Static task
static1
General
-
Target
Installer_01025.exe
-
Size
144.6MB
-
MD5
24ccbfb1e552c479109c8ef90e42e7ea
-
SHA1
45a0006fd2b7f0392ac10b2b546790baf2fd2373
-
SHA256
dfed0a3d6f215c416a24114abb21ea96db5c21b730eaa899a57bbf25669502ba
-
SHA512
31b8fc3defd01b706ecf8bddaf3cc022efd7ed257482222e0f20e85a2b37d38ec8b4873c012153660bccbec7b5e0f4ff05e293b4394bfb1c707c0c9bf5e1a8b1
-
SSDEEP
196608:b/y4mp6lBo5/aGu03iYVUwJeekHCB8G4ulgpujV5C8rphiEze:vYPu03dSwJiCB8LuyeS8loEK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Installer_01025.exe
Files
-
Installer_01025.exe.exe windows:6 windows x86 arch:x86
ace20a751910b10ef6c3150601349824
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathFileExistsW
PathCombineW
kernel32
EnumSystemLocalesW
LCMapStringEx
InitializeCriticalSectionEx
SetFilePointer
CreateThread
FindFirstFileA
GetFileAttributesW
RaiseException
GetCPInfo
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetCurrentDirectoryA
CreateDirectoryA
GetSystemTimeAsFileTime
HeapAlloc
GetSystemWow64DirectoryW
Sleep
GetConsoleMode
ExitProcess
DecodePointer
CreateDirectoryW
GetLastError
GetCommandLineA
InitializeSListHead
GetTickCount64
SetFileTime
TlsGetValue
GetFileInformationByHandle
SetLastError
SetEvent
GetCurrentDirectoryW
SetFileAttributesA
FindClose
HeapFree
LocalFree
GetCurrentProcess
CreateEventA
DeleteFileA
DeleteFileW
GetProcessHeap
GetEnvironmentStringsW
TlsFree
GetCommandLineW
RtlUnwind
LoadLibraryW
GetNativeSystemInfo
GetOEMCP
FreeEnvironmentStringsW
DeleteCriticalSection
VirtualProtect
GetSystemInfo
SetFileAttributesW
UnhandledExceptionFilter
GetCurrentProcessId
GetStringTypeW
AreFileApisANSI
FindFirstFileExW
VirtualFree
FindNextFileA
GetUserDefaultLCID
HeapSize
RemoveDirectoryA
FlushFileBuffers
FreeLibrary
GetTempPathA
GetProcessAffinityMask
GetACP
RemoveDirectoryW
FormatMessageA
GlobalMemoryStatus
FreeLibraryAndExitThread
SetStdHandle
MultiByteToWideChar
WriteConsoleW
GetFileSize
GetFileAttributesA
IsValidLocale
CreateFileA
VirtualAlloc
QueryPerformanceCounter
WideCharToMultiByte
GetConsoleOutputCP
EnterCriticalSection
GetVersionExA
SetUnhandledExceptionFilter
TlsAlloc
GetLocaleInfoW
SetEndOfFile
CloseHandle
LoadLibraryExW
ExitThread
GetProcAddress
lstrlenW
CreateSemaphoreA
WriteFile
GetStdHandle
FindFirstFileW
GetTempPathW
GetStartupInfoW
FormatMessageW
GetSystemDirectoryW
GetModuleHandleExW
GetTickCount
WaitForSingleObject
IsBadReadPtr
IsDebuggerPresent
GetModuleFileNameW
CreateFileW
InitializeCriticalSection
GetFileType
HeapReAlloc
IsProcessorFeaturePresent
LeaveCriticalSection
ReadFile
LoadLibraryA
GetModuleFileNameA
FindNextFileW
ReleaseSemaphore
EncodePointer
SetFilePointerEx
TlsSetValue
LCMapStringW
TerminateProcess
GetModuleHandleA
IsValidCodePage
ResetEvent
GetCurrentThreadId
lstrcatW
user32
LoadStringA
DialogBoxParamW
SendMessageA
PostMessageA
SetWindowTextW
DestroyWindow
CharUpperA
EndDialog
GetDlgItem
GetWindowLongA
LoadIconA
MessageBoxW
DialogBoxParamA
ShowWindow
CharUpperW
LoadStringW
SetWindowTextA
SetWindowLongA
KillTimer
SetTimer
shell32
SHGetSpecialFolderPathW
oleaut32
SysAllocStringLen
SysStringLen
VariantClear
advapi32
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
ole32
CoInitialize
CoCreateInstance
CoUninitialize
Sections
.text Size: 937KB - Virtual size: 937KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6.2MB - Virtual size: 6.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ