InnoSetup32Downloader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

InnoSetup32Downloader.exe
Size

6KB
MD5

554481d067d9f0eb92dc4b0108109a7c
SHA1

fee32194a9de662f3b3a2f0df3130039fd8574d4
SHA256

a49be07f46397d9e06b5afa17013365aced81bf265522aeaea64cc5fe4f7e81c
SHA512

2ca4781008f7d7db1f6c04c7a746e016d7ec791b53774e83e5d4ac9407fba5fba5112ee6dfe1f90789ab6b428cb38ae2153b220a4b0e6baef03dcc33299fe894
SSDEEP

96:5gkYs22Sci6aK4RZg5ZYiSnyeqoFCMC7thCc:hf2bV6URkCyMFCn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
InnoSetup32Downloader.exe

Files

InnoSetup32Downloader.exe
.exe windows:4 windows x86 arch:x86

ba41acd43ab9b86ebac26ee964c0759a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

fopen
fseek
ftell
fclose
malloc
fread
free
strcmp
_iob
fprintf
memset
strstr
_strdup
_controlfp
__set_app_type
__argc
__argv
_environ
__getmainargs
exit
_XcptFilter
_exit
_except_handler3

kernel32

ExitProcess
AddVectoredExceptionHandler
GetModuleFileNameW
SetCurrentDirectoryW
GetStartupInfoA
GetCommandLineA
GetModuleHandleA

libtcc

tcc_new
tcc_set_lib_path
tcc_add_include_path
tcc_add_library_path
tcc_set_output_type
tcc_define_symbol
tcc_compile_string
tcc_add_symbol
tcc_relocate
tcc_get_symbol
tcc_delete

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ