tmp | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

tmp
Size

310KB
MD5

f920341ef1e2a7c9fb34a0d1c7f2baf2
SHA1

9e280bf23f975e229d2d7cfb3a0a9898cd884d70
SHA256

1d4d968ac653a358c34887f148bd2a44d742252432fbf7000d379c709da1cdb6
SHA512

6725a3a09b4028a0d7b4cf7c7cd1bd9ebec19be993f10a6d916c8f16882d22bf1fc2da0bb635128101429bdb537c5d6922d1368664d9643d6e42235c1b4be856
SSDEEP

6144:davhYa58ZBfS+zBSg0dWNishrQd9Lgu7F:daLibSDWN9eLgux

Score

N/A

Malware Config

Signatures

Files

tmp
.exe windows x86

dde409f1039f4bb3e1e1b3be863cd5c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetModuleFileNameW
CreateEventW
OpenEventW
InterlockedExchange
GetLocaleInfoA
GetLongPathNameA
InterlockedDecrement
_lwrite
WriteConsoleInputW
ReadConsoleInputW
GetSystemDirectoryW
MoveFileExW
ReadConsoleInputA
VerifyVersionInfoW
WaitNamedPipeA
GlobalFree
GetCPInfoExA
BeginUpdateResourceA
EnumCalendarInfoExA
MoveFileW
ReadConsoleOutputCharacterW
GetConsoleAliasesLengthW
LocalAlloc
GetProcAddress
EnumResourceNamesA
RemoveDirectoryW
CommConfigDialogW
SetFileAttributesA
GetCommTimeouts
OpenJobObjectA
LCMapStringW
GetAtomNameW
GetFileAttributesA
SetConsoleTitleW
ReplaceFileA
CreateJobObjectW
GetProcessWorkingSetSize
GetBinaryTypeA
GlobalAlloc
GetUserDefaultLangID
GetGeoInfoW
GetConsoleAliasW
GetTickCount
SetLastError
GetCurrentProcess
GetPrivateProfileIntW
FreeLibrary
GetEnvironmentStrings
SetFileTime
FindResourceExW
GetConsoleMode
GetDiskFreeSpaceA
GetConsoleAliasExesW
WaitForMultipleObjects
SetDefaultCommConfigW
GetLastError
HeapReAlloc
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
RtlUnwind
HeapAlloc
HeapCreate
HeapFree
IsProcessorFeaturePresent
Sleep
HeapSize
GetModuleHandleW
ExitProcess
CloseHandle
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
ReadFile
SetStdHandle
FlushFileBuffers
WriteConsoleW
MultiByteToWideChar
SetEndOfFile
GetProcessHeap
GetStringTypeW
CreateFileW

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wayu
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tehego
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.deziri
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.duke
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dde409f1039f4bb3e1e1b3be863cd5c9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 222KB - Virtual size: 222KB

.data Size: 66KB - Virtual size: 4.8MB

.wayu Size: 512B - Virtual size: 1B

.tehego Size: 1024B - Virtual size: 624B

.deziri Size: 512B - Virtual size: 23B

.duke Size: 1024B - Virtual size: 963B

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 222KB - Virtual size: 222KB

.data
Size: 66KB - Virtual size: 4.8MB

.wayu
Size: 512B - Virtual size: 1B

.tehego
Size: 1024B - Virtual size: 624B

.deziri
Size: 512B - Virtual size: 23B

.duke
Size: 1024B - Virtual size: 963B

.rsrc
Size: 18KB - Virtual size: 17KB