HEUR-Trojan[.]Win32[.]Generic-0a5b9adc4a6b097b9333a2bd46d638b3b862b66afd686c5420072b46e1b87d09 | Triage

Sharing

General

Target

HEUR-Trojan.Win32.Generic-0a5b9adc4a6b097b9333a2bd46d638b3b862b66afd686c5420072b46e1b87d09
Size

183KB
MD5

fe1e160b8125ff47cd5230723304cea6
SHA1

702ed9ac964297eaa9bd5dac29d61949af726cae
SHA256

0a5b9adc4a6b097b9333a2bd46d638b3b862b66afd686c5420072b46e1b87d09
SHA512

48a3ea56ac0e3708d53e49426c6dcbfae0bb12adf915b279a42da85bd9abfd7c14262c849f88376a41b9819c42f63db19d5518788b1990f55895923af418fb2c
SSDEEP

3072:2e+N8sceIO+wq4YuThkFcex8kD4wuitYpI0dZef0+M:2eBe2wsuThkKe81ppIwZef0+M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-0a5b9adc4a6b097b9333a2bd46d638b3b862b66afd686c5420072b46e1b87d09

Files

HEUR-Trojan.Win32.Generic-0a5b9adc4a6b097b9333a2bd46d638b3b862b66afd686c5420072b46e1b87d09
.exe windows:1 windows x86 arch:x86

886278c9edb60be878adc8f899c633b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptBinaryToStringW

shlwapi

PathAppendA
PathAppendW
PathCombineA
PathFileExistsW

kernel32

CloseHandle
CreateMutexA
ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetTickCount
GetVersionExA
HeapCreate
HeapDestroy
HeapFree
LCMapStringA
LoadLibraryA
MultiByteToWideChar
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
WriteFile
lstrcpyA
LCMapStringW

Sections

AUTO
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ