install[.]exe | Triage

Sharing

General

Target

install.exe
Size

3.9MB
MD5

c4e07632ff79098a7a20c296ff897d8a
SHA1

affe33da9f32b73bf2b6c20141ce76be44e64841
SHA256

a78d950b4efd0d703b0676693b608a7a03476d713243444f5eec108a3f724293
SHA512

1c773346ed19372d9d895552029bd41853933d317e188b2bcba909c0100b197d56c110600a51e33043de59c811434bf0afcf01d73169dfb9e018ee50b5de5538
SSDEEP

49152:HqMnHHY4/Kcd8g+WhN4nU9Q2ptlr3DRfNJTX8ZTtz0+6nW1wAA6o:HznY6Ks8gBhNNa2/lRfNJTXKJIFLAAT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
install.exe

Files

install.exe
.exe windows:6 windows x86 arch:x86

735d6e750692dde17666383ba469a30b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextLengthW
GetWindowTextW
LoadCursorW
LoadIconW
GetActiveWindow
MessageBoxA
MessageBoxW
GetClassLongW
SetClassLongW
CreateWindowExW
TranslateMessage
RegisterClassExW
DispatchMessageA
PeekMessageA
DestroyWindow
ShowWindow
MoveWindow
EndPaint
GetDC
ReleaseDC
BeginPaint
UpdateWindow
InvalidateRect

gdi32

CreatePen
CreateSolidBrush
TextOutW
SetTextColor
SelectObject
CreateCompatibleDC
DeleteObject
DeleteDC
LineTo

ole32

CoGetApartmentType
CoGetObjectContext

kernel32

Sleep
DecodePointer
EncodePointer
SetLastError
GetLastError
IsValidCodePage
IsValidLocale
WideCharToMultiByte
MultiByteToWideChar
CompareStringEx
HeapReAlloc
HeapAlloc
HeapFree
HeapSize
CloseHandle
ExitThread
CreateThread
TlsFree
TlsGetValue
TlsSetValue
TlsAlloc
ExitProcess

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 651KB - Virtual size: 651KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_MEM_READ