Install[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Install.exe
Size

815KB
MD5

e7dccf2b0c48212d9c5b0296d533558c
SHA1

d6cafa84f3af1acf3be47f50742eb2e8bee9d836
SHA256

fcbb7080eb6c9faf37f288f8eaf367295303658444ed2eaabb32d14e2205a696
SHA512

340eff5f43189a4c1da9d150108dbef3efe1e272f94219e0a993b2245344218db8250099b47102cfef3150cbedea2d477fb552f6fe04fde30eb65194718b0413
SSDEEP

12288:tKyVdT4g/I7lPp7hL5e1tWWdpq2h0FLARRELiLEWotCFp:tK+h/ulP3L5e7h0FLARRbLEWotCFp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Install.exe

Files

Install.exe
.exe windows:5 windows x86

f00b15bbcfa03a1d4e5702333fdd18ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
inet_addr
gethostbyname
gethostname
WSAStartup

winmm

mixerSetControlDetails
joyGetPosEx
mixerGetControlDetailsW
mixerOpen
mixerGetDevCapsW
joyGetDevCapsW
mixerGetLineControlsW
mixerClose
mciSendStringW
mixerGetLineInfoW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Create
ImageList_AddMasked
ImageList_ReplaceIcon
CreateStatusWindowW

psapi

GetModuleBaseNameW
GetModuleFileNameExW

kernel32

SizeofResource
LoadResource
LockResource
FindFirstFileW
FindNextFileW
FindClose
Beep
MoveFileW
OutputDebugStringW
CreateProcessW
GetFileAttributesW
WideCharToMultiByte
MultiByteToWideChar
GetExitCodeProcess
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
OpenProcess
TerminateProcess
SetPriorityClass
SetLastError
SetEnvironmentVariableW
GetEnvironmentVariableW
GetLocalTime
GetDateFormatW
GetTimeFormatW
GetDiskFreeSpaceExW
SetVolumeLabelW
CreateFileW
DeviceIoControl
GetDriveTypeW
GetVolumeInformationW
GetDiskFreeSpaceW
CreateDirectoryW
ReadFile
DeleteFileW
WriteFile
SetFileAttributesW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileSizeEx
GetSystemTime
GetSystemDefaultUILanguage
GetComputerNameW
GetWindowsDirectoryW
FindResourceW
GetShortPathNameW
EnterCriticalSection
LeaveCriticalSection
VirtualProtect
QueryDosDeviceW
CompareStringW
RemoveDirectoryW
CopyFileW
GetCurrentProcess
FormatMessageW
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
WritePrivateProfileSectionW
SetEndOfFile
GetACP
GetFileType
GetStdHandle
SetFilePointerEx
SystemTimeToFileTime
FileTimeToSystemTime
GetFileSize
VirtualAllocEx
VirtualFreeEx
EnumResourceNamesW
LoadLibraryExW
GlobalSize
TlsAlloc
IsValidCodePage
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetStartupInfoW
HeapSetInformation
GetCommandLineW
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
ExitProcess
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetFullPathNameW
GetModuleFileNameW
DeleteCriticalSection
GetCPInfo
GetVersionExW
FreeLibrary
LoadLibraryW
GetModuleHandleW
GetProcAddress
GetLastError
CreateMutexW
CloseHandle
GetExitCodeThread
SetThreadPriority
CreateThread
GetStringTypeExW
lstrcmpiW
GetCurrentThreadId
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetCurrentDirectoryW
SetErrorMode
InitializeCriticalSection
SetCurrentDirectoryW
Sleep
GetTickCount
MulDiv
TlsGetValue
TlsSetValue
TlsFree
SetHandleCount
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
RaiseException
RtlUnwind
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
FlushFileBuffers
SetFilePointer
WriteConsoleW
SetStdHandle
GetProcessHeap
GetTempPathW
VirtualQuery

user32

GetPropW
FlashWindow
GetClassLongW
SetMenu
SetPropW
RemovePropW
GetSysColor
RedrawWindow
DrawTextW
SetParent
GetClassInfoExW
AdjustWindowRectEx
SystemParametersInfoW
GetAncestor
UpdateWindow
GetMessagePos
GetSysColorBrush
FillRect
DefDlgProcW
CallWindowProcW
CheckRadioButton
IntersectRect
GetUpdateRect
PtInRect
CreateDialogIndirectParamW
CreateAcceleratorTableW
DestroyAcceleratorTable
InsertMenuItemW
RemoveMenu
SetMenuItemInfoW
GetMenuItemInfoW
SetMenuDefaultItem
CreateMenu
CreatePopupMenu
SetMenuInfo
DestroyMenu
TrackPopupMenuEx
DrawIconEx
GetDesktopWindow
CopyImage
CreateIconIndirect
CreateIconFromResourceEx
EnumClipboardFormats
GetWindow
BringWindowToTop
MessageBoxW
GetTopWindow
CheckMenuItem
IsWindowVisible
LoadImageW
ExitWindowsEx
SetClipboardViewer
LoadAcceleratorsW
EnableMenuItem
CreateWindowExW
RegisterClassExW
LoadCursorW
DestroyWindow
DestroyIcon
MapVirtualKeyW
VkKeyScanExW
MapVirtualKeyExW
DefWindowProcW
ActivateKeyboardLayout
GetGUIThreadInfo
GetWindowTextW
mouse_event
WindowFromPoint
GetSystemMetrics
keybd_event
SetKeyboardState
GetKeyboardState
GetCursorPos
GetAsyncKeyState
AttachThreadInput
SendInput
UnregisterHotKey
RegisterHotKey
PostQuitMessage
SendMessageTimeoutW
CharUpperW
UnhookWindowsHookEx
SetWindowsHookExW
PostThreadMessageW
IsCharAlphaNumericW
IsCharUpperW
IsCharLowerW
ToUnicodeEx
GetKeyboardLayout
CallNextHookEx
CharLowerW
ReleaseDC
GetDC
OpenClipboard
GetClipboardData
GetClipboardFormatNameW
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageW
FindWindowW
EndDialog
GetMenuStringW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSystemMenu
GetLastInputInfo
GetCursor
MessageBeep
SetDlgItemTextW
GetDlgItem
SendDlgItemMessageW
DialogBoxParamW
ChangeClipboardChain
SetForegroundWindow
IsWindow
DispatchMessageW
TranslateMessage
ShowWindow
CountClipboardFormats
SetWindowLongW
ScreenToClient
IsDialogMessageW
SendMessageW
IsWindowEnabled
RegisterWindowMessageW
GetIconInfo
EnumDisplayMonitors
GetClientRect
IsIconic
IsZoomed
EnumWindows
GetWindowTextLengthW
SetWindowTextW
EnableWindow
InvalidateRect
SetLayeredWindowAttributes
SetWindowPos
SetWindowRgn
SetFocus
MapWindowPoints
SetActiveWindow
EnumChildWindows
ClientToScreen
MoveWindow
GetQueueStatus
GetWindowLongW
GetKeyState
TranslateAcceleratorW
KillTimer
PeekMessageW
GetFocus
GetClassNameW
GetWindowThreadProcessId
GetForegroundWindow
GetMessageW
SetTimer
GetParent
GetDlgCtrlID
IsClipboardFormatAvailable
GetWindowRect
GetKeyboardLayoutNameW
IsCharAlphaW
GetMenu

gdi32

CreateFontIndirectW
GetClipBox
CreatePatternBrush
SetBrushOrgEx
EnumFontFamiliesExW
CreateDIBSection
GdiFlush
SetBkColor
GetObjectW
SetBkMode
GetStockObject
CreateSolidBrush
GetCharABCWidthsW
GetTextMetricsW
CreateDCW
GetPixel
BitBlt
CreateCompatibleBitmap
DeleteDC
GetSystemPaletteEntries
SelectObject
GetDIBits
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
CreateFontW
SetTextColor
GetDeviceCaps
DeleteObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerW
GetUserNameW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegConnectRegistryW
RegDeleteValueW

shell32

DragQueryPoint
SHEmptyRecycleBinW
SHFileOperationW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetMalloc
SHGetFolderPathW
ShellExecuteExW
Shell_NotifyIconW
DragFinish
DragQueryFileW
ExtractIconW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString
CoGetObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

SafeArrayGetLBound
GetActiveObject
OleLoadPicture
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnlock
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetDim
SafeArrayDestroy
SafeArrayGetUBound
VariantCopyInd
SafeArrayCopy
SysAllocString
VariantChangeType
VariantClear
SafeArrayCreate
SysFreeString
SysStringLen

Sections

.text
Size: 609KB - Virtual size: 609KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f00b15bbcfa03a1d4e5702333fdd18ca

Headers

File Characteristics

Imports

wsock32

winmm

version

comctl32

psapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 609KB - Virtual size: 609KB

.rdata Size: 142KB - Virtual size: 141KB

.data Size: 17KB - Virtual size: 37KB

.rsrc Size: 45KB - Virtual size: 45KB

.text
Size: 609KB - Virtual size: 609KB

.rdata
Size: 142KB - Virtual size: 141KB

.data
Size: 17KB - Virtual size: 37KB

.rsrc
Size: 45KB - Virtual size: 45KB