HEUR-Trojan[.]Win32[.]Generic-1809aa1e4d1ed14722417ee284cea229fac1c09b8c14434f7e1b2ea8547c5aeb[.]bin

General

Target

HEUR-Trojan.Win32.Generic-1809aa1e4d1ed14722417ee284cea229fac1c09b8c14434f7e1b2ea8547c5aeb.bin
Size

77KB
MD5

1b96a20d2b8a062f538eb40aef3e8ec8
SHA1

3ba495326b2a6e59e91814a8f5e713a5fa327ee7
SHA256

1809aa1e4d1ed14722417ee284cea229fac1c09b8c14434f7e1b2ea8547c5aeb
SHA512

81560a82fc2a0df21274adfcd126193b939f3323e29498b109a698f1a3626e860cc323e36385ab3db43b8760d822acfe098e1dde62cbfc71def26e5e1379bb71
SSDEEP

1536:5JJIPV0EfELXWcEJXYMxJ06pifrpE/Aw1w:53IZhVphpif611w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-1809aa1e4d1ed14722417ee284cea229fac1c09b8c14434f7e1b2ea8547c5aeb.bin

Files

HEUR-Trojan.Win32.Generic-1809aa1e4d1ed14722417ee284cea229fac1c09b8c14434f7e1b2ea8547c5aeb.bin
.exe windows x86

b726e88a976872f70521f0f7fd804877

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

ClusterEnum
CloseCluster
CloseClusterNode
CloseClusterGroup

crypt32

CertOpenSystemStoreA
CryptHashMessage
CryptDecodeMessage
CryptFindOIDInfo
CryptDecryptMessage
CryptEnumOIDInfo
CryptMemRealloc
CertDeleteCTLFromStore
CryptUnprotectData
CryptProtectData

advapi32

OpenEventLogW
CryptSignHashA
RegCreateKeyExA
ClearEventLogW
RegLoadKeyW
RegRestoreKeyA
ReadEventLogA
RegUnLoadKeyA
RegOpenKeyW
RegReplaceKeyW
RegEnumKeyA
RegSaveKeyA
RegDeleteValueA
IsTextUnicode

modemui

CountryRunOnce
drvGetDefaultCommConfigA

kernel32

RemoveDirectoryA
AddAtomW
GetProcAddress
LoadLibraryExA
OpenMutexA
FindFirstFileA
CreateMutexA
GetBinaryTypeW
GetVersionExW
GetCurrentDirectoryA
GetTempFileNameA
FindClose
FormatMessageW
lstrcatW
CreateSemaphoreA
IsBadReadPtr
LoadLibraryA
ResetEvent
HeapReAlloc
GetConsoleAliasW
WaitForSingleObjectEx

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data1
Size: - Virtual size: 256B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b726e88a976872f70521f0f7fd804877

Headers

DLL Characteristics

File Characteristics

Imports

clusapi

crypt32

advapi32

modemui

kernel32

Sections

.text Size: 65KB - Virtual size: 65KB

.data1 Size: - Virtual size: 256B

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 65KB - Virtual size: 65KB

.data1
Size: - Virtual size: 256B

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 5KB - Virtual size: 4KB