setup[.]exe | Triage

Resubmissions

11/06/2024, 09:48

240611-lsyw5ssejd 8

11/06/2024, 09:29

240611-lfzmxasfjr 8

Sharing

Copy URL Twitter E-mail

General

Target

setup.exe
Size

6.6MB
MD5

73497052b22ce0b84cef751efaa8708f
SHA1

199281e160c16401689bcc6b6251e64773983a9d
SHA256

753da91bceed5fdb323aa7783e55c1e33cea15ac48cacbfd58c3dd5afcdf2331
SHA512

e6bc84aacb378e33e6d0230719af891d5a8175ecf133e9f4894e40eb01e0b4631d550370f7b12b7d399242dee40876bf1cc0df1b73a37f669b80e2fc441af644
SSDEEP

98304:wfTtOCZ0+khtwda8KJps78C236dvFiSyORRYn1llZFP826nqAzFaJ+6RiQ:8yAaJJiT22FR1whFP4FaJ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
setup.exe

Files

setup.exe
.exe windows:6 windows x86 arch:x86

583d955896cb8b92bada78fb469a5fe9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
LoadLibraryW
SetStdHandle
WriteConsoleW
Sleep
SwitchToThread
GetUserDefaultUILanguage
IsDebuggerPresent
GetThreadPriority
EnumResourceTypesW
SetThreadLocale
GetTempPathW
GetExitCodeProcess
HeapDestroy
GetPrivateProfileStringW
VerSetConditionMask
GetSystemDefaultUILanguage
GetDriveTypeW
RtlCaptureContext
EncodePointer
SetFilePointer
FileTimeToSystemTime
VerifyVersionInfoW
lstrcpynW
HeapCreate
GetVersionExW
FormatMessageW
ReadProcessMemory
VirtualQueryEx
InterlockedFlushSList
FindFirstFileW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DecodePointer
GetLastError
HeapReAlloc
GetCommandLineW
RaiseException
RtlUnwind
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
CreateThread
ExitThread
LoadLibraryExW
HeapFree
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
SetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
HeapAlloc
GetProcessHeap
IsValidCodePage
GetACP
GetOEMCP
CreateFileW

user32

GetMessageW
ShowWindow
CreateWindowExW
UpdateWindow
GetDlgItemInt
MapDialogRect
DeleteMenu
GetScrollInfo
SetScrollPos
PeekMessageA
CharUpperW
SetWindowsHookExA
HideCaret
SetMenu
CreatePopupMenu
SendMessageW
LoadCursorA
SetTimer
CharNextW
IsZoomed
GetMenuStringW
SetFocus
ModifyMenuW
GetDC
GetKeyboardLayout
GetWindowLongA
GetWindowTextW
SetClassLongA
ScrollWindow
SetWindowLongW
EndDialog
DefWindowProcA
GetDesktopWindow
GetCaretBlinkTime
CheckDlgButton

gdi32

BitBlt
PatBlt
LineTo
CreateFontIndirectW
GetDIBits
ExcludeClipRect
CreateBrushIndirect
GetObjectType
GetCurrentPositionEx
GetPixel
EndDoc
GetStockObject
DeleteDC
SetPixel
CreatePalette
CreatePenIndirect
RealizePalette
CreateDIBitmap
RestoreDC
ExtCreatePen

comdlg32

GetOpenFileNameW

advapi32

GetLengthSid
RegSetValueExW
AllocateAndInitializeSid
RegConnectRegistryW
InitializeSecurityDescriptor
RegQueryInfoKeyW
ControlService

shell32

ShellExecuteExW
Shell_NotifyIconW

oleaut32

SysFreeString
VariantInit
SysReAllocStringLen
VariantChangeType

Sections

.text
Size: 654KB - Virtual size: 653KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

583d955896cb8b92bada78fb469a5fe9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 654KB - Virtual size: 653KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 5KB - Virtual size: 5KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 654KB - Virtual size: 653KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 5KB - Virtual size: 5KB

.reloc
Size: 15KB - Virtual size: 14KB