setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

setup.exe
Size

704KB
MD5

bb932d9567867d60638792c6a08b75db
SHA1

1dc779447b11f10424a85b3100cb6c07ea9ced1f
SHA256

3c662f2bff5138075820eb3c92f9280024131605ebe696b23e0a7b872cc16a28
SHA512

1536929714eec01ea69367e5e87c97f3373f8c6a4f1c3cc6490382eeecab7cc1e002c730791246b1e0a7594697f01435044ca8091d930aaf83bd610b858346de
SSDEEP

3072:QZd+Js/A/rzmDIPPkG2eFw0q9e0OwLEjTBfC5stiQLefYk8:Qn/A/rzmDIPPaerq9eS0TBq5zQLE8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
setup.exe

Files

setup.exe
.exe windows:4 windows x86 arch:x86

165d42b42842143a35b9167f1c389341

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
PlaySoundA

kernel32

GetWindowsDirectoryA
GetLongPathNameA
GetModuleFileNameA
GetVolumeInformationA
GetDriveTypeA
GetDiskFreeSpaceExA
MultiByteToWideChar
ReadFile
CopyFileA
Sleep
GetTempPathA
_lclose
_lwrite
_lread
_llseek
OpenFile
WritePrivateProfileStringA
GlobalFree
GetPrivateProfileStringA
lstrlenA
lstrcpyA
GlobalAlloc
GetShortPathNameA
lstrcatA
MoveFileExA
SetFileTime
GetFileTime
GetFileAttributesA
GetCurrentDirectoryA
FlushFileBuffers
WriteFile
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LCMapStringW
LCMapStringA
SetStdHandle
InitializeCriticalSection
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
FindFirstFileA
FindClose
SetFileAttributesA
DeleteFileA
CreateThread
CreateFileA
ExitThread
GetFileSize
CloseHandle
GetVersionExA
CreateDirectoryA
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLastError
SetEnvironmentVariableA
SetCurrentDirectoryA
RemoveDirectoryA
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapSize
ExitProcess
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
SetFilePointer
GetEnvironmentStrings

user32

MoveWindow
PostQuitMessage
DefWindowProcA
SendMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
FindWindowExA
PostMessageA
DialogBoxParamA
EnableWindow
LoadImageA
EndDialog
SystemParametersInfoA
GetWindowRect
ShowWindow
GetDlgItem
SetWindowTextA
wsprintfA
FindWindowA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
MessageBoxA

gdi32

CreateFontA
SelectObject
SetTextColor
SetBkMode
DeleteObject
GetStockObject
SetBkColor

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

165d42b42842143a35b9167f1c389341

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 108KB - Virtual size: 106KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 210KB

.rsrc Size: 552KB - Virtual size: 551KB

.text
Size: 108KB - Virtual size: 106KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 210KB

.rsrc
Size: 552KB - Virtual size: 551KB