dxwsetup.pdb
Static task
static1
Behavioral task
behavioral1
Sample
dxwsetup.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dxwsetup.exe
Resource
win10v2004-20240226-en
General
-
Target
dxwsetup.exe
-
Size
515KB
-
MD5
ac3a5f7be8cd13a863b50ab5fe00b71c
-
SHA1
eee417cd92e263b84dd3b5dcc2b4b463fe6e84d9
-
SHA256
8f5e89298e3dc2e22d47515900c37cca4ee121c5ba06a6d962d40ad6e1a595da
-
SHA512
c8bbe791373dad681f0ac9f5ab538119bde685d4f901f5db085c73163fc2e868972b2de60e72ccd44f745f1fd88fcde2e27f32302d8cbd3c1f43e6e657c79fba
-
SSDEEP
3072:diqLKVd9Aqq3Z/yKxAG2ur4IhUNJ4g3nO9hpRH0gQSpHt+akOC8BTDmsikzWX+us:DFAKJr4IWNJ4MOrpRBQS3kydI+xyS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dxwsetup.exe
Files
-
dxwsetup.exe.exe windows:6 windows x86 arch:x86
98f9d5d0de900bfb2afe33d1f7cd6479
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
advapi32
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
kernel32
GetFileAttributesA
FindClose
FindFirstFileA
GetSystemDirectoryA
FindNextFileA
lstrcmpA
GetCurrentDirectoryA
GetModuleFileNameA
SetFileAttributesA
CreateMutexA
CloseHandle
Sleep
GetExitCodeProcess
WaitForSingleObject
DeleteFileW
GetTempPathW
DeleteFileA
CreateEventA
SetLastError
CreateFileA
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
ReadFile
GetFileSize
MoveFileExA
SetFileTime
LocalFileTimeToFileTime
GetFileTime
CompareStringA
GetTempFileNameA
CreateThread
SetEvent
MultiByteToWideChar
GetModuleHandleA
GetCurrentProcess
FreeLibrary
GetVersionExA
LoadLibraryA
GetProcAddress
ResetEvent
VirtualQuery
GetSystemInfo
VirtualProtect
GetProcessHeap
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
FormatMessageA
LocalFree
GetWindowsDirectoryA
OutputDebugStringA
CreateDirectoryA
SetStdHandle
SetFilePointer
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleW
InitializeCriticalSection
GetLastError
CopyFileA
GetConsoleMode
GetConsoleCP
HeapAlloc
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
GetCommandLineA
GetStartupInfoA
GetLocalTime
ExitThread
RaiseException
SetUnhandledExceptionFilter
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
gdi32
DeleteDC
StretchBlt
CreateCompatibleBitmap
GetObjectA
CreateCompatibleDC
SelectObject
CreateFontIndirectA
GetDeviceCaps
DeleteObject
user32
LoadStringW
SetDlgItemTextW
LoadStringA
GetDlgItem
SendMessageA
MessageBoxA
SetDlgItemTextA
InvalidateRect
IsDlgButtonChecked
SetWindowLongA
GetWindowLongA
ShowWindow
GetParent
PostMessageA
MessageBoxW
LoadImageA
CharNextA
SystemParametersInfoA
GetDC
ReleaseDC
SendDlgItemMessageA
SetWindowTextW
comctl32
CreatePropertySheetPageA
PropertySheetA
ord17
InitCommonControlsEx
shell32
ShellExecuteW
ShellExecuteExW
SHFileOperationA
version
GetFileVersionInfoSizeA
VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
ole32
CoInitialize
CoCreateInstance
CoUninitialize
crypt32
CertVerifyCertificateChainPolicy
wintrust
WinVerifyTrustEx
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
shlwapi
PathRemoveFileSpecW
urlmon
URLDownloadToFileW
Sections
.text Size: 122KB - Virtual size: 121KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 378KB - Virtual size: 378KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ