HEUR-Trojan[.]Win32[.]Generic-0424aba040a8a42e9a7d0c7d72ff2b32eca228d8ec5e72e8d752831f0130bbe5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan.Win32.Generic-0424aba040a8a42e9a7d0c7d72ff2b32eca228d8ec5e72e8d752831f0130bbe5
Size

186KB
MD5

fa97284b1a389618bce7a5caa8db1e37
SHA1

85c0a4e06c9536a90099b1088ff26e3fdf878362
SHA256

0424aba040a8a42e9a7d0c7d72ff2b32eca228d8ec5e72e8d752831f0130bbe5
SHA512

50977be6a82926ce8c5befaa23938c9520e24e00ec1f1bf2374cd2a617436906c6a17c68efed45d4607fa57ba18d2c069236d6b6eaa4373fe9c823e8ccc0db3a
SSDEEP

3072:TmpUAQIRTt0iheqKPOks25BJWf5O1nOrXX++hnFwPBnBBisgLCVq7gtyy900OS20:TmGAQ2TtYDPOks2DKO18Xu+hnF8BBiRQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-0424aba040a8a42e9a7d0c7d72ff2b32eca228d8ec5e72e8d752831f0130bbe5

Files

HEUR-Trojan.Win32.Generic-0424aba040a8a42e9a7d0c7d72ff2b32eca228d8ec5e72e8d752831f0130bbe5
.exe windows:1 windows x86 arch:x86

e0c279f0e6ae303a9b16d378e4ba52e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CLSIDFromProgIDEx

kernel32

GetCommandLineW
GetLocalTime
GetModuleHandleW
GetProcAddress
GetStartupInfoW
GetTickCount
LoadLibraryA
MulDiv
VirtualProtect
lstrcatA
lstrcmpW
lstrlenW

gdi32

BitBlt
CreateCompatibleDC
CreateSolidBrush
DeleteDC
DeleteObject
ExtTextOutW
GetStockObject
GetTextExtentPoint32W
GetTextMetricsW
PtVisible
SelectObject
SetTextColor
TextOutW
GetDeviceCaps

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

Sections

AUTO
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 171KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ