HEUR-Trojan[.]Win32[.]Generic-d8e53b1ce95c600d9f8b235bdaf02b5cbe91bd884dc0eb0df30a5fb16bbeec1a

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan.Win32.Generic-d8e53b1ce95c600d9f8b235bdaf02b5cbe91bd884dc0eb0df30a5fb16bbeec1a
Size

138KB
MD5

4bbfa7bd5214e58f2b5bf8b829ac0445
SHA1

441823650623dd29930e52565026e2145d85c822
SHA256

d8e53b1ce95c600d9f8b235bdaf02b5cbe91bd884dc0eb0df30a5fb16bbeec1a
SHA512

df6c9b7295306b1262fe5630164003ee9a402d239f79a6fee138f62a6c68ce543385691e1f734f9de99c5a97d13df55799bf5788d65c4421c76016442cdd33fd
SSDEEP

3072:xLjRomxVKIrfewzBAMQ73wZJJmSmoPPSN0beHHs5ePec47d:xHFKIrfewzBTQ7iJQoPqDH9HG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-d8e53b1ce95c600d9f8b235bdaf02b5cbe91bd884dc0eb0df30a5fb16bbeec1a

Files

HEUR-Trojan.Win32.Generic-d8e53b1ce95c600d9f8b235bdaf02b5cbe91bd884dc0eb0df30a5fb16bbeec1a
.exe windows x86

af96a1f41fe88e6ce0ce9b38882c4abf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3711
ord641
ord567
ord324
ord825
ord783
ord2302
ord4234
ord6199
ord1768
ord4710
ord4853
ord5953
ord5148
ord823
ord1858
ord4245
ord5101
ord2101
ord2723
ord2390
ord3059
ord5100
ord5104
ord4467
ord4303
ord3351
ord5012
ord976
ord5472
ord3403
ord2879
ord2878
ord4152
ord4077
ord5237
ord2382
ord5283
ord2649
ord1665
ord4436
ord2445
ord4427
ord401
ord674
ord5254
ord2379
ord1871
ord3663
ord2414
ord3692
ord1641
ord2393
ord3626
ord3721
ord795
ord4275
ord665
ord353
ord3573
ord613
ord289
ord800
ord537
ord5875
ord6170
ord3716
ord790
ord2294
ord2362
ord6111
ord4694
ord6334
ord2358
ord2301
ord816
ord562
ord5791
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord6215
ord986
ord411
ord4159
ord6117
ord2621
ord4204
ord3499
ord2515
ord2446
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord3177
ord941
ord858
ord4129
ord2764
ord1200
ord2884
ord4216
ord355
ord1175
ord1920
ord4262
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord5240
ord3748
ord1725
ord4432
ord784
ord506
ord517
ord5260
ord2564
ord2864
ord6197
ord6131
ord6216
ord2652
ord2915
ord1669
ord535
ord4723
ord6267
ord5926
ord860
ord2513
ord293
ord804
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord1146
ord1859
ord4246
ord3869
ord2127
ord2391
ord5102
ord5105
ord4468
ord3350
ord975
ord2880
ord4153
ord2383
ord5284
ord4437
ord4428
ord402
ord5255
ord2642
ord3092
ord540
ord2370
ord1834
ord5067
ord4716
ord4750
ord4608
ord5016
ord4375
ord4852
ord4834
ord4229
ord6241
ord4607
ord4635
ord2587
ord4406
ord3394
ord3729
ord755
ord4133
ord4297
ord5788
ord5787
ord472
ord283
ord470
ord1576
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord3597
ord4425
ord5280
ord1775
ord6052
ord2514
ord4998
ord4376
ord1825
ord5265
ord1168

msvcrt

__p__fmode
__set_app_type
_except_handler3
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
wcscat
_wfopen
time
srand
rand
log10
log
strcpy
_setmbcp
__CxxFrameHandler
__p__commode
memcpy
memset
sqrt
_ftol
fabs
cos
sin

kernel32

GetFileSize
GetProcAddress
LoadLibraryA
ReadFile
GetModuleHandleA
GetStartupInfoA
CloseHandle
LocalAlloc
LocalLock
LocalUnlock
LocalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameW
GlobalHandle
GlobalFree

user32

LoadMenuA
GetSysColor
GetWindowRect
ClientToScreen
GetSubMenu
GetFocus
InvalidateRect
UpdateWindow
SendMessageA
GetClientRect
InflateRect
FillRect
GetSystemMetrics
wsprintfA
GetScrollPos
SetScrollRange
SetScrollPos
EnableWindow

gdi32

GetDeviceCaps
RealizePalette
GetStockObject
CreateSolidBrush
CreatePalette
SelectPalette
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits
Rectangle

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af96a1f41fe88e6ce0ce9b38882c4abf

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 10KB