HEUR-Trojan[.]Win32[.]Generic-76c45564788787f4cd80f7c88b9b5f024b5bc07eba9a72f2472b08e8ea075e72

General

Target

HEUR-Trojan.Win32.Generic-76c45564788787f4cd80f7c88b9b5f024b5bc07eba9a72f2472b08e8ea075e72
Size

84KB
MD5

8d26c196639f54bd144cc5b4688bb960
SHA1

47aa8afed9e8df75e057ed9138b84e6543186e48
SHA256

76c45564788787f4cd80f7c88b9b5f024b5bc07eba9a72f2472b08e8ea075e72
SHA512

7fae9dde950eb5086c17ff2e6d67a4436cd7ab607166d62e3b43ef3a83e05aa83997f0ca6093f18aad9e3006b1a24cc921e13272a35d21900463c3e18767338a
SSDEEP

1536:pfoiwzVMcfqo094hDdH60eqTdoB3jF6dk4G8s9:pHwz9qo04HBdOMdy8s9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-76c45564788787f4cd80f7c88b9b5f024b5bc07eba9a72f2472b08e8ea075e72

Files

HEUR-Trojan.Win32.Generic-76c45564788787f4cd80f7c88b9b5f024b5bc07eba9a72f2472b08e8ea075e72
.exe windows:5 windows x86 arch:x86

a151ce8a6ac892b093b4de3d23492451

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetLastError
IsValidCodePage
SuspendThread
GetModuleHandleA
RemoveDirectoryW
VirtualProtectEx
GetLocaleInfoW
HeapFree
GetFileAttributesW
FindClose
SetPriorityClass
GetCurrentProcess
GetTickCount
GetExitCodeThread
GetFileAttributesW
LocalLock
FindResourceW
CreateEventA
TlsGetValue
GetStringTypeA
CreateDirectoryW

advapi32

IsValidAcl
IsTextUnicode
RegCreateKeyExW
CreateServiceW
CreateProcessAsUserA
IsValidSid
ClearEventLogW
InitializeSid
IsValidSecurityDescriptor
RegEnumKeyA
RegQueryValueW
RegDeleteValueA
ControlService

msctf

TF_InitSystem
DllCanUnloadNow
DllUnregisterServer
DllUnregisterServer

uxtheme

CloseThemeData

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a151ce8a6ac892b093b4de3d23492451

Headers

File Characteristics

Imports

kernel32

advapi32

msctf

uxtheme

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 11KB

.rsrc Size: 74KB - Virtual size: 74KB

.import Size: 512B - Virtual size: 484B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 11KB

.rsrc
Size: 74KB - Virtual size: 74KB

.import
Size: 512B - Virtual size: 484B