Sеtup[.]exe | Triage

Sharing

General

Target

Sеtup.exe
Size

323.3MB
MD5

6df29be38e9a0db0d0ed49ea4b68457a
SHA1

1dcff1dc6e28216198bc4c50c3bb107d86abac67
SHA256

3a2c45ceb50e94157e6b05fa540e393a187f5151354e00356b494a4d37ca6401
SHA512

41049e15a80d957d45a561e65505caa8779cdbf4cf0ef21c06c669d9d71d3e0c80c20558de833f4aa1c8f03b0348a35b85ca07556da1192faf9ad8ea049e5f9b
SSDEEP

98304:ywIQH5/j2nzMZfcOU4y/7Z8fsV4fMRRiztuP3BHMOTF0:ywIsDZUTl/14sqs6MCOTF0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Sеtup.exe

Files

Sеtup.exe
.exe windows:6 windows x86 arch:x86

77fb613f289235b54d224cc3b10c91dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

Sections

.text
Size: - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

[0]
Size: 317.8MB - Virtual size: 317.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.-4E
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.-z@
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.>l9
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ