Static task
static1
General
-
Target
SetupFile_842561.exe
-
Size
7.7MB
-
MD5
2c0e8ba289a30028db3330967f9ccfd9
-
SHA1
32e16dcb2beb343b85c2d1ab95aa4aeab5265e37
-
SHA256
9aee356c95b601e151c1510735f907db40a383835259a54aa4665bd8818fa291
-
SHA512
e06f18e79264093d6fb965b25eb961a4135b880c36d570d7b5e01299a225e91915adea431f3a63293c19a0e353e3d00b1ff143f24053961405e3281c9ab015d3
-
SSDEEP
196608:8288p8RT3OgtMwVajd4nXhE7OUGCZvb+CV4i8JRzY6SKH:8288+T3O6I2nXhE7OUGClb+CV4vD7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SetupFile_842561.exe
Files
-
SetupFile_842561.exe.exe windows:6 windows x86 arch:x86
3edeaff8abef40c004b6f29fa270bade
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetStartupInfoW
LCMapStringW
SetStdHandle
FindClose
VirtualAlloc
TlsFree
GetTickCount
SetEvent
MoveFileExW
EnterCriticalSection
CreateFileW
GetCurrentDirectoryA
GetProcessAffinityMask
FindFirstFileW
SetLastError
GetProcAddress
FindNextFileW
SetFileAttributesW
GetSystemDirectoryW
GetModuleHandleW
HeapReAlloc
FormatMessageW
SetCurrentDirectoryW
RemoveDirectoryA
FreeEnvironmentStringsW
GetFileSize
UnhandledExceptionFilter
LoadLibraryA
ReadFile
WideCharToMultiByte
WakeAllConditionVariable
FreeLibraryAndExitThread
GetTempPathW
WriteConsoleW
GetACP
ReleaseSemaphore
TryAcquireSRWLockExclusive
HeapAlloc
SetFilePointerEx
CreateThread
TlsSetValue
GetCurrentThreadId
LocalFree
WaitForSingleObject
GetSystemInfo
IsProcessorFeaturePresent
GetVersionExA
TlsGetValue
LeaveCriticalSection
FindNextFileA
GlobalMemoryStatus
CloseHandle
CreateDirectoryA
GetFileType
CreateFileA
VirtualFree
HeapSize
GetCurrentDirectoryW
GetCurrentProcess
RaiseException
FindFirstFileA
GetModuleFileNameW
IsDebuggerPresent
QueryPerformanceFrequency
GetEnvironmentStringsW
LoadLibraryExW
SetCurrentDirectoryA
DeleteCriticalSection
GetProcessHeap
GetModuleFileNameA
GetCPInfo
CreateSemaphoreA
GetCommandLineA
SetUnhandledExceptionFilter
FreeLibrary
GetConsoleMode
RemoveDirectoryW
RtlUnwind
GetFileAttributesA
AcquireSRWLockExclusive
GetFileInformationByHandle
DeleteFileW
FlushFileBuffers
GetTickCount64
FindFirstFileExA
SetFilePointer
GetLastError
QueryPerformanceCounter
GetModuleHandleA
EncodePointer
InitializeCriticalSection
GetCurrentProcessId
LoadLibraryW
SetFileAttributesA
AreFileApisANSI
DecodePointer
GetModuleHandleExW
SetFileTime
CreateEventA
CreateDirectoryW
CreateProcessA
SetEndOfFile
ExitProcess
ResetEvent
IsBadReadPtr
DeleteFileA
IsValidCodePage
GetTempPathA
ReleaseSRWLockExclusive
GetSystemTimeAsFileTime
TerminateProcess
InitializeCriticalSectionEx
GetFileAttributesW
HeapFree
GetTempFileNameW
FormatMessageA
Sleep
GetOEMCP
WriteFile
GetStdHandle
GetVersion
GetCommandLineW
TlsAlloc
GetConsoleCP
GetStringTypeW
MultiByteToWideChar
InitializeSListHead
ExitThread
InitializeCriticalSectionAndSpinCount
user32
DialogBoxParamA
CharUpperW
LoadStringA
LoadIconA
SetWindowTextA
CharUpperA
KillTimer
GetDlgItem
DialogBoxParamW
EndDialog
MessageBoxA
GetWindowLongA
SetTimer
ShowWindow
LoadStringW
SetWindowLongA
MessageBoxW
SendMessageA
PostMessageA
DestroyWindow
SetWindowTextW
shell32
ShellExecuteExA
oleaut32
VariantClear
SysAllocStringLen
SysStringLen
advapi32
CloseServiceHandle
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 570KB - Virtual size: 582KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ