setup[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

setup.exe
Size

1.4MB
MD5

cc616dcc42e01238daed8abbd6755626
SHA1

d33c4b57118246ce1cd88c41dd78795fc70f47a8
SHA256

8eb8e14096d258ea615c8c86167ed65449e92fa66e48227b4649be3a39f8c8de
SHA512

04b9479579dc12ed9c1aa41beab6ade390ebb35a655ef48b4331e6570415dc75f4dcaedd90824c9593a94c50fcb9c1b5ef98153fc4d76f9690cc2dc302c4be91
SSDEEP

24576:+wvH+Iuzgi++mL7ZXom3u8nS+h52/pxB2yi0UBPdRbfFeP:+wf+Iv9om3ucSK52/px090UBPBeP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
setup.exe

Files

setup.exe
.exe windows:5 windows x86 arch:x86

560a2f0da01f8c7311c3eb57c52e3b16

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\_programmation\APIOverride\MonitoringFileBuilder\Win32ReleaseUnicode\MonitoringFileBuilderWin32.pdb

Imports

kernel32

Sleep
OpenThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
WriteFile
FormatMessageW
GetLastError
IsBadWritePtr
SetFilePointerEx
SetEndOfFile
WideCharToMultiByte
CreateEventW
GetTickCount
SetEvent
CreateThread
TerminateThread
ResetEvent
GetVersionExW
CreateProcessW
GetCommandLineW
GetWindowsDirectoryW
TerminateProcess
GetExitCodeProcess
HeapAlloc
SizeofResource
LockResource
LoadResource
FindResourceW
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
GetEnvironmentVariableW
DeactivateActCtx
SearchPathW
ReleaseActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
HeapCreate
HeapDestroy
GetTempFileNameW
GetTempPathW
GetUserDefaultLangID
InitializeCriticalSection
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleHandleA
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
LoadLibraryA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetStdHandle
VirtualAlloc
VirtualFree
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
LCMapStringW
LCMapStringA
CompareStringW
GetCPInfo
CompareStringA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
InterlockedExchange
InterlockedCompareExchange
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameW
CreateDirectoryW
GetFileAttributesW
SetLastError
GetProcessHeap
HeapFree
CreateFileA
WaitForSingleObject
IsBadReadPtr
GetSystemDirectoryW
SetFilePointer
IsBadCodePtr
MultiByteToWideChar
CopyFileW
DeleteFileW
FreeLibrary
GetCurrentProcess
GetProcessId
GetCurrentThreadId
GetModuleFileNameW
GetModuleHandleW
LoadLibraryW
GetProcAddress
ExpandEnvironmentStringsW
FindFirstFileW
FindNextFileW
FindClose
CreateFileW
GetFileSizeEx
ReadFile
CloseHandle
InterlockedDecrement
InterlockedIncrement

user32

GetMenuItemCount
GetIconInfo
CreateIconIndirect
ReleaseDC
GetDC
DrawIconEx
PtInRect
MessageBoxW
SetWindowPos
GetSystemMetrics
GetWindowRect
SendMessageW
SetWindowTextW
GetWindowTextW
GetComboBoxInfo
PostMessageW
GetWindowTextLengthW
CreateWindowExW
DestroyWindow
GetMenuItemRect
IsRectEmpty
TrackPopupMenuEx
SetForegroundWindow
DestroyMenu
InsertMenuItemW
GetMenuItemInfoW
GetMenuInfo
CreatePopupMenu
SetMenuInfo
GetMenuState
GetKeyState
GetParent
RegisterClipboardFormatW
KillTimer
GetClientRect
GetDlgItem
LoadImageW
GetWindowThreadProcessId
GetWindowLongW
ShowWindow
GetAncestor
RedrawWindow
ScreenToClient
GetWindow
EnableWindow
FlashWindowEx
EndDialog
SetWindowLongW
RealGetWindowClassW
GetCursorPos
LoadCursorW
EnumThreadWindows
SetCursor
DialogBoxParamW
GetFocus
GetSysColor
FillRect
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
DestroyIcon
ClientToScreen
WindowFromPoint
GetSysColorBrush
IsWindowEnabled
SetDlgItemTextW
SetFocus
CreateDialogIndirectParamW
CreateDialogParamW
DialogBoxIndirectParamW

gdi32

CreatePen
Rectangle
CreateBitmap
CreateCompatibleDC
DeleteDC
CreateDIBSection
SetTextColor
SetBkMode
GetTextExtentPoint32W
SetBkColor
DeleteObject
CreateSolidBrush
ExtTextOutW
GetObjectW
SelectObject
BitBlt

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCloseKey
RegOpenKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegQueryValueW
RegQueryValueExW

shell32

SHBrowseForFolderW
DragQueryFileW
DragAcceptFiles
DragQueryPoint
SHGetMalloc
DragFinish
ShellExecuteW
SHGetPathFromIDListW

ole32

StringFromIID
CLSIDFromString
StringFromCLSID
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

LoadTypeLibEx
SysAllocString
QueryPathOfRegTypeLi
SysFreeString

shlwapi

SHAutoComplete

comctl32

ord410
ord412
ord17
ImageList_Draw
ImageList_Destroy
InitCommonControlsEx
ord413

wininet

InternetOpenW
InternetCloseHandle
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCrackUrlW
InternetReadFile

Sections

.text
Size: 451KB - Virtual size: 451KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

560a2f0da01f8c7311c3eb57c52e3b16

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

wininet

Sections

.text Size: 451KB - Virtual size: 451KB

.rdata Size: 126KB - Virtual size: 125KB

.data Size: 274KB - Virtual size: 283KB

.tls Size: 8KB - Virtual size: 8KB

.rsrc Size: 197KB - Virtual size: 197KB

.reloc Size: 374KB - Virtual size: 374KB

.text
Size: 451KB - Virtual size: 451KB

.rdata
Size: 126KB - Virtual size: 125KB

.data
Size: 274KB - Virtual size: 283KB

.tls
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 197KB - Virtual size: 197KB

.reloc
Size: 374KB - Virtual size: 374KB