HEUR-Trojan[.]Win32[.]Generic-dd142090d4813db5243a151aca1fdf51c05e015691e4f3e2dd818adf6aba5b5b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan.Win32.Generic-dd142090d4813db5243a151aca1fdf51c05e015691e4f3e2dd818adf6aba5b5b
Size

57KB
MD5

ff2b71cea0e2093ad9cdb60f35d04e1c
SHA1

5f92a6aea9ba315571f5c54211ed84b02aae4570
SHA256

dd142090d4813db5243a151aca1fdf51c05e015691e4f3e2dd818adf6aba5b5b
SHA512

4089c9e7c2af00ba474c7e20801e4b5ac07170251e7bac522768cb1cd9c77fef20a0bc772d3bbc4ac960f37789ac70eb073434c7a7a7478ebb88944238638c2f
SSDEEP

768:q8Au2r+t2qr7AvvZ7THZBWJmEVlJtlCWAr2qMCUyexsTqUFQysG2m9rMLrF:MytRrcvvBPGVlJtlCrvq3pFm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-dd142090d4813db5243a151aca1fdf51c05e015691e4f3e2dd818adf6aba5b5b

Files

HEUR-Trojan.Win32.Generic-dd142090d4813db5243a151aca1fdf51c05e015691e4f3e2dd818adf6aba5b5b
.exe windows x86

212d88e869f6be02ade64ac20a861935

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
strncpy
strcmp
memmove
strlen

kernel32

GetModuleHandleA
HeapCreate
VirtualProtectEx
VirtualProtect
LocalUnlock
HeapDestroy
ExitProcess
GlobalAlloc
OpenProcess
CloseHandle
GlobalFree
FreeLibrary
HeapFree
LoadLibraryA
GetProcAddress
HeapAlloc
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
GetModuleFileNameA
HeapReAlloc

winspool.drv

PrinterProperties

user32

MessageBeep
SendMessageA
MessageBoxA
DeleteMenu
ArrangeIconicWindows
DdeAccessData
ShowCaret
GetClassWord

comctl32

InitCommonControlsEx

ole32

CoInitialize

Sections

.code
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ