setup[.]exe | Triage

Sharing

General

Target

setup.exe
Size

7KB
MD5

24d8f60111e8db49789e0582e3f69146
SHA1

70d1eb3898bbf2efce3f70d7e8782546a01de251
SHA256

0397446de827fc7c5e161061fafb5e1a72847a9d653a675c7b2ae7b687c620c8
SHA512

2b8c4065423aa095a121650d92fec94d67cf6afc4e260a5ff3a413513967feffc61668b0840f69aeb4ab5956e5a793b5033b5600002d7d81e3b4594b083b4e05
SSDEEP

192:5gUnRiZuUuMva6P93LAzq72i2LqPXbX/:lzlMv33LGDiY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

setup.exe

Files

setup.exe
.exe windows:4 windows x64 arch:x64

168819debd607a76e24e61fc481cc1c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

memset
srand
rand
_time64
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

kernel32

VirtualAlloc

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ