HEUR-Trojan[.]Win32[.]Generic-2273fdf7d403fe79d72cbd0fe7b331e7a12728ca9ef78457a8d42c1413b63963 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan.Win32.Generic-2273fdf7d403fe79d72cbd0fe7b331e7a12728ca9ef78457a8d42c1413b63963
Size

155KB
MD5

de777df1c9d186337603d2c93218216d
SHA1

46eccbf3e8efb6ca04a153375fd45ab73f78464b
SHA256

2273fdf7d403fe79d72cbd0fe7b331e7a12728ca9ef78457a8d42c1413b63963
SHA512

d0e43c698a1ce147f0932202af996d31cac2cc11e3f837c16e4baf255498e0cdaf2ee3eb75185dffecff2c8f6ef3053a159ff8b9492253254541244b65675811
SSDEEP

3072:zoY0ALG7F60AM6r61ZNSaPK8bbuVSQJ0uOUR5Y7DFavjBooJ:0Y0ALG7HAMt1ZEs+NJ0rMYXweG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-2273fdf7d403fe79d72cbd0fe7b331e7a12728ca9ef78457a8d42c1413b63963

Files

HEUR-Trojan.Win32.Generic-2273fdf7d403fe79d72cbd0fe7b331e7a12728ca9ef78457a8d42c1413b63963
.exe windows:1 windows x86 arch:x86

d7da4bd9d4700a09d4bb196f5ad9fd0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptBinaryToStringW

kernel32

GetProcAddress
LoadLibraryA
RtlUnwind
VirtualProtect
RaiseException
GetModuleHandleA
CloseHandle
WriteFile
GetCurrentThreadId

crtdll

__GetMainArgs
exit
raise
signal

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 40B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 660B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 250B - Virtual size: 250B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ