Install[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Install.exe
Size

6.8MB
MD5

234a64b2b32503ad9a53cb00678dc07d
SHA1

9555498d809d6fd16b47bca83f02663deba09bc8
SHA256

267f3f7e12b85c510b0fde7e8d451b73f9c7c0fcbab156195673c672125c1b7d
SHA512

5417c594448d9eaadc30f98ed7c22da1f5a3c33ecb46ce120a5764ebeac88c8ee49ee49005acc91f8342d3abf55cf095a52e7c6d4aa4e2a01a0c3dd197090acd
SSDEEP

98304:odhidzqlHgOh3kQhlUeExAyvo+jQPNIyWZg/Br+P2nf3nazzRZRXYAmedCxdCzoI:giDwfiMFITK/BK2f3A1ZNYedYEoyF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Install.exe

Files

Install.exe
.exe windows:6 windows x86 arch:x86

a61c01cdf83182ec15e6e7fa93bcef5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualFree
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
OutputDebugStringW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
HeapSize
GetModuleHandleExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
HeapAlloc
LoadLibraryExW
ExitThread
CreateThread
CreateSemaphoreW
ReleaseSemaphore
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
SetStdHandle
WriteConsoleW
ReadConsoleW
LoadLibraryW
CreateFileW
DeleteFileW
GetVersion
EnumResourceTypesW
GetSystemInfo
RemoveDirectoryW
LockResource
GetThreadLocale
SetThreadLocale
SetThreadPriority
FormatMessageW
ReadProcessMemory
Sleep
VirtualQueryEx
SignalObjectAndWait
CreateDirectoryW
LoadResource
FindFirstFileW
FindResourceW
GetSystemDefaultUILanguage
GetFileSize
GetLastError
SwitchToThread
lstrcpyW
ResumeThread
SuspendThread
GetWindowsDirectoryW
IsDebuggerPresent
QueryDosDeviceW
GetDiskFreeSpaceW
GetCPInfoExW
GetPrivateProfileIntW
GetFileAttributesW
GetExitCodeProcess
GetVersionExW
GetUserDefaultLangID
SystemTimeToFileTime
SetErrorMode
ExitProcess
GetProcAddress
GetModuleHandleW
GetTickCount
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
CreateEventW
WideCharToMultiByte
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
HeapFree
GetCommandLineW
RaiseException
RtlUnwind
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount

user32

ShowOwnedPopups
GetMessageA
GetWindowRect
CharUpperBuffW
GetMessageW
SetCapture
PostMessageW
MsgWaitForMultipleObjects
GetSubMenu
MessageBeep
ShowCaret
SetScrollRange
GetQueueStatus
GetCapture
MessageBoxA
LoadMenuW
SetScrollPos
SetWindowLongW
RedrawWindow
DestroyCaret
GetSysColor
EnumChildWindows
ShowWindow
IsDlgButtonChecked
GetMenuItemCount
FlashWindow
CreateWindowExW
GetDlgItemTextW
SendMessageW
UpdateWindow
GetKeyboardState
DialogBoxParamA
SetWindowTextW
SetDlgItemTextA
CheckMenuItem
RegisterClassA
ToAsciiEx
SetCursor
GetDlgItemInt
SetWindowRgn
SetTimer
HideCaret
SendDlgItemMessageA
TrackPopupMenu
SetKeyboardState
DeleteMenu
AttachThreadInput
DrawTextExW
GetDoubleClickTime
WaitMessage
GetDC
ShowCursor
GetMenu
OffsetRect
GetWindowLongA
PeekMessageA
SetClassLongA
CharUpperW
DefWindowProcA
GetDesktopWindow
CheckDlgButton
SetMenu
GetSysColorBrush
IsWindow
GetKeyboardType
CheckRadioButton
InsertMenuW
GetSystemMetrics
SetCaretPos
GetDlgCtrlID
SetScrollInfo
ValidateRect
EnableWindow

gdi32

GetBitmapBits
ExtCreatePen
MoveToEx
LineTo
SetTextColor
DeleteDC
CreateHalftonePalette
SelectClipRgn
PolyPolyline
CreateRectRgnIndirect
SetMapMode
CreateCompatibleBitmap
Rectangle
SaveDC
GetCurrentPositionEx
SetPaletteEntries
GetTextExtentPointA
GetCharABCWidthsFloatA
GetSystemPaletteEntries
CreateDIBitmap
CreateSolidBrush
BitBlt
TranslateCharsetInfo
GetWindowOrgEx
GetTextExtentPoint32W
CreateFontIndirectA
GetDIBits
CreatePalette
CreateBitmap
CreatePenIndirect
RealizePalette
CreateRectRgn
Polyline
RectVisible
RoundRect
EndDoc
GetStockObject
ExtTextOutA
SetPixel

comdlg32

FindTextW
GetSaveFileNameW

advapi32

GetLengthSid
RegConnectRegistryW
QueryServiceStatus
StartServiceW
RegGetKeySecurity
EqualSid
RegLoadKeyW
RegEnumKeyExW
RegQueryInfoKeyW

shell32

CommandLineToArgvW
ShellExecuteExW
ExtractIconExW

oleaut32

SysFreeString
VariantChangeType
VariantClear
SafeArrayGetUBound
SysAllocStringLen

Sections

.text
Size: 804KB - Virtual size: 803KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ohGjY
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a61c01cdf83182ec15e6e7fa93bcef5a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 804KB - Virtual size: 803KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 7KB

.ohGjY Size: 2KB - Virtual size: 2KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 804KB - Virtual size: 803KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 7KB

.ohGjY
Size: 2KB - Virtual size: 2KB

.reloc
Size: 17KB - Virtual size: 16KB