HEUR-Trojan[.]Win32[.]Generic-330be928a66930ef78513c8e464828eb146083e4110ce452969fedb5c44400a4

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan.Win32.Generic-330be928a66930ef78513c8e464828eb146083e4110ce452969fedb5c44400a4
Size

93KB
MD5

79de9c071294523632b5904a5a01b92a
SHA1

6846f7213e0b613b0f9d8ccf8a8af385fc335694
SHA256

330be928a66930ef78513c8e464828eb146083e4110ce452969fedb5c44400a4
SHA512

6ee3e1c19a4c40089d1eccb49c8450f6d981d7114083aebe2c08d3ff3e2401f8d80538b38fa1fd43697dc6e5deb07527cb46cbde7d58144bc5e46f7ec03e832c
SSDEEP

1536:BbSuPfDJMP/s5Brf5d5mu4Tw+FGcAYkxQZAaDU+tlCUHdL:BVus5pf5d554cE2pQCqQmdL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-330be928a66930ef78513c8e464828eb146083e4110ce452969fedb5c44400a4

Files

HEUR-Trojan.Win32.Generic-330be928a66930ef78513c8e464828eb146083e4110ce452969fedb5c44400a4
.exe windows x86

1865b90bed83af5a69b52775f62ebc64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringW
GetProfileIntW
GetSystemTimeAsFileTime
GetOEMCP
DeleteFileW
FreeEnvironmentStringsW
TlsSetValue
SetHandleCount
GetCurrentThreadId
FindFirstFileW
CreateFileMappingW
WriteConsoleW
HeapDestroy
UnmapViewOfFile
GetFileType
EnumSystemLocalesA
SetEndOfFile
WaitForMultipleObjects
WriteFileEx
GlobalLock
GetOverlappedResult
IsValidCodePage
SetEnvironmentVariableA
GetModuleHandleW
LCMapStringW
SetFilePointer
SearchPathA
SizeofResource
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LCMapStringA
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
HeapAlloc
GetCPInfo
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
VirtualFree
HeapCreate
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetEnvironmentStringsW
GetProcessHeap
TerminateThread
lstrcpynA
ExpandEnvironmentStringsA
LockResource
FindResourceW
GlobalAlloc
VirtualAlloc
GetLastError
GetModuleFileNameA
GetACP
GetCurrentProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
ExitProcess
WriteFile
GetStdHandle

user32

InvalidateRect
LoadCursorW
DrawTextExW
HideCaret
DispatchMessageA
IsZoomed
OpenClipboard
GetSystemMenu
GetDlgCtrlID
wsprintfW
SetWindowLongA
DialogBoxParamW
MessageBoxW
CheckRadioButton
InflateRect
SendDlgItemMessageW
GetFocus
SetMenu
SetWindowLongW
RegisterClassExW
LoadMenuW
GetClipboardData
FindWindowA
LoadStringW
EndDialog
CharUpperW
SetTimer
MapWindowPoints
DestroyMenu
IsDialogMessageA
GetSystemMetrics
IsClipboardFormatAvailable
GetWindowPlacement
PostMessageW
GetMenuCheckMarkDimensions
GetCursorPos
SetCursorPos
OpenDesktopW
LoadCursorA

gdi32

GetObjectA
GetDeviceCaps

comdlg32

PrintDlgA
ChooseFontW

advapi32

RegSetValueExA
OpenSCManagerA
LookupPrivilegeValueA
RegOpenKeyExA
InitializeSecurityDescriptor
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
OpenServiceA

shell32

ShellExecuteExA
ShellExecuteA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1865b90bed83af5a69b52775f62ebc64

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 47KB - Virtual size: 47KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 47KB - Virtual size: 47KB