HEUR-Trojan[.]Win32[.]Generic-772fcfe20f0bb14861a611901a7354759515cbd7d1b4762436e9c1f4c2c290df

General

Target

HEUR-Trojan.Win32.Generic-772fcfe20f0bb14861a611901a7354759515cbd7d1b4762436e9c1f4c2c290df
Size

42KB
MD5

13191c959aadb8c8e551c3a8a8c16267
SHA1

00172344192f9c72a256fc0fb693599cb763455b
SHA256

772fcfe20f0bb14861a611901a7354759515cbd7d1b4762436e9c1f4c2c290df
SHA512

cb2c731c81b53a42a45b47c8c32072e4032927d3d9e9220bd2e34d67a10e68446f284c52a684846bf488959ca0b0fef5446d3b4dcb2eda8f69e47c35d76b0da0
SSDEEP

768:z/Ur3aSd3izp78nsOxseT/I+NVrEcC7MfxDj+57hfnGEhcAwXIn95s87Vy9GQ:z/Un5sOJssVrEZqpj+5MEaAw4bs87Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-772fcfe20f0bb14861a611901a7354759515cbd7d1b4762436e9c1f4c2c290df

Files

HEUR-Trojan.Win32.Generic-772fcfe20f0bb14861a611901a7354759515cbd7d1b4762436e9c1f4c2c290df
.exe windows x86

b0aeb5d4220b5903411c2e7eea608221

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryW
GetProcAddress
GetDriveTypeA
lstrlenA
GetFileAttributesA
lstrlenW
GetDriveTypeW
GetFileAttributesW
GetTickCount
GetCurrentProcessId
GetLastError

user32

DestroyIcon
DestroyWindow
IsWindow
GetSysColor
LoadIconW
LoadIconA
GetKeyState

gdi32

SetMapMode
SetBkMode
SetBkColor
SelectObject
SetTextColor
ScaleViewportExtEx
SaveDC
RestoreDC
RectVisible
PtVisible
SetViewportExtEx
ScaleWindowExtEx
OffsetViewportOrgEx
CreateCompatibleDC
SetTextAlign
TextOutA
SetWindowExtEx
CreateBitmap
CreateFontIndirectA
DeleteDC
DeleteObject
Escape
ExtTextOutA
GetClipBox
GetDeviceCaps
GetObjectA
GetStockObject
SetViewportOrgEx

advapi32

RegQueryValueExW
RegOpenKeyW

shell32

ShellExecuteA
SHGetFolderPathA
SHGetFileInfoW
SHBrowseForFolder
SHFreeNameMappings
ShellExecuteExA

shlwapi

StrRChrIA
StrCmpNA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0aeb5d4220b5903411c2e7eea608221

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB