Install_02026[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Install_02026.exe
Size

67.3MB
MD5

5c3603ca25da750247a7dcc86854ba6e
SHA1

d86d58c365976e089d8844aaa119ff0ef17318a7
SHA256

8661b8ab915d5deb07926fbd7aac61d4ca8a3a5b43700e93084f81d8f4e9276e
SHA512

60c3e90bbc651bab26fccbb3c03fb1658fd7f8ec9cdbcc8d4ae4f840cf9e6b570fcb2ff73dbab4c3ba26253f1245eb2da6494d2aae31a4deb6b33666620fcd3a
SSDEEP

196608:LQFgLRKHqT3OgmAC6WtaqyF6tkcEERPUwxHB1cJ6TywN36X8psOaJDzI:LQFgvT3OoCcgtekPbxU2ywqJ51zI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Install_02026.exe

Files

Install_02026.exe
.exe windows:6 windows x86 arch:x86

5988e6058399342b7bab73e1fe4adf61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
RaiseException
GetCPInfo
SetUnhandledExceptionFilter
GetTempPathW
ExitProcess
GetTempPathA
FreeLibrary
Sleep
SetFilePointerEx
GetStringTypeW
ReadFile
HeapAlloc
HeapReAlloc
CreateThread
CreateEventA
SetLastError
RtlUnwind
GetModuleFileNameA
ReleaseSRWLockExclusive
GetCommandLineW
CreateDirectoryW
InitializeCriticalSectionEx
CreateFileA
GetFileSize
VirtualAlloc
GetProcAddress
TlsGetValue
GetStartupInfoW
VirtualFree
InitializeCriticalSectionAndSpinCount
CreateSemaphoreA
GetCurrentDirectoryW
FindNextFileW
AcquireSRWLockExclusive
LeaveCriticalSection
GetFileType
WaitForSingleObject
TlsSetValue
FindFirstFileExA
GetConsoleCP
InitializeSListHead
FindNextFileA
FormatMessageA
GetStdHandle
SetCurrentDirectoryA
GetVersionExA
MoveFileExW
DeleteFileW
FindFirstFileW
AreFileApisANSI
GetCurrentProcessId
CreateDirectoryA
FindFirstFileA
InitializeCriticalSection
IsProcessorFeaturePresent
GetConsoleMode
SetFilePointer
RemoveDirectoryA
FreeLibraryAndExitThread
GetLastError
CreateProcessA
MultiByteToWideChar
GetModuleHandleW
GetFileAttributesW
RemoveDirectoryW
TlsFree
HeapSize
GetOEMCP
HeapFree
IsValidCodePage
ReleaseSemaphore
GetCommandLineA
GetFileInformationByHandle
GetCurrentProcess
LocalFree
TerminateProcess
WriteConsoleW
CreateFileW
WideCharToMultiByte
GetModuleHandleExW
FormatMessageW
EnterCriticalSection
SetStdHandle
CloseHandle
GlobalMemoryStatus
GetCurrentThreadId
FindClose
GetTickCount64
DeleteFileA
GetTickCount
SetFileAttributesA
SetEvent
UnhandledExceptionFilter
SetFileAttributesW
SetCurrentDirectoryW
TlsAlloc
GetEnvironmentStringsW
LCMapStringW
GetModuleHandleA
EncodePointer
LoadLibraryExW
IsBadReadPtr
ExitThread
GetProcessAffinityMask
LoadLibraryA
QueryPerformanceCounter
GetModuleFileNameW
SetFileTime
GetSystemInfo
GetProcessHeap
GetTempFileNameW
TryAcquireSRWLockExclusive
IsDebuggerPresent
ResetEvent
GetSystemDirectoryW
WriteFile
GetVersion
QueryPerformanceFrequency
GetCurrentDirectoryA
GetACP
WakeAllConditionVariable
FlushFileBuffers
GetSystemTimeAsFileTime
DeleteCriticalSection
LoadLibraryW
FreeEnvironmentStringsW
DecodePointer
SetEndOfFile

user32

ShowWindow
LoadStringA
SetWindowTextA
LoadStringW
PostMessageA
SetWindowTextW
DialogBoxParamW
LoadIconA
CharUpperW
EndDialog
KillTimer
CharUpperA
MessageBoxA
SendMessageA
SetTimer
GetDlgItem
SetWindowLongA
GetWindowLongA
DialogBoxParamA
MessageBoxW
DestroyWindow

shell32

ShellExecuteExA

oleaut32

VariantClear
SysAllocStringLen
SysStringLen

advapi32

CloseServiceHandle

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 570KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5988e6058399342b7bab73e1fe4adf61

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

oleaut32

advapi32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 570KB - Virtual size: 586KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 570KB - Virtual size: 586KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 22KB - Virtual size: 22KB