The Roshade Setup 3 3 1 exe (setup) File Malware Analysis

The Roshade.Setup.3.3.1.exe (setup) File Analysis

Updated 1 month ago

Checked by Malware Check

Roshade.Setup.3.3.1.exe

Hash Type	Value	Action
MD5	fe51cdac1d70cc17a57cae25c164bf47
SHA1	814144cb9df1c25942321ff04bb9b64ba55fc5fc
SHA256	83fd3eb8248b4a41ab7bcbbe193d93e57bc0034d20259c6e21dc6a427cfe0dcd
SHA512	87c02c489ecc68a186df7e5d2c5dda3d7ff594fd4fb19a2dacd8556ff91b9a7494889a466a28e930cbe02a57247f8042c1d6e84c91c064c4acb40f8afbcc8075
ImpHash	e25baff7652e2959c86cc6a590ce8f80

Hash Type

Value

Action

MD5

fe51cdac1d70cc17a57cae25c164bf47

SHA1

814144cb9df1c25942321ff04bb9b64ba55fc5fc

SHA256

83fd3eb8248b4a41ab7bcbbe193d93e57bc0034d20259c6e21dc6a427cfe0dcd

SHA512

87c02c489ecc68a186df7e5d2c5dda3d7ff594fd4fb19a2dacd8556ff91b9a7494889a466a28e930cbe02a57247f8042c1d6e84c91c064c4acb40f8afbcc8075

ImpHash

e25baff7652e2959c86cc6a590ce8f80

▼

Icon	Hash: 11f0961c5ef33909d6ad383e0f4055c7 Fuzzy: 3b5d3c7d207e37dceeedd301e35e2e58 dHash: e880a8a8d0a08022
Image Base	`0x140000000`
Entry Point	`0x140c70170`
Compilation Time	2023-04-22 10:23:43
Checksum	0x005c72f2 (Actual: 0x005c72f2)
OS Version	6.0
PEiD Signatures	`PE32+ executable (GUI) x86-64, for MS Windows`
Digital Signature	OK
Imports	31 libraries
Exports	0 functions
Resources	3 Resources
Sections	3 Sections

▼

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`UPX0`	`0x00001000`	7,053,312 bytes	0 bytes	0.00 (Normal)	`IMAGE_SCN_CNT_UNINITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D41D8CD98F00B204E9800998ECF8427E`
`UPX1`	`0x006bb000`	5,988,352 bytes	5,986,816 bytes	7.89 (Packed/Encrypted)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`45C7F9A7B357E170A2CE92D2270BE63B`
`.rsrc`	`0x00c71000`	8,192 bytes	6,656 bytes	3.33 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`2E051D9000CEAC91859E654AA6AEFA50`

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

▼

Total Resources: 3 (4,052 bytes)

Resource Type	Count	Total Size	Percentage
RT_ICON	1	3,624 bytes	89.4%
RT_GROUP_ICON	1	20 bytes	0.5%
RT_VERSION	1	408 bytes	10.1%

▼

Product	setup
Description	setup
File Version	3.3.1
Signing Date	10:23 AM 04/22/2023 (859 days ago)
Verification Status	Signed
Signers	Zeal Software Applications; Sectigo Public Code Signing CA R36; Sectigo Public Code Signing Root R46; Sectigo (AAA)
Counter Signers	Sectigo RSA Time Stamping Signer #3; Sectigo RSA Time Stamping CA; Sectigo