HEUR-Trojan[.]Win32[.]Generic-0fd66826ca59b33c8f9d116c97a80e632cf87821fba6e9a3ea10321e757e41c2

General

Target

HEUR-Trojan.Win32.Generic-0fd66826ca59b33c8f9d116c97a80e632cf87821fba6e9a3ea10321e757e41c2
Size

131KB
MD5

8cd5f53aba58a5164dc3b97622780099
SHA1

116b7bdeca0fc13d746d637a3528df5eb78efae8
SHA256

0fd66826ca59b33c8f9d116c97a80e632cf87821fba6e9a3ea10321e757e41c2
SHA512

56c5af58255367fc2fe303de63aa152658372332a65f1d7b60e4149a4dbf67d3c936cecf498b229f039fe576aa708150b1319b0db1434715a97d278819f21120
SSDEEP

1536:OwGKKRYXLGPgroNSIGPbx5BD7Tq9YN2iLvQ:ABYXLGPGRx5t/95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-0fd66826ca59b33c8f9d116c97a80e632cf87821fba6e9a3ea10321e757e41c2

Files

HEUR-Trojan.Win32.Generic-0fd66826ca59b33c8f9d116c97a80e632cf87821fba6e9a3ea10321e757e41c2
.exe windows x86

0f319932dd61ba1e58d90376ac1a7370

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
lstrlenA
GetSystemTime
lstrcpyA
VirtualFree
LocalCompact
AddVectoredExceptionHandler
LoadLibraryW
RemoveVectoredExceptionHandler
HeapAlloc
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
CloseHandle
FlushFileBuffers

gdi32

GetGraphicsMode
AddFontResourceExW
GetSystemPaletteUse
GetEnhMetaFileHeader

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f319932dd61ba1e58d90376ac1a7370

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 82KB - Virtual size: 82KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 82KB - Virtual size: 82KB