UC232A_Windows_Setup_V1[.]0[.]082[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

UC232A_Windows_Setup_V1.0.082.exe
Size

3.9MB
MD5

42cbe3895aa408b26397b89f585a175e
SHA1

a693ff1d83e33abf8775c1378d77a95eb0807d7c
SHA256

f3877300d14e34248db1986ebe316d1c18c0fd1c4a1a245ab0f7fceeb48cf16a
SHA512

346792e2dcf320e753a726680316c1338a96c5699a0788f96e1a83d85e11d309cef7c71037144748bbe11e8618ad911e5a5082f0935a36e3a2e5821bf1dc69ae
SSDEEP

98304:0JApDKVXLqadq+LjBVXBClRh8jz4jIq2/Zhoz4S/Hd13ravvN:0WKlBdfpjCj1jIRebGvN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume4/Vandana Old/Vandana/New folder (4)/Product_Documents/Ecomedics/Produktion_Spiroware3.2.1/Support_Tools/Driver/uc232a_windows_setup_v1.0.082/UC232A_Windows_Setup_V1.0.082.exe

Files

UC232A_Windows_Setup_V1.0.082.exe
.zip

Password: India@2023@@
Device/HarddiskVolume4/Vandana Old/Vandana/New folder (4)/Product_Documents/Ecomedics/Produktion_Spiroware3.2.1/Support_Tools/Driver/uc232a_windows_setup_v1.0.082/UC232A_Windows_Setup_V1.0.082.exe
.exe windows:5 windows x86 arch:x86

Password: India@2023@@

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 3.9MB - Virtual size: 55.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
manifest.json