HEUR-Trojan[.]Win32[.]Generic-e99947913011506c9bfba8350547d91d544855853065bee3a2cec0f1485f579a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan.Win32.Generic-e99947913011506c9bfba8350547d91d544855853065bee3a2cec0f1485f579a
Size

159KB
MD5

6885bd17e2c36950190b7cc49252e57e
SHA1

1d034eb224ad48186d98e1066ecfd73eee70b732
SHA256

e99947913011506c9bfba8350547d91d544855853065bee3a2cec0f1485f579a
SHA512

a10698dfe7e9f9527e936342afd4d5d8bf38a4589da3d622965b3b77be14fe5347ca190dd259ad532ccfdc83f965e46f332aff37f749fcd9d0050ad1f7d79955
SSDEEP

3072:ydVQJ/3LKGroY7l3v0jLjKmBoDMZOdxoT9HbNA3IzKuppiiBHULcIB1:sVQvjrlv0jLbE0J4I+uPdhGc8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-e99947913011506c9bfba8350547d91d544855853065bee3a2cec0f1485f579a

Files

HEUR-Trojan.Win32.Generic-e99947913011506c9bfba8350547d91d544855853065bee3a2cec0f1485f579a
.exe windows:1 windows x86 arch:x86

138023e3dac2d3267353d038fb335d47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
HeapFree
GetModuleHandleW
CloseHandle
UnhandledExceptionFilter
GetStartupInfoW
GetLastError
GetCommandLineW
GetVersionExW
GetModuleFileNameW
FreeEnvironmentStringsW
LCMapStringW
LoadLibraryW
GetStringTypeW
HeapAlloc
SetLastError
lstrcpyW
lstrcmpW
lstrcatW
lstrcmpiW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess

user32

RegisterClassW

advapi32

RegQueryValueExW

framedyn

?GetData@CHString@@IBEPAUCHStringData@@XZ

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 244B - Virtual size: 244B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bss
Size: 398B - Virtual size: 398B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE