HEUR-Trojan[.]Win32[.]Generic-bc02a5db9ae2f118574abb3eaa6391e44cf1082e206a48e397619b1dacf5a21c

General

Target

HEUR-Trojan.Win32.Generic-bc02a5db9ae2f118574abb3eaa6391e44cf1082e206a48e397619b1dacf5a21c
Size

149KB
MD5

94e95ef9954f8ffd1f28af9ae1f9da81
SHA1

b8fe375e20ab64ca879fb332b3d9c3cbcac78f61
SHA256

bc02a5db9ae2f118574abb3eaa6391e44cf1082e206a48e397619b1dacf5a21c
SHA512

1e95bf23ce5c69451ff370d18c228225f7134d70687d240e68435f96a944fb0bf82582b5ff737d4db03cdbe7f1645be24d799e7cd2b78c7092a896defcab71cf
SSDEEP

3072:vbuMGq4hOSOVujsvtufb5fG7eLaDNe2cR9miVFQXBw8BAXI:TGq4sHVSG0fbaDcnI28BH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-bc02a5db9ae2f118574abb3eaa6391e44cf1082e206a48e397619b1dacf5a21c

Files

HEUR-Trojan.Win32.Generic-bc02a5db9ae2f118574abb3eaa6391e44cf1082e206a48e397619b1dacf5a21c
.exe windows:5 windows x86 arch:x86

0a2b722705899394470a1646c30e74dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
MultiByteToWideChar
WriteFile
CloseHandle
ReadFile
GetFileSize
CreateFileW
DeleteFileW
CreateProcessW
GetCommandLineW
GetModuleFileNameW
GetCurrentProcessId
SetErrorMode
HeapReAlloc
RaiseException
RtlUnwind
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
HeapSize
ExitProcess
HeapCreate
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
GetStringTypeW
LoadLibraryW

user32

ShowWindow
UpdateWindow
CheckRadioButton
IsDialogMessageA
RealGetWindowClassW
CreateWindowExW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a2b722705899394470a1646c30e74dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 91KB - Virtual size: 94KB

.rsrc Size: 1024B - Virtual size: 936B

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 91KB - Virtual size: 94KB

.rsrc
Size: 1024B - Virtual size: 936B