Overview

overview

5

Static

static

3

PSSetupCli...er.exe

windows7-x64

4

PSSetupCli...er.exe

windows10-2004-x64

4

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

PulseCompM...er.exe

windows7-x64

4

PulseCompM...er.exe

windows10-2004-x64

4

PulseCompMgr.exe

windows7-x64

1

PulseCompMgr.exe

windows10-2004-x64

1

uninstall.exe

windows7-x64

5

uninstall.exe

windows10-2004-x64

5

PulseSetupClient.exe

windows7-x64

1

PulseSetupClient.exe

windows10-2004-x64

1

PulseSetup...64.dll

windows7-x64

1

PulseSetup...64.dll

windows10-2004-x64

1

PulseSetupDLL.dll

windows7-x64

1

PulseSetupDLL.dll

windows10-2004-x64

3

PulseSetupXP.exe

windows7-x64

4

PulseSetupXP.exe

windows10-2004-x64

4

dsmmf.exe

windows7-x64

1

dsmmf.exe

windows10-2004-x64

1

dsmmfres_de.dll

windows7-x64

1

dsmmfres_de.dll

windows10-2004-x64

1

dsmmfres_es.dll

windows7-x64

1

dsmmfres_es.dll

windows10-2004-x64

1

dsmmfres_fr.dll

windows7-x64

1

dsmmfres_fr.dll

windows10-2004-x64

1

dsmmfres_ja.dll

windows7-x64

1

dsmmfres_ja.dll

windows10-2004-x64

1

dsmmfres_ko.dll

windows7-x64

1

dsmmfres_ko.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    PSSetupClientInstaller.exe

  • Size

    2.1MB

  • MD5

    e0014ae1332b7088dc55594c9ec7b46b

  • SHA1

    673e1076a420f189845cea023e6daf29490c357b

  • SHA256

    35ff83f6c044dfd621c0a0c95626d934b099e729bdd27f100f82f909fdef9a26

  • SHA512

    3cfe3e87751635c9bafe884a537180bfe5058a3a90aab50b9055eb2af00a63e989538c195d966e666d8035cd5fa8088b92ea783a45c397579313900323b820f0

  • SSDEEP

    49152:q/bHUvqC+nDukszyw//57U5V//8tMvyG+7l4:ebozyw//57U5VXYwyG+7l

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 8 IoCs
    installer

Files

  • PSSetupClientInstaller.exe
    .exe windows:4 windows x86 arch:x86

    e037327a20e5c7520a608e1a32477275


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    46f8b6973f33717335c0f6d8087de67b


    Headers

    Imports

    Exports

    Sections

  • PulseCompMgrInstaller.exe
    .exe windows:4 windows x86 arch:x86

    e037327a20e5c7520a608e1a32477275


    Code Sign

    Headers

    Imports

    Sections

  • PulseCompMgr.exe
    .exe windows:6 windows x86 arch:x86

    0c04b48ab439e0b9a4dbcb08f9c27485


    Code Sign

    Headers

    Imports

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    e037327a20e5c7520a608e1a32477275


    Code Sign

    Headers

    Imports

    Sections

  • PulseSetupClient.exe
    .exe windows:6 windows x86 arch:x86

    6ac2f122a55040eede272d3517a699f5


    Code Sign

    Headers

    Imports

    Sections

  • PulseSetupClientDLL64.dll
    .dll windows:6 windows x64 arch:x64

    0566526b2cab9235aa1ad5d068b66ad1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • PulseSetupDLL.dll
    .dll windows:6 windows x86 arch:x86

    699458d5de958d2723760120d23f2864


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • PulseSetupXP.exe
    .exe windows:4 windows x86 arch:x86

    af516d6965d6ee9963f812f05ff8a183


    Code Sign

    Headers

    Imports

    Sections

  • dsmmf.exe
    .exe windows:6 windows x86 arch:x86

    1be1648de818a52763e53d9749f58a4a


    Code Sign

    Headers

    Imports

    Sections

  • dsmmfres_de.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • dsmmfres_es.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • dsmmfres_fr.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • dsmmfres_ja.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • dsmmfres_ko.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • dsmmfres_zh.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • dsmmfres_zh_cn.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • setupResource_de.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • setupResource_en.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • setupResource_es.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • setupResource_fr.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • setupResource_ja.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • setupResource_ko.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • setupResource_zh.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • setupResource_zh_cn.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    e037327a20e5c7520a608e1a32477275


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections