Win[.]Installer[.]x32-x64[.]bit[.]exe | Triage

Sharing

General

Target

Win.Installer.x32-x64.bit.exe
Size

118.5MB
MD5

2c9183c740c7569a095ec4152112558a
SHA1

850e2c43d838331ccf521cc48cd64d5da80ed6c7
SHA256

611c27e0730ee39045837dc97a8c6762e19ddde28f829fb315666ab062814ddd
SHA512

10e5904130cf22713f180107b0d3cc813db3cbfd2cce525ee61fcaf84bca114c21e8e5873890e5350e2a47a2f70085c29fd41544a5f14fcfd5d91a9947e7ba30
SSDEEP

12288:vrZSt3KUdrYDlY5w/XKB+2sWaWdT/ahUxo0+Kmo0lMl1sR4PkiLU8SEn06s:jAWnK8I/aAVmthB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Win.Installer.x32-x64.bit.exe

Files

Win.Installer.x32-x64.bit.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ