HEUR-Trojan[.]Win32[.]Generic-0a236d506d90e339bc777d52e67662ae7e0700b7bd255f5a1a94dd646d00f942

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan.Win32.Generic-0a236d506d90e339bc777d52e67662ae7e0700b7bd255f5a1a94dd646d00f942
Size

208KB
MD5

ff76f09a2632529dbb66c966b28eb458
SHA1

761d32a5e6c770e8dec4d9ede7226c2d0f2299a2
SHA256

0a236d506d90e339bc777d52e67662ae7e0700b7bd255f5a1a94dd646d00f942
SHA512

4c78e3d26cb885a531aca74daaf146cd9625e56ae78d7a94277249f351a65d5c6fb24c7b3a51e0e3e1c0d380994bddee623374f60a6ee546603a6a5d40219f8e
SSDEEP

3072:NvTfllcpJD85vFhG32qMOF7rWTi61UolSWlqoRZq4NLthEjQT67:Nrtlmg5vFhHmebaYqo2QEj9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-0a236d506d90e339bc777d52e67662ae7e0700b7bd255f5a1a94dd646d00f942

Files

HEUR-Trojan.Win32.Generic-0a236d506d90e339bc777d52e67662ae7e0700b7bd255f5a1a94dd646d00f942
.exe windows:4 windows x86 arch:x86

03ae0108c7455c49c94d2d60afa1e57a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameA
GetModuleFileNameExA
EnumProcessModules
EnumProcesses

kernel32

GetOEMCP
SetErrorMode
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
ExitProcess
RaiseException
HeapSize
TerminateProcess
UnhandledExceptionFilter
GetCPInfo
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetACP
GetConsoleCP
GetConsoleMode
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetThreadLocale
SetEndOfFile
FlushFileBuffers
SetFilePointer
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
FormatMessageA
LocalFree
MulDiv
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
SetLastError
GlobalAddAtomA
GlobalUnlock
GlobalFree
FreeResource
WritePrivateProfileStringA
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
GetVersion
CompareStringA
GetLastError
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
Beep
GetModuleHandleA
GetProcAddress
ReadFile
GetFileSize
GetModuleFileNameA
GetCurrentProcess
Sleep
GetCurrentProcessId
OpenProcess
CopyFileA
CloseHandle
WriteFile
CreateFileA
FindClose
FindFirstFileA
GetTickCount
SetUnhandledExceptionFilter

user32

LoadCursorA
ShowWindow
SetWindowTextA
IsDialogMessageA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetTopWindow
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
LoadIconA
keybd_event
GetForegroundWindow
GetClientRect
DrawTextA
SetTimer
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
DestroyMenu
UnregisterClassA
GetSysColorBrush
GetMessageTime
IsIconic
SendMessageA
GetSystemMetrics
DrawIcon
SetSysColors
KillTimer
EnableWindow
PostMessageA
PostQuitMessage
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetDeviceCaps
ExtTextOutA
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetClipBox
CreateBitmap
TextOutA
RectVisible
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
Escape

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyA

shell32

SHGetFolderPathA
ShellExecuteA

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03ae0108c7455c49c94d2d60afa1e57a

Headers

File Characteristics

Imports

psapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 20KB - Virtual size: 18KB