1714654664[.]9576216_setup[.]exe | Triage

Sharing

General

Target

1714654664.9576216_setup.exe
Size

3.5MB
MD5

9c773ca35120d278e934beaa281ee353
SHA1

b9d6b488006eb05f85d790b12144309ab2d4be67
SHA256

7ced2a74467a6c893720a90362b09991fea0eba0f682556fd15f08a9fd7a9ac9
SHA512

9a33b36ca3215dbd2e37ad343bb627173f3985bc44162552354b5eec5f725fac0b1db985a7df2fef7fcf046f2b3b2e5473c377344470395e4f1284f4e2c6bebf
SSDEEP

98304:42b6HbvKrNUkWvjPJ6taLV18tRN8dru7C3mXWVwnw:42OHbSrikO12aX8twdeC3Vo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

1714654664.9576216_setup.exe

Files

1714654664.9576216_setup.exe
.exe windows:6 windows x64 arch:x64

fd1076cf47b8d093e1c56ba8f7971e46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CoInitializeEx

oleaut32

VariantClear

Sections

.MPRESS1
Size: 3.1MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE