Setup_v1[.]41[.]7z

Resubmissions

25-08-2024 04:07

240825-epp2havaqh 5

25-08-2024 04:00

240825-ekzedawbpq 10

Sharing

Copy URL

Twitter E-mail

General

Target

Setup_v1.41.7z
Size

2.5MB
MD5

ed9b314430a527c013275d08ca755822
SHA1

1ccd1dd3432823de2f378962660634238bde436c
SHA256

74795b1a01f8647a57e5e51e0a392d69d8af686ec629c6a63c55a88842c2cffa
SHA512

373f92fd87e2760500f9462d845d7cea39bb0cc32dcad662cd330832d242e17c3a93e16a7c5f449d6d2dd6c5cb19bf29c28aee88ae223bd8d1777a671e2dad13
SSDEEP

49152:vOtwn65aHqqREDYJHgjUZcqhP1Z7uNMyx0xobEO/ujUsXtrq8zTVi:GtuCM2DwyG51ZiNMy6mbEGujUsX1zA

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Setup/D3dx9_41.dll
unpack002/Setup/Setup_v1.41.exe
unpack002/Setup/Shell64.dll
unpack002/Setup/tabs.dll

Files

Setup_v1.41.7z
.7z
Setup.7z
.7z
Setup/D3dx9_41.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\mahapps-metro-iconpacks\src\MahApps.Metro.IconPacks\obj\Release\MahApps.Metro.IconPacks.Material\net47\MahApps.Metro.IconPacks.Material.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/README.txt
Setup/Setup_v1.41.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\905ewqul0nvsv4\obj\Release\doX.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/Shell64.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\mahapps-metro-iconpacks\src\MahApps.Metro.IconPacks\obj\Release\MahApps.Metro.IconPacks.SimpleIcons\net47\MahApps.Metro.IconPacks.SimpleIcons.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/libs_github/lib/flummer.xml
.xml
Setup/libs_github/lib/garryaUnpaint.xml
.xml
Setup/libs_github/lib/jinnyPlonkoAxmaker.xml
.xml
Setup/libs_github/lib/lapel.xml
.xml
Setup/libs_github/lib/luvianMellows/bedsockBogiePlebby.xml
.xml
Setup/libs_github/lib/luvianMellows/ceriumPunkestAstride/botonyEsquire.xml
.xml
Setup/libs_github/lib/luvianMellows/ceriumPunkestAstride/cotwin.xml
.xml
Setup/libs_github/lib/luvianMellows/ceriumPunkestAstride/guckiAworry.xml
.xml
Setup/libs_github/lib/luvianMellows/ceriumPunkestAstride/trimersStylite.xml
.xml
Setup/libs_github/lib/luvianMellows/ictuateStrae.xml
.xml
Setup/libs_github/lib/luvianMellows/travFangy/daimenBruneGuff.xml
.xml
Setup/libs_github/lib/luvianMellows/travFangy/ovology.xml
.xml
Setup/libs_github/lib/luvianMellows/travFangy/upbyCutlers.xml
.xml
Setup/libs_github/lib/luvianMellows/travFangy/weaned.xml
.xml
Setup/libs_github/lib/manentHilsah/arbaciaCoticeHoax/frisonBrads.xml
.xml
Setup/libs_github/lib/manentHilsah/arbaciaCoticeHoax/ignore.xml
.xml
Setup/libs_github/lib/manentHilsah/arbaciaCoticeHoax/lithiAmuguisWup.xml
.xml
Setup/libs_github/lib/manentHilsah/arbaciaCoticeHoax/mogueySlewedRoke.xml
.xml
Setup/libs_github/lib/manentHilsah/arbaciaCoticeHoax/neogamyBeatlesTolite.xml
.xml
Setup/libs_github/lib/manentHilsah/gmelina/cheesesSmoochyMemnon.xml
.xml
Setup/libs_github/lib/manentHilsah/gmelina/outwell.xml
.xml
Setup/libs_github/lib/manentHilsah/gmelina/synodusBorons.xml
.xml
Setup/libs_github/lib/manentHilsah/gmelina/unflatMollahDtd.xml
.xml
Setup/libs_github/lib/manentHilsah/gmelina/waftureForwearSyssel.xml
.xml
Setup/libs_github/lib/manentHilsah/guarsRefract.xml
.xml
Setup/libs_github/lib/manentHilsah/manling.xml
.xml
Setup/libs_github/lib/manentHilsah/mudlarkYobboes.xml
.wsf .xml polyglot
Setup/libs_github/lib/manentHilsah/salicComakeInvader.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/dejaYeggsGiver.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/florounUpstood.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/maltsBushyUnalarm.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/myrrhsTraysMachzor.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/oerstedAitchesMatzot.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/steeverAmole.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/tizwinJehovic.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/zeugmas.xml
.xml
Setup/libs_github/lib/manentHilsah/talky/acericBotch.xml
.xml
Setup/libs_github/lib/manentHilsah/talky/swardPicturyGif.xml
.xml
Setup/libs_github/lib/manentHilsah/talky/thick.xml
.xml
Setup/libs_github/lib/manentHilsah/talky/vagnera.xml
.xml
Setup/libs_github/lib/manentHilsah/teredosLungersKyak/nimiousTermer.xml
.xml
Setup/libs_github/lib/manentHilsah/teredosLungersKyak/purgingGawkers.xml
.xml
Setup/libs_github/lib/manentHilsah/teredosLungersKyak/urns.xml
.xml
Setup/libs_github/lib/manentHilsah/topicalWeeper/jacales.xml
.xml
Setup/libs_github/lib/manentHilsah/topicalWeeper/kischenDosed.xml
.xml
Setup/libs_github/lib/manentHilsah/topicalWeeper/spreeuw.xml
.xml
Setup/libs_github/lib/manentHilsah/topicalWeeper/suptionRfs.xml
.xml
Setup/libs_github/lib/manentHilsah/topicalWeeper/trowaneLosings.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/duckpinSailyeGiglio.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/fitched.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/nivalLutist.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/numbers.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/respeak.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/rivoCoated.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/trogonsLias.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/develedWagonsKellion.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/diurons.xml
.wsf .xml polyglot
Setup/libs_github/lib/ostomyNatUmiak/esker.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/measLarlikeCorf.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/sell.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/sourdAnaemic.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/tarrowHominem.xml
.xml
Setup/libs_github/lib/raking/aggers.xml
.xml
Setup/libs_github/lib/raking/buttle/mesonChamperOctoon.xml
.xml
Setup/libs_github/lib/raking/buttle/wursts.xml
.xml
Setup/libs_github/lib/raking/grin.xml
.xml
Setup/libs_github/lib/raking/kompeniEncaumaManus.xml
.xml
Setup/libs_github/lib/raking/nikenoCarone/bealFlashy.xml
.xml
Setup/libs_github/lib/raking/nikenoCarone/beluchi.xml
.xml
Setup/libs_github/lib/raking/nikenoCarone/meiny.xml
.xml
Setup/libs_github/lib/raking/nikenoCarone/sclereUrolOutvote.xml
.xml
Setup/libs_github/lib/raking/nikenoCarone/wysonHunchesGraver.xml
.xml
Setup/libs_github/lib/raking/oleatesBisayanUpbreed/athenaUhlansBispore.xml
.xml
Setup/libs_github/lib/raking/oleatesBisayanUpbreed/choirYaksCahows.xml
.wsf .xml polyglot
Setup/libs_github/lib/raking/oleatesBisayanUpbreed/goldcupPoitrelSmock.xml
.xml
Setup/libs_github/lib/raking/trankaDonnism/diolKarwar.xml
.xml
Setup/libs_github/lib/raking/trankaDonnism/dumpageImitantOctofid.xml
.xml
Setup/libs_github/lib/raking/trankaDonnism/gamont.xml
.wsf .xml polyglot
Setup/libs_github/lib/raking/untrim.xml
.xml
Setup/libs_github/lib/shuswapRuewort/arguer.xml
.xml
Setup/libs_github/lib/shuswapRuewort/auksinuBowyers.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cappagh/layered.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cappagh/moulageCharmMegbote.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cappagh/yashmak.xml
.xml
Setup/libs_github/lib/shuswapRuewort/casaveSumiEelpout.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cundumsMorendoTriace/sereAfzeliaHeck.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cundumsMorendoTriace/snaryCambrelOctic.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cundumsMorendoTriace/swainStarchy.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cundumsMorendoTriace/topples.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cundumsMorendoTriace/usarProctalSawman.xml
.xml
Setup/libs_github/lib/shuswapRuewort/eyessHermaeDrowsy.xml
.xml
Setup/libs_github/lib/shuswapRuewort/jankerMarrier.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/maconneBifara.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/mungy.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/pigpens.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/preampPine.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/tazeeaFonded.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/unstonyWafersAdeep.xml
.xml
Setup/libs_github/lib/shuswapRuewort/trochaSabaean/boonk.xml
.xml
Setup/libs_github/lib/shuswapRuewort/trochaSabaean/bucksaw.xml
.xml
Setup/libs_github/lib/shuswapRuewort/trochaSabaean/cosset.xml
.xml
Setup/libs_github/lib/shuswapRuewort/trochaSabaean/pinhookSuberPhaeism.xml
.xml
Setup/libs_github/lib/shuswapRuewort/turgor.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/baffing.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/candide.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/depotsGids/graalBoottopTalent.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/depotsGids/paucalUnfold.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/depotsGids/pigtailAltar.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/depotsGids/tuglikeReadopt.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/divotBoldos.xml
.xml
Setup/libs_github/lib/trichy/andricChokedPostfix/postage.xml
.xml
Setup/libs_github/lib/trichy/andricChokedPostfix/spawlApnoeal.xml
.xml
Setup/libs_github/lib/trichy/andricChokedPostfix/waufieWhauve.xml
.xml
Setup/libs_github/lib/trichy/bejade/haslet.xml
.xml
Setup/libs_github/lib/trichy/bemuddy.xml
.xml
Setup/libs_github/lib/trichy/bifrostCattle/facty.xml
.xml
Setup/libs_github/lib/trichy/buffed/chidedOcurred.xml
.xml
Setup/libs_github/lib/trichy/buffed/decineSatoriiCoppy.xml
.xml
Setup/libs_github/lib/trichy/buffed/ecocide.xml
.xml
Setup/libs_github/lib/trichy/buffed/gheddaOptimal.xml
.xml
Setup/libs_github/lib/trichy/buffed/pickup.xml
.xml
Setup/libs_github/lib/trichy/buffed/pictaviSina.xml
.xml
Setup/libs_github/lib/trichy/gtdNingpoDebacle/abuCrofts.xml
.xml
Setup/libs_github/lib/trichy/gtdNingpoDebacle/goosyWinna.xml
.xml
Setup/libs_github/lib/trichy/gtdNingpoDebacle/howsMoldingAfacing.xml
.xml
Setup/libs_github/lib/trichy/gtdNingpoDebacle/prorsal.xml
.xml
Setup/libs_github/lib/trichy/gtdNingpoDebacle/publice.xml
.xml
Setup/libs_github/lib/trichy/handbagArrgt/flingyTuant.xml
.xml
Setup/libs_github/lib/trichy/inditer.xml
.xml
Setup/libs_github/lib/trichy/jestersBudmash/makutaTulasiDebtee.xml
.xml
Setup/libs_github/lib/trichy/jestersBudmash/medalet.xml
.xml
Setup/libs_github/lib/trichy/jestersBudmash/rochetAndarkoExecute.xml
.xml
Setup/libs_github/lib/trichy/jestersBudmash/vedanaSnoredScenic.xml
.xml
Setup/libs_github/lib/trichy/jestersBudmash/wyke.xml
.xml
Setup/libs_github/lib/trichy/oregoniTuboid/grebes.xml
.xml
Setup/libs_github/lib/trichy/oregoniTuboid/huashiGater.xml
.xml
Setup/libs_github/lib/trichy/oregoniTuboid/pyroticNeology.xml
.xml
Setup/libs_github/lib/trichy/oregoniTuboid/upaisleReffedKina.xml
.xml
Setup/libs_github/lib/trichy/stachysTigreanWilrone/eaningArboredResters.xml
.xml
Setup/libs_github/lib/trichy/stachysTigreanWilrone/lycopodCrambid.xml
.xml
Setup/libs_github/lib/trichy/stachysTigreanWilrone/telliesNanmu.xml
.xml
Setup/libs_github/lib/trichy/treasonAgadaBegeck.xml
.xml
Setup/libs_github/lib/trichy/yaupon.xml
.xml
Setup/libs_github/lib/tumbril.xml
.xml
Setup/tabs.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\mahapps-metro-iconpacks\src\MahApps.Metro.IconPacks\obj\Release\MahApps.Metro.IconPacks.Material\net47\MahApps.Metro.IconPacks.Material.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 283KB - Virtual size: 282KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 5.9MB - Virtual size: 5.9MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 4.7MB - Virtual size: 4.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 283KB - Virtual size: 282KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5.9MB - Virtual size: 5.9MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 4.7MB - Virtual size: 4.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B