Static task
static1
Behavioral task
behavioral1
Sample
setup.ic19.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
setup.ic19.exe
Resource
win10v2004-20240802-en
General
-
Target
setup.ic19.exe
-
Size
341KB
-
MD5
e1c81c53c0fcd8301a0a51cdb1669ccc
-
SHA1
5c8a9f629a0b9399fd829cc8eeb9c31c7bf6c173
-
SHA256
811ba62844f5aac8675ffb5ab6d2166097231beeba58ce46be708fa06257e0bd
-
SHA512
eab99cfd6b38678c2b155956447e364de0762fd6b91ffd39c7b28364e215c878f7204934b2ec2e21052f68bce1f842222f02e4071c80ee916522091f8cdfd9f4
-
SSDEEP
6144:xz6XBxULZRje/1JT1MAOHc8WqcfWWHOUbXhfTIEyoDu0212KRC:xz6XBxqZRje/1TMAODJUbXxTDS0W2IC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource setup.ic19.exe
Files
-
setup.ic19.exe.exe windows:5 windows x64 arch:x64
87831df3f581ca6cc7dfeadcfedd2ac4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
mpr
WNetGetUniversalNameW
WNetGetResourceInformationW
kernel32
lstrcpyW
lstrcatW
GlobalUnlock
GlobalLock
GlobalAlloc
GetLastError
CloseHandle
ResetEvent
WaitForMultipleObjects
Sleep
SetEvent
OpenEventW
CreateEventW
ResumeThread
DuplicateHandle
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryW
WriteFile
CreateFileW
GetTempPathW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetWindowsDirectoryW
CreateFileMappingW
SetLastError
GetCurrentThreadId
lstrcmpiW
lstrcmpW
lstrcpynW
LoadLibraryA
GetSystemDirectoryA
GetComputerNameW
FormatMessageW
GetModuleHandleW
HeapFree
HeapAlloc
GetProcessHeap
OpenProcess
GetCurrentProcessId
CreateProcessW
GetModuleFileNameW
LoadLibraryExW
GetVersionExW
SetErrorMode
GetSystemDirectoryW
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
HeapSetInformation
GetStartupInfoW
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlPcToFileHeader
RaiseException
RtlUnwindEx
RtlLookupFunctionEntry
CreateThread
ExitThread
LeaveCriticalSection
GetSystemTimeAsFileTime
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
HeapReAlloc
lstrlenW
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
VirtualAlloc
LocalFree
user32
UpdateWindow
GetDC
ReleaseDC
LoadCursorW
RegisterClassExW
CreateWindowExW
LoadImageW
GetWindowLongPtrW
DestroyWindow
PostQuitMessage
RegisterWindowMessageW
IsIconic
FindWindowW
InvalidateRect
LoadMenuW
GetSubMenu
EnableMenuItem
GetCursorPos
TrackPopupMenu
CreateDialogParamW
DefWindowProcW
DestroyMenu
SetThreadDesktop
GetMessageW
TranslateMessage
DispatchMessageW
OpenInputDesktop
GetThreadDesktop
ShowScrollBar
IsWindowEnabled
SetForegroundWindow
OpenDesktopW
GetUserObjectInformationW
CloseDesktop
EnumDesktopWindows
GetForegroundWindow
MessageBoxW
SetFocus
IsDlgButtonChecked
CheckDlgButton
EnableWindow
DialogBoxParamW
IsWindow
SendDlgItemMessageW
SendMessageW
CopyRect
GetSystemMetrics
SystemParametersInfoW
MoveWindow
MessageBeep
DrawTextW
FlashWindow
EndDialog
BeginPaint
GetClientRect
GetDlgItem
GetWindowRect
ScreenToClient
DrawIcon
EndPaint
PostMessageW
KillTimer
ShowWindow
LoadIconW
LoadStringW
SetDlgItemTextW
SetTimer
SetWindowPos
SetWindowLongPtrW
OpenClipboard
EmptyClipboard
GetDlgItemTextW
SetClipboardData
CloseClipboard
wsprintfW
IsWindowVisible
RegisterClipboardFormatW
SetWindowTextW
ExitWindowsEx
gdi32
CreateFontW
DeleteObject
SelectObject
SetBkColor
SetBkMode
CreateSolidBrush
GetDeviceCaps
GetStockObject
SetTextColor
comdlg32
GetSaveFileNameW
advapi32
RegCreateKeyExW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatus
RegDeleteValueW
RegisterEventSourceW
ReportEventW
OpenProcessToken
GetTokenInformation
LookupAccountSidW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegOpenKeyW
GetUserNameW
shell32
ShellExecuteExW
Shell_NotifyIconW
DragQueryFileW
ShellExecuteW
ole32
RevokeDragDrop
RegisterDragDrop
OleInitialize
CoInitialize
CoTaskMemFree
Sections
.text Size: 134KB - Virtual size: 133KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 67KB - Virtual size: 88KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 95KB - Virtual size: 95KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ