install[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

install.exe
Size

53.3MB
MD5

d20956e42655be21eb06b6a0a3fc3d1c
SHA1

f51c51f29a94f3eef9b5b96273d74c9006695b90
SHA256

caadbbe8113ed92500220fa77f6817f39d1e29d5126dd4dbe95c38874668733d
SHA512

55265deb869ac2022eefda3200d33b6ae925aaf0c0076d97a78625c632ecd03dc36b1b85bacbc99c9a899876edb6b6556508fe5674777917e2652ac0dfc655be
SSDEEP

1572864:U9QvS4DSyyddU0R9DzVQJbXm2q0Emjhxf:7hRyFDDzVubPq0EAxf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
install.exe

Files

install.exe
.exe windows:4 windows x86 arch:x86

690514ad392c010a08adaf814f2dd5a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
CloseHandle
GetFileSize
CreateFileA
DeleteFileA
GetExitCodeProcess
WaitForSingleObject
GetCurrentDirectoryA
lstrcmpiA
GetEnvironmentVariableA
GetConsoleTitleA
GetNumberFormatA
GetProcAddress
LoadLibraryA
GetDiskFreeSpaceA
GetVersionExA
CreateProcessA
GetCommandLineA
FindClose
FindFirstFileA
GetLastError
GetModuleFileNameA
RemoveDirectoryA
CreateDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetLocaleInfoA
SetFileAttributesA
FindNextFileA
LoadResource
FindResourceA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetEndOfFile
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetTempPathA
GetLongPathNameA
GetStringTypeA
GetSystemInfo
VirtualProtect
IsBadCodePtr
SetFileTime
DosDateTimeToFileTime
GetTimeZoneInformation
RtlUnwind
SetStdHandle
GetFileType
RaiseException
GetSystemTimeAsFileTime
WideCharToMultiByte
HeapFree
GetModuleHandleA
GetStartupInfoA
MoveFileA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
WriteFile
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointer
ReadFile
GetACP
GetOEMCP
GetCPInfo
InterlockedExchange
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
GetLocaleInfoW

user32

GetWindowLongA
SetTimer
DrawTextA
EndDialog
KillTimer
LoadStringA
SetDlgItemTextA
GetDlgItem
DispatchMessageA
TranslateMessage
PeekMessageA
PostQuitMessage
DefWindowProcA
FindWindowA
ShowWindow
GetKeyState
LoadIconA
LoadCursorA
RegisterClassExA
DialogBoxParamA
SendMessageA

gdi32

GetStockObject

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

690514ad392c010a08adaf814f2dd5a2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 92KB - Virtual size: 89KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 92KB - Virtual size: 89KB