Static task
static1
General
-
Target
SetupFile_91303.exe
-
Size
10.2MB
-
MD5
ad8f9aacf67a6fbe9af89b4b195db24e
-
SHA1
0c8a9686a0e272bec7fbb61b7632c1826c9ab058
-
SHA256
c8ac5e302398abbe1eb8d78f7c403a6b6d728d613791695dde33b091240ef7b5
-
SHA512
5ac3a081ea93b218c65d680e5274ca7547e3acd7dcdd928e390200aa1b922953a045d8beb11a54ecfd929efb803f6702d7f81ecdf3e7784ce96e76e54780b461
-
SSDEEP
196608:Wxvb84DyvoNSCJ7iyQnK7hJb6N7UBsLcByZceTovTDsTouol54cZ64X/+1cYQpSP:kDfSO7iyQY6N7UBsLcByZceTovTDsTG0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SetupFile_91303.exe
Files
-
SetupFile_91303.exe.exe windows:6 windows x86 arch:x86
232abee5af26051c4e9b4e9e286ba991
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
dwrite
DWriteCreateFactory
d2d1
ord1
kernel32
ExitProcess
DecodePointer
MulDiv
InitializeCriticalSectionEx
HeapSize
QueryPerformanceFrequency
lstrlenA
GetConsoleMode
TerminateProcess
ExitThread
EnumSystemLocalesW
SystemTimeToTzSpecificLocalTime
FindClose
WaitForSingleObjectEx
IsValidCodePage
CreateThread
FreeLibraryAndExitThread
ReadFile
OutputDebugStringA
ReleaseSRWLockExclusive
GetModuleHandleExW
GetEnvironmentStringsW
CompareStringW
GetStdHandle
GetCurrentProcess
DeleteFileW
GetFileSize
SetEnvironmentVariableA
GetCurrentProcessId
FindNextFileA
OutputDebugStringW
GetTimeFormatW
GetLastError
GetCurrentThreadId
GetSystemTimeAsFileTime
GetDriveTypeW
GetTimeZoneInformation
TlsAlloc
PeekNamedPipe
VerifyVersionInfoW
HeapReAlloc
GetFileType
UnhandledExceptionFilter
GetProcessHeap
WriteConsoleW
WaitForMultipleObjects
AcquireSRWLockExclusive
FreeEnvironmentStringsW
SetLastError
LoadLibraryExW
SleepEx
GetProcAddress
Sleep
LeaveCriticalSection
GetSystemDirectoryW
EncodePointer
GetCommandLineA
FindFirstFileExA
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
IsDebuggerPresent
WaitForSingleObject
GetStartupInfoW
FlushFileBuffers
LoadLibraryW
MoveFileExW
SetEvent
GetModuleFileNameW
HeapFree
GetModuleFileNameA
DeleteCriticalSection
GetFileSizeEx
TlsGetValue
VerSetConditionMask
GetACP
GetLocaleInfoW
GetTickCount
WriteFile
RtlUnwind
InitializeSListHead
GetModuleHandleW
LocalFree
GetModuleHandleA
GetCPInfo
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetConsoleCP
FileTimeToSystemTime
GetUserDefaultLCID
HeapAlloc
GetStringTypeW
TlsFree
CloseHandle
GetEnvironmentVariableA
TlsSetValue
GetFullPathNameW
QueryPerformanceCounter
IsProcessorFeaturePresent
GetTickCount64
FreeLibrary
CreateEventW
DebugBreak
IsValidLocale
CreateFileW
ReadConsoleW
SetStdHandle
GetDateFormatW
GetCurrentDirectoryW
GetCurrentThread
FormatMessageW
WideCharToMultiByte
GetOEMCP
SetUnhandledExceptionFilter
lstrcatA
GetFileAttributesExW
ResetEvent
GetCommandLineW
RaiseException
LCMapStringW
SetFilePointerEx
user32
SetWindowPos
GetMenuItemInfoW
GetKeyState
TranslateMessage
ReleaseCapture
MapWindowPoints
ReleaseDC
UnhookWindowsHookEx
GetSystemMetrics
GetDC
DestroyWindow
AdjustWindowRectEx
wsprintfA
SetMenu
SetParent
DefWindowProcW
BeginPaint
CallNextHookEx
GetUpdateRect
EnableWindow
LoadIconW
UpdateWindow
RegisterClassW
GetWindowTextW
KillTimer
SetWindowsHookExW
ValidateRect
PostQuitMessage
CreatePopupMenu
GetClassNameW
DispatchMessageW
CreateWindowExW
SetFocus
SetMenuItemInfoW
GetSysColor
SetTimer
SystemParametersInfoW
EndPaint
GetMessageTime
GetWindowLongW
GetClientRect
GetActiveWindow
SetScrollInfo
GetDoubleClickTime
SetWindowTextW
SendMessageA
ShowWindow
GetMessageW
GetScrollInfo
GetWindowRect
IsChild
AppendMenuW
SetCapture
GetAncestor
LoadCursorW
SendMessageW
CreateMenu
SetWindowLongW
IsDialogMessageW
PtInRect
InvalidateRect
UnregisterClassW
gdi32
GetTextExtentPoint32W
GetTextMetricsW
BitBlt
SelectObject
SetBkMode
SetTextColor
GetDeviceCaps
CreateCompatibleBitmap
DeleteDC
CreateFontIndirectW
SetBrushOrgEx
CreatePatternBrush
GetStockObject
CreateCompatibleDC
DeleteObject
advapi32
CryptImportKey
CryptAcquireContextW
CryptEncrypt
CryptReleaseContext
CryptGetHashParam
CryptDestroyKey
CryptDestroyHash
CloseServiceHandle
CryptCreateHash
CryptHashData
ole32
CoUninitialize
CoCreateInstance
CoInitialize
bcrypt
BCryptGenRandom
Sections
.text Size: 9.5MB - Virtual size: 9.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 288KB - Virtual size: 288KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 688B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ