HEUR-Trojan[.]Win32[.]Generic-f69bb2c0fde14a3f3827ad1a4d03c54a31008fd4068e90b271d8d26b2aa5a749

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan.Win32.Generic-f69bb2c0fde14a3f3827ad1a4d03c54a31008fd4068e90b271d8d26b2aa5a749
Size

101KB
MD5

ff23c59dbb7151a75d0c1f02fec0d097
SHA1

e822e7932a57016d9c8909e320f1fa68a77f8f35
SHA256

f69bb2c0fde14a3f3827ad1a4d03c54a31008fd4068e90b271d8d26b2aa5a749
SHA512

6a16aedf5a4babc4c8684abb91e6a7a3ee6b75a3399b6368c30c17a5fee33e6eba2103f2a01476f8e781187302fc80868cbdb8880d3d7ba0cd697dfb49647eae
SSDEEP

1536:/ubmXvhSYZHtBBY0JradMdtDt1wWIYTQqOnBlrzDLXn6v8:EsvcqNBxradMdz1IYTYnBlDLXn6v8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-f69bb2c0fde14a3f3827ad1a4d03c54a31008fd4068e90b271d8d26b2aa5a749

Files

HEUR-Trojan.Win32.Generic-f69bb2c0fde14a3f3827ad1a4d03c54a31008fd4068e90b271d8d26b2aa5a749
.exe windows x86

285cf731f11d3adc540bbb264bbfdf3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathAppendW
StrChrNIW
PathRemoveFileSpecW

shell32

SHGetDesktopFolder
SHEnumerateUnreadMailAccountsW
SHSetLocalizedName
SHGetSpecialFolderLocation
DragQueryPoint
SHOpenFolderAndSelectItems

kernel32

MultiByteToWideChar
GetTimeZoneInformation
InterlockedIncrement
GetEnvironmentStringsW
GetACP
GetTimeFormatW
HeapReAlloc
GetStartupInfoW
RtlUnwind
DeleteCriticalSection
UnhandledExceptionFilter
IsDebuggerPresent
FlushFileBuffers
ExitProcess
ReadFile
GetLastError
GetConsoleMode
SetUnhandledExceptionFilter
GetStartupInfoA
GetStringTypeW
Sleep
GetLocalTime
GetProcAddress
HeapFree
LCMapStringW
lstrlenW
SetHandleCount
OutputDebugStringW
EnterCriticalSection
FileTimeToDosDateTime
GetStringTypeA
GetConsoleCP
SetLastError
CreateFileW
TlsAlloc
IsValidCodePage
TlsFree
lstrcpyW
InitializeCriticalSectionAndSpinCount
CompareStringA
GetSystemTimeAsFileTime
RaiseException
GetDateFormatW
SetStdHandle
GetStdHandle
UnmapViewOfFile
GetCommandLineW
FreeEnvironmentStringsW
QueryPerformanceCounter
GetFileType
FreeLibrary
HeapSize
lstrcpynW
LCMapStringA
TlsGetValue
DeleteFileW
GetCPInfo
LeaveCriticalSection
GetFileSize
CompareStringW
lstrlenA
lstrcatW
GetModuleHandleA
VirtualAlloc
InterlockedDecrement
GetPrivateProfileStringW
SetFilePointer
HeapCreate
CreateDirectoryW
SystemTimeToFileTime
GetPrivateProfileIntW
SetEnvironmentVariableA
LoadLibraryA
GetTickCount
FileTimeToSystemTime
HeapAlloc
GetModuleHandleW
GetOEMCP
lstrcmpiA
TlsSetValue
CloseHandle
GetComputerNameW
CreateFileA
lstrcmpW
TerminateProcess

wsock32

getservbyname
shutdown
WSAStartup
htons
socket
gethostbyname
sendto
send
connect
recv
closesocket
ioctlsocket
select

advapi32

RegCloseKey
EqualDomainSid
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
SetServiceStatus

rpcrt4

UuidCreate
UuidCreateSequential
RpcAsyncGetCallStatus

comctl32

ImageList_GetImageCount
InitCommonControlsEx

user32

KillTimer
EnableWindow
UpdateWindow
SetTimer
SetActiveWindow
CharNextW
SetCapture
SetFocus
DialogBoxParamW
SetDlgItemTextW
ShowWindow
SendMessageW
ReleaseCapture
MessageBoxW
wsprintfW
GetDlgItem
CharPrevW

Sections

.text
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

285cf731f11d3adc540bbb264bbfdf3c

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

shell32

kernel32

wsock32

advapi32

rpcrt4

comctl32

user32

Sections

.text Size: 44KB - Virtual size: 48KB

.data Size: 27KB - Virtual size: 26KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 44KB - Virtual size: 48KB

.data
Size: 27KB - Virtual size: 26KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 20KB - Virtual size: 19KB