setup_patched[.]exe | Triage

Sharing

General

Target

setup_patched.exe
Size

3.6MB
MD5

eb5e39f710dacd2a664de3e50dc30496
SHA1

44de1465378f86389230e39b5f3b2e9de7d4e7bb
SHA256

a6f0bb4108b8df2233329b30ac75189c93cbf26e26a53e2ee4bb9de2e0041883
SHA512

b812600bd68245dbc036a8fb9956320c74278f456e0f79e3c025d21a0610c3b192d2d028089de46fc434ef3fa6852bb142ab712de3ab052554ea46715db4b2fe
SSDEEP

98304:WKIDmbLYs8FsaBIUypM1Op9pt/ygWN9xC4ns:WKIDm3ZqTuq1Op9GDN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
setup_patched.exe

Files

setup_patched.exe
.exe windows:6 windows x64 arch:x64

309eeddbaf0bd91b0960dcbfea25b224

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

CryptReleaseContext

shell32

ShellExecuteA

ole32

CoCreateInstance

Sections

.MPRESS1
Size: 3.5MB - Virtual size: 10.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE