setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

setup.exe
Size

70KB
MD5

54a14f2c14537fa57bb31f52080733f4
SHA1

9dd717434e2598f3eab73032a500de93558541fb
SHA256

5d5cc12f985b30a43d79fa8d44eb6cb0caddb47d2d33ec28fbc8416cfb7514db
SHA512

0fd5a5c3e58d9160494772d193d6c0542c0089700a03f093217e4e4f9661825682f2f18f25ce5077fcb852dff45d71505544b73d6aa341409c045c6333b99ffc
SSDEEP

1536:N8wNfktLYUqSfzC8wATsq3CRJMdzzOi3d0eFKg:N80ct8dSfmXosgCRJMdfO6FKg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
setup.exe

Files

setup.exe
.exe windows:4 windows x86 arch:x86

09b39d9cc248e77d59a084898ed73e6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerLanguageNameA

kernel32

WinExec
GetDriveTypeA
DeleteFileA
GetVersionExA
GetModuleHandleA
GetSystemInfo
FindFirstFileA
IsDBCSLeadByte
GlobalFree
lstrlenA
lstrcpyA
FlushFileBuffers
GetModuleFileNameA
GetWindowsDirectoryA
SetFilePointer
WriteFile
GetLastError
GetTickCount
MulDiv
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcatA
lstrcmpiA
GlobalHandle
GetUserDefaultLCID
FindResourceA
GetProfileStringA
SetErrorMode
LoadLibraryA
FreeLibrary
CreateFileA
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
FindClose
GetDiskFreeSpaceA
WritePrivateProfileStringA
GetProcAddress
HeapAlloc
SetEnvironmentVariableA
HeapFree
CompareStringA
GetStringTypeW
CompareStringW
RtlUnwind
VirtualFree
GetStringTypeA
HeapDestroy
VirtualAlloc
HeapReAlloc
SetStdHandle
HeapCreate
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
WideCharToMultiByte
GetVersion
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
ExitProcess
CreateDirectoryA
GetFileType

user32

DrawIcon
SetWindowTextA
GetDlgItem
GetWindowPlacement
DestroyWindow
GetWindowRect
MoveWindow
DialogBoxParamA
LoadIconA
DestroyIcon
SetRectEmpty
FillRect
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetSysColor
GetClientRect
InflateRect
SendMessageA
SetWindowLongA
BeginPaint
EndPaint
DefWindowProcA
GetWindowLongA
GetDC
ReleaseDC
InvalidateRect
LoadCursorA
GetClassInfoA
RegisterClassA
CharUpperA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
MessageBoxA
PostMessageA
FindWindowA
SubtractRect
SetWindowPos
GetClassNameA
IntersectRect
EqualRect
DrawTextA
GetWindow
SetRect
UpdateWindow
SetTimer
ShowWindow
IsWindow
RegisterWindowMessageA
CreateDialogParamA
GetParent
SendDlgItemMessageA
CharNextA
LoadStringA
GetSystemMetrics
wsprintfA
PostQuitMessage
ScreenToClient
CreateWindowExA

gdi32

RestoreDC
DeleteObject
CreateFontIndirectA
GetObjectA
SaveDC
LineTo
MoveToEx
CreatePen
ExtTextOutA
SetBkColor
SetTextColor
GetTextMetricsA
CreateSolidBrush
CreateDIBitmap
RealizePalette
SelectPalette
GetDeviceCaps
CreatePalette
GetSystemPaletteEntries
UnrealizeObject
DeleteDC
BitBlt
CreateCompatibleDC
SelectClipRgn
CreateRectRgn
GetStockObject
GetTextExtentPointA
SelectObject

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 831B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09b39d9cc248e77d59a084898ed73e6c

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 1024B - Virtual size: 831B

.data Size: 14KB - Virtual size: 21KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 1024B - Virtual size: 831B

.data
Size: 14KB - Virtual size: 21KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 3KB