Setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Setup.exe
Size

312KB
MD5

a6373f05101de2b8d00fc54c7d9af51e
SHA1

e99f4e7c57d089022f137b92f4e9f14b57844f61
SHA256

5445c20c6524891c9ae5d1f5d3b87b8249e332804d98166b664369fc344fdd71
SHA512

ca2c885db7936b272d6b9a9962e922cb0e09ab833d1c311844b554fa594c3b4a3649861fee7bd1d4d9b4f892621007ec24b0fb8200f38143441b1c61c11033cc
SSDEEP

6144:2/8zM/Csy8N6kd9CohZMT6Tssn8P6SBB+iMx9868/YyDCw4MvMaWe61:/zM/s8QkdcoE6TbpxQYyWwBvMg4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Setup.exe

Files

Setup.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ