Setup[.]exe | Triage

Sharing

General

Target

Setup.exe
Size

548KB
MD5

bc366b2c1803069f350f4192cd676d47
SHA1

f4cb2c5127d8ea90883c0f60c660d0ab92720768
SHA256

5ecf311d38dcc488b93e22c7e7175557f8733dbbb8d6fcd452b911f7821acac8
SHA512

1dacc54d9f2c0b826a29f6683e6e13fc5291c058912922fd9c112ccabb67e7e797d604c99bc16abcf7bfc49a8934cbcc5920d98cab0b44a6001c0f770c53fac5
SSDEEP

12288:tibqI59Pk2cb7p93hn4W0wqTHxMCSHCFIkRXUX9+8:tibqIjk2cvpHn4W41MCSHCBXUXH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Setup.exe

Files

Setup.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\pc\Desktop\28-05-2019\svchost--setup 22-09-2018\obj\Release\Setup.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 446KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ