HEUR-Trojan[.]Win32[.]Generic-b0055f831003e65c36bcc2f016e38a8c5a4bbc98a6db3a6815e909707f338120

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan.Win32.Generic-b0055f831003e65c36bcc2f016e38a8c5a4bbc98a6db3a6815e909707f338120
Size

202KB
MD5

d731d613860019beb85ab19abdb6d728
SHA1

a5b1c29c327779b637ec68541a5ce99d9acb61b5
SHA256

b0055f831003e65c36bcc2f016e38a8c5a4bbc98a6db3a6815e909707f338120
SHA512

e58baeea36b2b703470d9ead44d1d7b4ac9a85950a89b6c74fae70f5acc971e97a32060b7d519b85514a3fc1dc0b51d6928a377b46e78ade9136b9d549738bbe
SSDEEP

6144:t1aykaugpdmo2X8Fc+QpM9s/VXHZbzz/B5I/:fCGu4c49s/Dzz/I/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-b0055f831003e65c36bcc2f016e38a8c5a4bbc98a6db3a6815e909707f338120

Files

HEUR-Trojan.Win32.Generic-b0055f831003e65c36bcc2f016e38a8c5a4bbc98a6db3a6815e909707f338120
.exe windows:1 windows x86 arch:x86

2333c180379706d692099132b89a55b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptBinaryToStringW

ole32

CoCreateGuid
CoInitialize
CoUninitialize

kernel32

CloseHandle
CreateThread
DeleteFileW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GlobalUnlock
LoadLibraryA
LocalAlloc
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
GlobalLock

ulib

??0ARGUMENT_LEXEMIZER@@QAE@XZ
??0ARRAY@@QAE@XZ
??0DSTRING@@QAE@XZ
??0FLAG_ARGUMENT@@QAE@XZ
??0STRING_ARGUMENT@@QAE@XZ
??1ARGUMENT_LEXEMIZER@@UAE@XZ
??1ARRAY@@UAE@XZ
??1DSTRING@@UAE@XZ
??1OBJECT@@UAE@XZ
??1STRING_ARGUMENT@@UAE@XZ
?DoParsing@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?Initialize@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?Initialize@ARRAY@@QAEEKK@Z
?Initialize@FLAG_ARGUMENT@@QAEEPAD@Z
?Initialize@STRING_ARGUMENT@@QAEEPAD@Z
?IsValueSet@ARGUMENT@@QAEEXZ
?PrepareToParse@ARGUMENT_LEXEMIZER@@QAEEPAVWSTRING@@@Z
?Put@ARRAY@@UAEEPAVOBJECT@@@Z
?SetCaseSensitive@ARGUMENT_LEXEMIZER@@QAEXE@Z
?Initialize@WSTRING@@QAEEPBDK@Z

ntdll

RtlFreeHeap

gdi32

CloseMetaFile
CreateMetaFileA
DeleteObject
GetDeviceCaps
GetStockObject
SetWindowExtEx
SetWindowOrgEx
DeleteMetaFile

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

user32

BeginPaint
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EndPaint
GetClientRect
GetDC
GetMessageA
GetSystemMetrics
InvalidateRect
IsWindow
LoadCursorA
LoadStringA
MessageBoxA
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClipboardFormatA
ReleaseDC
SendMessageA
SetCursor
SetFocus
SetWindowPos
ShowWindow
TranslateMessage
wsprintfA
GetKeyState

Sections

AUTO
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc2
Size: 351B - Virtual size: 351B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc4
Size: 182B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc3
Size: 452B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2333c180379706d692099132b89a55b2

Headers

File Characteristics

Imports

crypt32

ole32

kernel32

ulib

ntdll

gdi32

advapi32

user32

Sections

AUTO Size: 50KB - Virtual size: 49KB

DGROUP Size: 114KB - Virtual size: 113KB

.idata Size: 3KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 220B

.reloc2 Size: 351B - Virtual size: 351B

.reloc4 Size: 182B - Virtual size: 182B

.reloc3 Size: 452B - Virtual size: 452B

AUTO
Size: 50KB - Virtual size: 49KB

DGROUP
Size: 114KB - Virtual size: 113KB

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 220B

.reloc2
Size: 351B - Virtual size: 351B

.reloc4
Size: 182B - Virtual size: 182B

.reloc3
Size: 452B - Virtual size: 452B