Overview

overview

7

Static

static

3

setup_feti...8).exe

windows10-1703-x64

7

$PLUGINSDI...em.dll

windows10-1703-x64

3

$TEMP/tidy.bat

windows10-1703-x64

1

$_3_/setup...8).exe

windows10-1703-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    setup_fetish_locator_week_three_3.3.16-win_(71968).exe

  • Size

    974KB

  • MD5

    7b07412e2461c1e2d14283b055c37895

  • SHA1

    21abf31e6c46b46a3649c2528253dfd23a126813

  • SHA256

    2c9cb007c2ba29278b5d8b1de0419a9626cefdd86acf270a3495b580c8df2c78

  • SHA512

    95998be78c187eece0472f5454a538fe6ce885d739582718ee75a8e638455d2b982274d55af13798222a784191d3adb7b1064a9bb375e07f925114828cbd309a

  • SSDEEP

    24576:RPdnt1NCFwJe2e5Cm9BJeGZNhxhel4DLjye1Jk3/fFy6:bzgiJPeRrjh73jye1Jyfs6

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • setup_fetish_locator_week_three_3.3.16-win_(71968).exe
    .exe windows:4 windows x86 arch:x86

    9dda1a1d1f8a1d13ae0297b47046b26e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    509a34b3a68a773e0afb4259e68f9f82


    Headers

    Imports

    Exports

    Sections

  • $TEMP/temp_cleanup.ico
  • $TEMP/tidy.bat
    .bat .vbs
  • $_3_/setup_fetish_locator_week_three_3.3.16-win_(71968).exe
    .exe windows:5 windows x86 arch:x86

    20dd26497880c05caed9305b3c8b9109


    Code Sign

    Headers

    Imports

    Sections