HEUR-Trojan[.]Win32[.]Generic-2b658da052076ae93ffd1ffa967aaa2663f0d91bdfdc3dd617557e9a4607daa4

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan.Win32.Generic-2b658da052076ae93ffd1ffa967aaa2663f0d91bdfdc3dd617557e9a4607daa4
Size

93KB
MD5

bbef5dfa20459447fd71ea3eaac82ca0
SHA1

293264a77bf83a1e69d3b38428b4c76f0d54780f
SHA256

2b658da052076ae93ffd1ffa967aaa2663f0d91bdfdc3dd617557e9a4607daa4
SHA512

960a661c03f247d39146420ffe166c0f432b45c480eba1b663079228d61c473a17c9ad90939003a0dc35ff606971c5d4c64ee858f5d58332ef1d4941d17e673d
SSDEEP

1536:aGPvrp8P/sVfkJf5/5mu4Tw+FGcAYkxQZAaDU+tlCUHdL:Z2sVfkJf5/554cE2pQCqQmdL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-2b658da052076ae93ffd1ffa967aaa2663f0d91bdfdc3dd617557e9a4607daa4

Files

HEUR-Trojan.Win32.Generic-2b658da052076ae93ffd1ffa967aaa2663f0d91bdfdc3dd617557e9a4607daa4
.exe windows x86

b92e835e324afb433b56a8ce8cb49361

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetModuleHandleW
GetCurrentThreadId
ExpandEnvironmentStringsA
GetProfileIntW
IsValidCodePage
HeapDestroy
WaitForMultipleObjects
SetEnvironmentVariableA
EnumSystemLocalesA
SetEndOfFile
lstrcpynA
GetProfileStringW
GetOverlappedResult
LCMapStringW
GetOEMCP
TerminateThread
TlsSetValue
FindFirstFileW
GetFileType
SizeofResource
FreeEnvironmentStringsW
CreateFileMappingW
SearchPathA
SetHandleCount
GetProcessHeap
WriteConsoleW
GlobalLock
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LCMapStringA
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
HeapAlloc
GetCPInfo
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
VirtualFree
HeapCreate
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetEnvironmentStringsW
DeleteFileW
UnmapViewOfFile
WriteFileEx
SetFilePointer
LockResource
FindResourceW
GlobalAlloc
VirtualAlloc
GetLastError
GetModuleFileNameA
GetACP
GetCurrentProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
ExitProcess
WriteFile
GetStdHandle

user32

SetWindowLongA
GetSystemMenu
CheckRadioButton
IsClipboardFormatAvailable
LoadMenuW
SetTimer
LoadCursorA
MessageBoxW
MapWindowPoints
SetMenu
EndDialog
InvalidateRect
InflateRect
GetSystemMetrics
RegisterClassExW
GetDlgCtrlID
CharUpperW
FindWindowA
DrawTextExW
GetClipboardData
SendDlgItemMessageW
LoadStringW
DispatchMessageA
GetFocus
DestroyMenu
GetWindowPlacement
IsDialogMessageA
wsprintfW
PostMessageW
IsZoomed
SetWindowLongW
DialogBoxParamW
HideCaret
LoadCursorW
GetMenuCheckMarkDimensions
GetCursorPos
SetCursorPos
OpenDesktopA
OpenClipboard

gdi32

GetDeviceCaps
GetObjectA

comdlg32

ChooseFontW
PrintDlgA

advapi32

RegSetValueExA
RegOpenKeyExA
LookupPrivilegeValueA
OpenSCManagerA
InitializeSecurityDescriptor
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
OpenServiceA

shell32

ShellExecuteExA
ShellExecuteA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b92e835e324afb433b56a8ce8cb49361

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 47KB - Virtual size: 47KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 47KB - Virtual size: 47KB