HEUR-Trojan[.]Win32[.]Generic-e1cded6583a4d52fce9861bc8b9ace9ab7b42758ce6c60f40e875cc195a93a46

General

Target

HEUR-Trojan.Win32.Generic-e1cded6583a4d52fce9861bc8b9ace9ab7b42758ce6c60f40e875cc195a93a46
Size

125KB
MD5

ca13871c3315a6c36f1581fbbce69ce2
SHA1

416b32d627f406eb5e72250e4fc6349d1bf8d57d
SHA256

e1cded6583a4d52fce9861bc8b9ace9ab7b42758ce6c60f40e875cc195a93a46
SHA512

d51dc0739951eafe1a105efb11010c891bb0d4362f66659cfcb13def9269e41a5872b578bd4bddcd03c5797a5132c7ca40a4a6ad71d9916d91563d6e881e112d
SSDEEP

1536:o1amlWVgnVvh71ZxPFyblsmpideum5CnoKuKiROHwCS5A3MIePWJXtgo5b81cY4Q:8zlWyhDybme9CnzIOa5zIeuVbub/D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEUR-Trojan.Win32.Generic-e1cded6583a4d52fce9861bc8b9ace9ab7b42758ce6c60f40e875cc195a93a46

Files

HEUR-Trojan.Win32.Generic-e1cded6583a4d52fce9861bc8b9ace9ab7b42758ce6c60f40e875cc195a93a46
.exe windows:4 windows x86 arch:x86

bfb9d21deec96b276fcaf49c50e99830

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFileA
GetLastError
GetProcAddress
GetTempPathA
LoadLibraryA
VirtualProtect
GetModuleHandleW
LoadLibraryW
CompareFileTime
CloseHandle
GetTickCount
GetCurrentProcess
GetStartupInfoW
GetCommandLineW
lstrlenW
CreateFileW
GetVersionExW
GetModuleFileNameW
GetSystemDirectoryW
FreeLibrary
CreateThread
WaitForSingleObject

user32

RegisterClassA
GetSystemMetrics
LoadStringW
SendMessageW
MessageBoxW
PostMessageW
DispatchMessageW

ntdll

NtQuerySystemTime

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

osuninst

IsUninstallImageValid

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 12B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bfb9d21deec96b276fcaf49c50e99830

Headers

File Characteristics

Imports

kernel32

user32

ntdll

advapi32

osuninst

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 113KB - Virtual size: 112KB

.bss Size: - Virtual size: 12B

.edata Size: 512B - Virtual size: 54B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 113KB - Virtual size: 112KB

.bss
Size: - Virtual size: 12B

.edata
Size: 512B - Virtual size: 54B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB