Setup_v1[.]60[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

Setup_v1.60.7z
Size

2.6MB
MD5

34540676a114d0701d0bbd7414e3fd27
SHA1

bd0a8b027bdd5ebf284f4e4c11815d312188b18b
SHA256

15b192b48a4323d7999d5b51be61ed6bf906fa6a983cb8e79a48f210089dc847
SHA512

7613b9a32dfc4ecf45aaec9d803a185c319571e6316320584f8564f382c27dca41f0f80b05e3b8087e350701442174af03b81e4fe03e1f3ea0cdfa5b61e1230d
SSDEEP

49152:JOtwn65aHqqgdA5OxK0sS55GWMPw0/PuZW0uFUmzRv2Sd5TmIaBQjm2kM7:otuCMKSyK9MJi/PKAUmz7d5TLaSm2D

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Setup/D3dx9_41.dll
unpack002/Setup/Setup_v1.60.exe
unpack002/Setup/Shell64.dll
unpack002/Setup/tabs.dll

Files

Setup_v1.60.7z
.7z
Setup.7z
.7z
Setup/D3dx9_41.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\mahapps-metro-iconpacks\src\MahApps.Metro.IconPacks\obj\Release\MahApps.Metro.IconPacks.Material\net47\MahApps.Metro.IconPacks.Material.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/README.txt
Setup/Setup_v1.60.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\rje\tg\88h\obj\Release\ojc.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/Shell64.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\mahapps-metro-iconpacks\src\MahApps.Metro.IconPacks\obj\Release\MahApps.Metro.IconPacks.SimpleIcons\net47\MahApps.Metro.IconPacks.SimpleIcons.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/libs_github/lib/flummer.xml
.xml
Setup/libs_github/lib/garryaUnpaint.xml
.xml
Setup/libs_github/lib/jinnyPlonkoAxmaker.xml
.xml
Setup/libs_github/lib/lapel.xml
.xml
Setup/libs_github/lib/luvianMellows/bedsockBogiePlebby.xml
.xml
Setup/libs_github/lib/luvianMellows/ceriumPunkestAstride/botonyEsquire.xml
.xml
Setup/libs_github/lib/luvianMellows/ceriumPunkestAstride/cotwin.xml
.xml
Setup/libs_github/lib/luvianMellows/ceriumPunkestAstride/guckiAworry.xml
.xml
Setup/libs_github/lib/luvianMellows/ceriumPunkestAstride/trimersStylite.xml
.xml
Setup/libs_github/lib/luvianMellows/ictuateStrae.xml
.xml
Setup/libs_github/lib/luvianMellows/travFangy/daimenBruneGuff.xml
.xml
Setup/libs_github/lib/luvianMellows/travFangy/ovology.xml
.xml
Setup/libs_github/lib/luvianMellows/travFangy/upbyCutlers.xml
.xml
Setup/libs_github/lib/luvianMellows/travFangy/weaned.xml
.xml
Setup/libs_github/lib/manentHilsah/arbaciaCoticeHoax/frisonBrads.xml
.xml
Setup/libs_github/lib/manentHilsah/arbaciaCoticeHoax/ignore.xml
.xml
Setup/libs_github/lib/manentHilsah/arbaciaCoticeHoax/lithiAmuguisWup.xml
.xml
Setup/libs_github/lib/manentHilsah/arbaciaCoticeHoax/mogueySlewedRoke.xml
.xml
Setup/libs_github/lib/manentHilsah/arbaciaCoticeHoax/neogamyBeatlesTolite.xml
.xml
Setup/libs_github/lib/manentHilsah/gmelina/cheesesSmoochyMemnon.xml
.xml
Setup/libs_github/lib/manentHilsah/gmelina/outwell.xml
.xml
Setup/libs_github/lib/manentHilsah/gmelina/synodusBorons.xml
.xml
Setup/libs_github/lib/manentHilsah/gmelina/unflatMollahDtd.xml
.xml
Setup/libs_github/lib/manentHilsah/gmelina/waftureForwearSyssel.xml
.xml
Setup/libs_github/lib/manentHilsah/guarsRefract.xml
.xml
Setup/libs_github/lib/manentHilsah/manling.xml
.xml
Setup/libs_github/lib/manentHilsah/mudlarkYobboes.xml
.wsf .xml polyglot
Setup/libs_github/lib/manentHilsah/salicComakeInvader.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/dejaYeggsGiver.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/florounUpstood.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/maltsBushyUnalarm.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/myrrhsTraysMachzor.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/oerstedAitchesMatzot.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/steeverAmole.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/tizwinJehovic.xml
.xml
Setup/libs_github/lib/manentHilsah/slopingGashingBeacons/zeugmas.xml
.xml
Setup/libs_github/lib/manentHilsah/talky/acericBotch.xml
.xml
Setup/libs_github/lib/manentHilsah/talky/swardPicturyGif.xml
.xml
Setup/libs_github/lib/manentHilsah/talky/thick.xml
.xml
Setup/libs_github/lib/manentHilsah/talky/vagnera.xml
.xml
Setup/libs_github/lib/manentHilsah/teredosLungersKyak/nimiousTermer.xml
.xml
Setup/libs_github/lib/manentHilsah/teredosLungersKyak/purgingGawkers.xml
.xml
Setup/libs_github/lib/manentHilsah/teredosLungersKyak/urns.xml
.xml
Setup/libs_github/lib/manentHilsah/topicalWeeper/jacales.xml
.xml
Setup/libs_github/lib/manentHilsah/topicalWeeper/kischenDosed.xml
.xml
Setup/libs_github/lib/manentHilsah/topicalWeeper/spreeuw.xml
.xml
Setup/libs_github/lib/manentHilsah/topicalWeeper/suptionRfs.xml
.xml
Setup/libs_github/lib/manentHilsah/topicalWeeper/trowaneLosings.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/duckpinSailyeGiglio.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/fitched.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/nivalLutist.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/numbers.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/respeak.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/rivoCoated.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/blitzedTerbia/trogonsLias.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/develedWagonsKellion.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/diurons.xml
.wsf .xml polyglot
Setup/libs_github/lib/ostomyNatUmiak/esker.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/measLarlikeCorf.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/sell.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/sourdAnaemic.xml
.xml
Setup/libs_github/lib/ostomyNatUmiak/tarrowHominem.xml
.xml
Setup/libs_github/lib/raking/aggers.xml
.xml
Setup/libs_github/lib/raking/buttle/mesonChamperOctoon.xml
.xml
Setup/libs_github/lib/raking/buttle/wursts.xml
.xml
Setup/libs_github/lib/raking/grin.xml
.xml
Setup/libs_github/lib/raking/kompeniEncaumaManus.xml
.xml
Setup/libs_github/lib/raking/nikenoCarone/bealFlashy.xml
.xml
Setup/libs_github/lib/raking/nikenoCarone/beluchi.xml
.xml
Setup/libs_github/lib/raking/nikenoCarone/meiny.xml
.xml
Setup/libs_github/lib/raking/nikenoCarone/sclereUrolOutvote.xml
.xml
Setup/libs_github/lib/raking/nikenoCarone/wysonHunchesGraver.xml
.xml
Setup/libs_github/lib/raking/oleatesBisayanUpbreed/athenaUhlansBispore.xml
.xml
Setup/libs_github/lib/raking/oleatesBisayanUpbreed/choirYaksCahows.xml
.wsf .xml polyglot
Setup/libs_github/lib/raking/oleatesBisayanUpbreed/goldcupPoitrelSmock.xml
.xml
Setup/libs_github/lib/raking/trankaDonnism/diolKarwar.xml
.xml
Setup/libs_github/lib/raking/trankaDonnism/dumpageImitantOctofid.xml
.xml
Setup/libs_github/lib/raking/trankaDonnism/gamont.xml
.wsf .xml polyglot
Setup/libs_github/lib/raking/untrim.xml
.xml
Setup/libs_github/lib/shuswapRuewort/arguer.xml
.xml
Setup/libs_github/lib/shuswapRuewort/auksinuBowyers.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cappagh/layered.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cappagh/moulageCharmMegbote.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cappagh/yashmak.xml
.xml
Setup/libs_github/lib/shuswapRuewort/casaveSumiEelpout.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cundumsMorendoTriace/sereAfzeliaHeck.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cundumsMorendoTriace/snaryCambrelOctic.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cundumsMorendoTriace/swainStarchy.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cundumsMorendoTriace/topples.xml
.xml
Setup/libs_github/lib/shuswapRuewort/cundumsMorendoTriace/usarProctalSawman.xml
.xml
Setup/libs_github/lib/shuswapRuewort/eyessHermaeDrowsy.xml
.xml
Setup/libs_github/lib/shuswapRuewort/jankerMarrier.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/maconneBifara.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/mungy.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/pigpens.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/preampPine.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/tazeeaFonded.xml
.xml
Setup/libs_github/lib/shuswapRuewort/muladi/unstonyWafersAdeep.xml
.xml
Setup/libs_github/lib/shuswapRuewort/trochaSabaean/boonk.xml
.xml
Setup/libs_github/lib/shuswapRuewort/trochaSabaean/bucksaw.xml
.xml
Setup/libs_github/lib/shuswapRuewort/trochaSabaean/cosset.xml
.xml
Setup/libs_github/lib/shuswapRuewort/trochaSabaean/pinhookSuberPhaeism.xml
.xml
Setup/libs_github/lib/shuswapRuewort/turgor.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/baffing.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/candide.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/depotsGids/graalBoottopTalent.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/depotsGids/paucalUnfold.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/depotsGids/pigtailAltar.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/depotsGids/tuglikeReadopt.xml
.xml
Setup/libs_github/lib/terriesAlfonsoSubplow/divotBoldos.xml
.xml
Setup/libs_github/lib/trichy/andricChokedPostfix/postage.xml
.xml
Setup/libs_github/lib/trichy/andricChokedPostfix/spawlApnoeal.xml
.xml
Setup/libs_github/lib/trichy/andricChokedPostfix/waufieWhauve.xml
.xml
Setup/libs_github/lib/trichy/bejade/haslet.xml
.xml
Setup/libs_github/lib/trichy/bemuddy.xml
.xml
Setup/libs_github/lib/trichy/bifrostCattle/facty.xml
.xml
Setup/libs_github/lib/trichy/buffed/chidedOcurred.xml
.xml
Setup/libs_github/lib/trichy/buffed/decineSatoriiCoppy.xml
.xml
Setup/libs_github/lib/trichy/buffed/ecocide.xml
.xml
Setup/libs_github/lib/trichy/buffed/gheddaOptimal.xml
.xml
Setup/libs_github/lib/trichy/buffed/pickup.xml
.xml
Setup/libs_github/lib/trichy/buffed/pictaviSina.xml
.xml
Setup/libs_github/lib/trichy/gtdNingpoDebacle/abuCrofts.xml
.xml
Setup/libs_github/lib/trichy/gtdNingpoDebacle/goosyWinna.xml
.xml
Setup/libs_github/lib/trichy/gtdNingpoDebacle/howsMoldingAfacing.xml
.xml
Setup/libs_github/lib/trichy/gtdNingpoDebacle/prorsal.xml
.xml
Setup/libs_github/lib/trichy/gtdNingpoDebacle/publice.xml
.xml
Setup/libs_github/lib/trichy/handbagArrgt/flingyTuant.xml
.xml
Setup/libs_github/lib/trichy/inditer.xml
.xml
Setup/libs_github/lib/trichy/jestersBudmash/makutaTulasiDebtee.xml
.xml
Setup/libs_github/lib/trichy/jestersBudmash/medalet.xml
.xml
Setup/libs_github/lib/trichy/jestersBudmash/rochetAndarkoExecute.xml
.xml
Setup/libs_github/lib/trichy/jestersBudmash/vedanaSnoredScenic.xml
.xml
Setup/libs_github/lib/trichy/jestersBudmash/wyke.xml
.xml
Setup/libs_github/lib/trichy/oregoniTuboid/grebes.xml
.xml
Setup/libs_github/lib/trichy/oregoniTuboid/huashiGater.xml
.xml
Setup/libs_github/lib/trichy/oregoniTuboid/pyroticNeology.xml
.xml
Setup/libs_github/lib/trichy/oregoniTuboid/upaisleReffedKina.xml
.xml
Setup/libs_github/lib/trichy/stachysTigreanWilrone/eaningArboredResters.xml
.xml
Setup/libs_github/lib/trichy/stachysTigreanWilrone/lycopodCrambid.xml
.xml
Setup/libs_github/lib/trichy/stachysTigreanWilrone/telliesNanmu.xml
.xml
Setup/libs_github/lib/trichy/treasonAgadaBegeck.xml
.xml
Setup/libs_github/lib/trichy/yaupon.xml
.xml
Setup/libs_github/lib/tumbril.xml
.xml
Setup/tabs.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\mahapps-metro-iconpacks\src\MahApps.Metro.IconPacks\obj\Release\MahApps.Metro.IconPacks.Material\net47\MahApps.Metro.IconPacks.Material.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 364KB - Virtual size: 363KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 5.9MB - Virtual size: 5.9MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 4.7MB - Virtual size: 4.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 364KB - Virtual size: 363KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5.9MB - Virtual size: 5.9MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 4.7MB - Virtual size: 4.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B