setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

setup.exe
Size

536KB
MD5

16b2d9932ebe853e438a7eb7a71f1365
SHA1

d442f916dda1bc6358d1f8c90a3a7a7443782d7c
SHA256

50ba99d002dd8c7fa520c15594c28c0a98e9a420e28c79b2bdbd6d8357f41b35
SHA512

48689907dca61c232b13e7125ad398c1c4f5ee8af4088db188520c4c6a71288663410ce77f813e50bbf5b0bfd778f8297f42233679a8b37df2ae38edfa65f846
SSDEEP

12288:Sn95rpNcYU/Dfnh1wGkmtFFh3DEYckeYbP4QF3HK3YFeC:SnzPcbD/h1btFFh3DEYckeYbP1a3Sz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
setup.exe

Files

setup.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\tikitulitonu70\d.pdb

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ