HEUR-Trojan[.]Win32[.]Generic-fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb[.]bin

General

Target

HEUR-Trojan.Win32.Generic-fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb.bin
Size

64KB
MD5

366aad320bb8a36a88491ad1d164cf09
SHA1

32e3c8c00cb87db06f8e65b2fbc7f04e08a14105
SHA256

fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb
SHA512

921b4d02d2944ea159d2d4623c5b3233bbbf574278e6f8f8f4b023c9b853c6d002f642beb78e316d643df3ab9043b0973cacb5a18a1776ba52d18fabaeff16d7
SSDEEP

768:jykKUSkyDjBSNBvSMIhK7VHQLvGdwFtg2dY6edSYQrq3RWD3Ghc5tTZ92th5Tk9x:SJEN8I5zGXgF6eIdq3Yym5l+tnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb.bin

Files

HEUR-Trojan.Win32.Generic-fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb.bin
.exe windows x86

f7967747dba9ace411edf0c8a2401731

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperationW
StrChrW
SHUpdateImageA
DragAcceptFiles
ExtractIconW
DragFinish
StrStrW
DragQueryFileA
ShellAboutA
SHGetFolderPathA
FindExecutableA
SHSetFolderPathA
SHGetFileInfoW
SHDefExtractIconA
SHBrowseForFolderA
DllCanUnloadNow

shlwapi

UrlUnescapeA
UrlCanonicalizeA
UrlIsA
UrlCreateFromPathW
UrlCompareA
PathCompactPathA
PathIsRootW
PathCommonPrefixA
PathCombineA
UrlIsNoHistoryA
UrlGetPartW

kernel32

WaitForSingleObjectEx
SetLocalTime
LoadLibraryA
SetPriorityClass
FormatMessageA
CreateMutexA
GetConsoleTitleW
WriteConsoleA
CreateNamedPipeA
CreateFileMappingA
FindClose
InterlockedIncrement
ResetEvent
GlobalAddAtomA
GetConsoleAliasW
InterlockedDecrement
IsBadStringPtrA
DeleteFileA
FindNextFileA
SetLastError
GetProcessHeap
GetProcAddress
GetModuleHandleA
CreateFileW
FindResourceExW
GetCurrentDirectoryA
OpenMutexW
SearchPathA
GetProfileStringW
OpenSemaphoreA
CreateDirectoryW

untfs

FormatEx
Extend
Recover
Chkdsk

dsprop

ErrMsg
CrackName
ErrMsgParam

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 512B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7967747dba9ace411edf0c8a2401731

Headers

DLL Characteristics

File Characteristics

Imports

shell32

shlwapi

kernel32

untfs

dsprop

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 30KB - Virtual size: 30KB

.edata Size: - Virtual size: 512B

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 30KB - Virtual size: 30KB

.edata
Size: - Virtual size: 512B