HEUR-Trojan[.]Win32[.]Generic-2df75e9ff0b3d143de5cef7d5d70676738bae6f032870a0f54b48f4468722274

General

Target

HEUR-Trojan.Win32.Generic-2df75e9ff0b3d143de5cef7d5d70676738bae6f032870a0f54b48f4468722274
Size

159KB
MD5

fa310a84316b6d9bc75423f6f3cbf116
SHA1

2cd53989a89a53f61c28c052b6da43616618eae4
SHA256

2df75e9ff0b3d143de5cef7d5d70676738bae6f032870a0f54b48f4468722274
SHA512

6f9f604c80b29b3aa0d7faa3824ad0f2938293181565f504949b1888245cf269afde710e596b0c1248a45e55e161557eb605772646f4f050bd055a24b01ed2eb
SSDEEP

3072:cE3jYhGWYdMC9kjEr5lDbCJidUqXoJlLH0E2IGUqwq2FuT8+1eYQe1v:cIY0ECffCQdUHloEdq2QT71/1v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-2df75e9ff0b3d143de5cef7d5d70676738bae6f032870a0f54b48f4468722274

Files

HEUR-Trojan.Win32.Generic-2df75e9ff0b3d143de5cef7d5d70676738bae6f032870a0f54b48f4468722274
.exe windows:1 windows x86 arch:x86

7c028128b21a1f7bc7661aacc2384c41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetProcAddress
CloseHandle
GetTempPathA
GetVersionExA
LoadLibraryA
RtlUnwind
CreateFileA
VirtualProtect
GetModuleHandleA
DeviceIoControl
FatalAppExitA
SetLastError

crtdll

__GetMainArgs
exit
raise
signal

ulib

?Put@ARRAY@@UAEEPAVOBJECT@@@Z
??0DSTRING@@QAE@XZ
??0STRING_ARGUMENT@@QAE@XZ
??0ARRAY@@QAE@XZ
??0ARGUMENT_LEXEMIZER@@QAE@XZ
??0FLAG_ARGUMENT@@QAE@XZ
?Initialize@ARRAY@@QAEEKK@Z
?Initialize@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?SetCaseSensitive@ARGUMENT_LEXEMIZER@@QAEXE@Z
?PrepareToParse@ARGUMENT_LEXEMIZER@@QAEEPAVWSTRING@@@Z
?Initialize@STRING_ARGUMENT@@QAEEPAD@Z
?Initialize@FLAG_ARGUMENT@@QAEEPAD@Z
?DoParsing@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?IsValueSet@ARGUMENT@@QAEEXZ
??1STRING_ARGUMENT@@UAE@XZ
??1ARRAY@@UAE@XZ
??1ARGUMENT_LEXEMIZER@@UAE@XZ
??1DSTRING@@UAE@XZ
??1OBJECT@@UAE@XZ
?Initialize@WSTRING@@QAEEPBDK@Z

ntdll

RtlFreeHeap

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 342B - Virtual size: 342B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc1
Size: 441B - Virtual size: 441B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c028128b21a1f7bc7661aacc2384c41

Headers

File Characteristics

Imports

kernel32

crtdll

ulib

ntdll

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 126KB - Virtual size: 364KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 342B - Virtual size: 342B

.reloc1 Size: 441B - Virtual size: 441B

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 126KB - Virtual size: 364KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 342B - Virtual size: 342B

.reloc1
Size: 441B - Virtual size: 441B