFile
HeapAlloc
HeapFree
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
FlushFileBuffers
SetFilePointer
SetStdHandle
DeleteFileA

advapi32

StartServiceA
OpenServiceA
CreateServiceA
CloseServiceHandle
ControlService
OpenSCManagerA
DeleteService

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8486d95d07f7ba506aba109106118ec9

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 512B - Virtual size: 105B

.data Size: 6KB - Virtual size: 10KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 512B - Virtual size: 105B

.data
Size: 6KB - Virtual size: 10KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB