SWTOR_setup[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SWTOR_setup.exe
Size

3.1MB
MD5

5f255b47ca9cc3b26f2aec8bd50534c0
SHA1

1821e65a3e8d8cf4effa055f67eabfc6b64a44b6
SHA256

ffe0c1aaea8dfcc8bda3adc3efa49e099d5e315d40f16e62462e808c2c76cb47
SHA512

ea8ce88708ef623358c9724ced0137ec875e741ae50d964b2bf7576e27acfacd868e144359db8cfd37850f21c03d857df0c3fff01a8a16d21303047c752e6818
SSDEEP

49152:6nRu7vATeCqgbE7zU5Hk8XpTgqQieYoTfLeNW1BS+NviAZ4jL8MN:eT1tZk8XdO7yEeiic438k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SWTOR_setup.exe

Files

SWTOR_setup.exe
.exe windows:6 windows x86 arch:x86

112007911b51fa48d37acc01b62cfd0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\buildbox\Source\gitlab-runner\builds\DEZypWek\0\snxd\solid\host\Release\host.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoExW
GetFileVersionInfoSizeExW

kernel32

ResetEvent
GetCurrentProcess
TerminateProcess
GetModuleHandleW
CompareStringW
GlobalAlloc
GlobalFree
GetLastError
DeleteFileW
SetEnvironmentVariableW
GetCommandLineW
QueryDosDeviceW
SetConsoleCtrlHandler
HeapFree
GetStdHandle
WriteFile
DeviceIoControl
InitializeProcThreadAttributeList
GetProcessId
GetEnvironmentVariableW
WaitForSingleObject
LocalAlloc
CreateFileW
GetSystemDirectoryW
GetModuleHandleA
OpenProcess
CreateToolhelp32Snapshot
MoveFileWithProgressW
UpdateProcThreadAttribute
Process32NextW
CreateFileA
Process32FirstW
CloseHandle
FreeConsole
LoadLibraryW
DeleteProcThreadAttributeList
HeapAlloc
GetWindowsDirectoryW
GetProcAddress
LocalFree
GetProcessHeap
GlobalMemoryStatusEx
CreateProcessW
SetThreadExecutionState
AllocConsole
SetConsoleTitleW
IsDebuggerPresent
GetExitCodeProcess
CreateDirectoryW
GetFileInformationByHandleEx
FindFirstFileW
FindNextFileW
GetDiskFreeSpaceW
RemoveDirectoryW
SetFileTime
GetModuleFileNameW
GetLocaleInfoEx
SetThreadPriority
SetEndOfFile
GetTempPathW
FindClose
GetFileAttributesW
GetCurrentThreadId
SetFileAttributesW
Sleep
GetFileAttributesExW
SetFileInformationByHandle
FileTimeToSystemTime
GetCurrentThread
GetNativeSystemInfo
RaiseException
GetCurrentDirectoryW
GetOverlappedResult
MoveFileExW
GetCurrentProcessId
SystemTimeToFileTime
FreeLibrary
CopyFileExW
VirtualQuery
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
ReadFile
SetFilePointerEx
MulDiv
GetTickCount64
IsProcessorFeaturePresent
CreateEventW
SetEvent
IsBadReadPtr
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SetLastError
SetHandleInformation
CreateNamedPipeW
CreatePipe
PeekNamedPipe
DisconnectNamedPipe
WaitNamedPipeW
ConnectNamedPipe
FlushFileBuffers
ReleaseSemaphore
OpenSemaphoreW
CreateSemaphoreW
RtlCaptureContext
TerminateThread
CreateThread
VirtualQueryEx
SetUnhandledExceptionFilter
SetNamedPipeHandleState
WaitForMultipleObjects
TransactNamedPipe
GetSystemInfo
VirtualProtect
LoadLibraryExA
UnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
EncodePointer
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
ExitProcess
GetModuleHandleExW
SetStdHandle
GetFileType
ExitThread
FreeLibraryAndExitThread
MultiByteToWideChar
WideCharToMultiByte
GetTimeZoneInformation
LCMapStringW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
WriteConsoleW
GetFileSizeEx
HeapSize
HeapReAlloc
DecodePointer
FlushInstructionCache

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

112007911b51fa48d37acc01b62cfd0b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 290KB - Virtual size: 290KB

.data Size: 17KB - Virtual size: 26KB

.rsrc Size: 176KB - Virtual size: 175KB

.reloc Size: 78KB - Virtual size: 78KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 290KB - Virtual size: 290KB

.data
Size: 17KB - Virtual size: 26KB

.rsrc
Size: 176KB - Virtual size: 175KB

.reloc
Size: 78KB - Virtual size: 78KB