Installer[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

Installer.rar
Size

153.0MB
MD5

db209633f51841c1572cadae320c1c75
SHA1

499013e985353c8faa9fa6fe56dc2ae1c36a79dc
SHA256

ce3b65ea8748036b031a5ceec0f44e41b9510f83d047138081757db908c3b040
SHA512

2dd951ef207cf573c42b38cc23ebfa04675e5f33e1cf088ff3d3f98ae79cca288864da68f5a566bd82729a9388f374840fc424ccca22ff42e2ceefc28c712e57
SSDEEP

3145728:cI3LTWOcsupBKrgCPHqn8c/vyLcrpU+dh7qb9Uf5E55RFktbxOO4JtKaJBlkb5Py:c+WOcdKrjPKn8gvy6pU+dZ0if54ktbxs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Installer/Installer.exe

Files

Installer.rar
.rar
Installer/Installer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\na6bczsrl\obj\Release\Current.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 756KB - Virtual size: 755KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Installer/Plugins/0409/cliconf.chm
.chm
Installer/Plugins/0409/mmc.CHM
.chm
Installer/Plugins/0409/msdasc.chm
.chm
Installer/Plugins/0409/msorcl32.chm
.chm
Installer/Plugins/0409/odbcinst.chm
.chm
Installer/Plugins/0409/odbcjet.chm
.chm
Installer/Plugins/0409/sqlsodbc.chm
.chm
Installer/Plugins/0409/sqlsoldb.chm
.chm
Installer/Plugins/0419/cliconf.chm
.chm
Installer/Plugins/0419/mmc.CHM
.chm
Installer/Plugins/0419/msdasc.chm
.chm
Installer/Plugins/0419/msorcl32.chm
.chm
Installer/Plugins/0419/odbcinst.chm
.chm
Installer/Plugins/0419/odbcjet.chm
.chm
Installer/Plugins/0419/sqlsodbc.chm
.chm
Installer/Plugins/0419/sqlsoldb.chm
.chm
Installer/Source/packs.dll
Installer/Source/source.dll
Installer/Updates/en-US/credits.rtf
.rtf
Installer/Updates/nvcpl/nv3d.chm
.chm
Installer/Updates/nvcpl/nv3dara.chm
.chm
Installer/Updates/nvcpl/nv3dchs.chm
.chm
Installer/Updates/nvcpl/nv3dcht.chm
.chm
Installer/Updates/nvcpl/nv3dcsy.chm
.chm
Installer/Updates/nvcpl/nv3ddan.chm
.chm
Installer/Updates/nvcpl/nv3ddeu.chm
.chm
Installer/Updates/nvcpl/nv3dell.chm
.chm
Installer/Updates/nvcpl/nv3deng.chm
.chm
Installer/Updates/nvcpl/nv3desm.chm
.chm
Installer/Updates/nvcpl/nv3desn.chm
.chm
Installer/Updates/nvcpl/nv3dfin.chm
.chm
Installer/Updates/nvcpl/nv3dfra.chm
.chm
Installer/Updates/nvcpl/nv3dheb.chm
.chm
Installer/Updates/nvcpl/nv3dhun.chm
.chm
Installer/Updates/nvcpl/nv3dita.chm
.chm
Installer/Updates/nvcpl/nv3djpn.chm
.chm
Installer/Updates/nvcpl/nv3dkor.chm
.chm
Installer/Updates/nvcpl/nv3dnld.chm
.chm
Installer/Updates/nvcpl/nv3dnor.chm
.chm
Installer/Updates/nvcpl/nv3dplk.chm
.chm
Installer/Updates/nvcpl/nv3dptb.chm
.chm
Installer/Updates/nvcpl/nv3dptg.chm
.chm
Installer/Updates/nvcpl/nv3drus.chm
.chm
Installer/Updates/nvcpl/nv3dsky.chm
.chm
Installer/Updates/nvcpl/nv3dslv.chm
.chm
Installer/Updates/nvcpl/nv3dsve.chm
.chm
Installer/Updates/nvcpl/nv3dtha.chm
.chm
Installer/Updates/nvcpl/nv3dtrk.chm
.chm
Installer/Updates/nvcpl/nvcpl.chm
.chm
Installer/Updates/nvcpl/nvcplara.chm
.chm
Installer/Updates/nvcpl/nvcplchs.chm
.chm
Installer/Updates/nvcpl/nvcplcht.chm
.chm
Installer/Updates/nvcpl/nvcplcsy.chm
.chm
Installer/Updates/nvcpl/nvcpldan.chm
.chm
Installer/Updates/nvcpl/nvcpldeu.chm
.chm
Installer/Updates/nvcpl/nvcplell.chm
.chm
Installer/Updates/nvcpl/nvcpleng.chm
.chm
Installer/Updates/nvcpl/nvcplesm.chm
.chm
Installer/Updates/nvcpl/nvcplesn.chm
.chm
Installer/Updates/nvcpl/nvcplfin.chm
.chm
Installer/Updates/nvcpl/nvcplfra.chm
.chm
Installer/Updates/nvcpl/nvcplheb.chm
.chm
Installer/Updates/nvcpl/nvcplhun.chm
.chm
Installer/Updates/nvcpl/nvcplita.chm
.chm
Installer/Updates/nvcpl/nvcpljpn.chm
.chm
Installer/Updates/nvcpl/nvcplkor.chm
.chm
Installer/Updates/nvcpl/nvcplnld.chm
.chm
Installer/Updates/nvcpl/nvcplnor.chm
.chm
Installer/Updates/nvcpl/nvcplplk.chm
.chm
Installer/Updates/nvcpl/nvcplptb.chm
.chm
Installer/Updates/nvcpl/nvcplptg.chm
.chm
Installer/Updates/nvcpl/nvcplrus.chm
.chm
Installer/Updates/nvcpl/nvcplsky.chm
.chm
Installer/Updates/nvcpl/nvcplslv.chm
.chm
Installer/Updates/nvcpl/nvcplsve.chm
.chm
Installer/Updates/nvcpl/nvcpltha.chm
.chm
Installer/Updates/nvcpl/nvcpltrk.chm
.chm
Installer/Updates/nvcpl/nvdsp.chm
.chm
Installer/Updates/nvcpl/nvdspdan.chm
.chm
Installer/Updates/nvcpl/nvdspeng.chm
.chm
Installer/Updates/nvcpl/nvdspesm.chm
.chm
Installer/Updates/nvcpl/nvdspesn.chm
.chm
Installer/Updates/nvcpl/nvdspnld.chm
.chm
Installer/Updates/nvcpl/nvdspnor.chm
.chm
Installer/Updates/nvcpl/nvdspptb.chm
.chm
Installer/Updates/nvcpl/nvlic.chm
.chm
Installer/Updates/nvcpl/nvlicARA.chm
.chm
Installer/Updates/nvcpl/nvlicCHS.chm
.chm
Installer/Updates/nvcpl/nvlicCHT.chm
.chm
Installer/Updates/nvcpl/nvlicCSY.chm
.chm
Installer/Updates/nvcpl/nvlicDAN.chm
.chm
Installer/Updates/nvcpl/nvlicDEU.chm
.chm
Installer/Updates/nvcpl/nvlicELL.chm
.chm
Installer/Updates/nvcpl/nvlicENG.chm
.chm
Installer/Updates/nvcpl/nvlicESM.chm
.chm
Installer/Updates/nvcpl/nvlicESN.chm
.chm
Installer/Updates/nvcpl/nvlicFIN.chm
.chm
Installer/Updates/nvcpl/nvlicFRA.chm
.chm
Installer/Updates/nvcpl/nvlicHEB.chm
.chm
Installer/Updates/nvcpl/nvlicHUN.chm
.chm
Installer/Updates/nvcpl/nvlicITA.chm
.chm
Installer/Updates/nvcpl/nvlicJPN.chm
.chm
Installer/Updates/nvcpl/nvlicKOR.chm
.chm
Installer/Updates/nvcpl/nvlicNLD.chm
.chm
Installer/Updates/nvcpl/nvlicNOR.chm
.chm
Installer/Updates/nvcpl/nvlicPLK.chm
.chm
Installer/Updates/nvcpl/nvlicPTB.chm
.chm
Installer/Updates/nvcpl/nvlicPTG.chm
.chm
Installer/Updates/nvcpl/nvlicRUS.chm
.chm
Installer/Updates/nvcpl/nvlicSKY.chm
.chm
Installer/Updates/nvcpl/nvlicSLV.chm
.chm
Installer/Updates/nvcpl/nvlicSVE.chm
.chm
Installer/Updates/nvcpl/nvlicTHA.chm
.chm
Installer/Updates/nvcpl/nvlicTRK.chm
.chm
Installer/Updates/nvcpl/nvmob.chm
.chm
Installer/Updates/nvcpl/nvmobara.chm
.chm
Installer/Updates/nvcpl/nvmobchs.chm
.chm
Installer/Updates/nvcpl/nvmobcht.chm
.chm
Installer/Updates/nvcpl/nvmobcsy.chm
.chm
Installer/Updates/nvcpl/nvmobdan.chm
.chm
Installer/Updates/nvcpl/nvmobdeu.chm
.chm
Installer/Updates/nvcpl/nvmobell.chm
.chm
Installer/Updates/nvcpl/nvmobeng.chm
.chm
Installer/Updates/nvcpl/nvmobesm.chm
.chm
Installer/Updates/nvcpl/nvmobesn.chm
.chm
Installer/Updates/nvcpl/nvmobfin.chm
.chm
Installer/Updates/nvcpl/nvmobfra.chm
.chm
Installer/Updates/nvcpl/nvmobheb.chm
.chm
Installer/Updates/nvcpl/nvmobhun.chm
.chm
Installer/Updates/nvcpl/nvmobita.chm
.chm
Installer/Updates/nvcpl/nvmobjpn.chm
.chm
Installer/Updates/nvcpl/nvmobkor.chm
.chm
Installer/Updates/nvcpl/nvmobnld.chm
.chm
Installer/Updates/nvcpl/nvmobnor.chm
.chm
Installer/Updates/nvcpl/nvmobplk.chm
.chm
Installer/Updates/nvcpl/nvmobptb.chm
.chm
Installer/Updates/nvcpl/nvmobptg.chm
.chm
Installer/Updates/nvcpl/nvmobrus.chm
.chm
Installer/Updates/nvcpl/nvmobsky.chm
.chm
Installer/Updates/nvcpl/nvmobslv.chm
.chm
Installer/Updates/nvcpl/nvmobsve.chm
.chm
Installer/Updates/nvcpl/nvmobtha.chm
.chm
Installer/Updates/nvcpl/nvmobtrk.chm
.chm
Installer/modules/Intro.bk2
Installer/modules/SW_Intro.uasset

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 756KB - Virtual size: 755KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 756KB - Virtual size: 755KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B