tmp | Triage

Submit
Reports

Overview

overview

Static

static

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20220901-en

lokibot collection spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20220812-en

lokibot collection spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

tmp
Size

872KB
MD5

0714f54c17565f792ea4a135a43542d9
SHA1

29634cc839666b0c90300fc9609a478cc8d9f0ff
SHA256

e9df93b687058986691432ebec95231a8a61e7e8dbedbfb0a7503d789d8510b4
SHA512

f67bd41329228691a5c1350ef6f77dde3397bbd7103141c082239eaabcdcc5c03364fb0f2fd0dfb1f2b53137473fda6b08f2ca1496367466ec403feaa7ea9361
SSDEEP

12288:dcD3dCK4HTNoMuNhQ2dOoT8nXNXV0YD986RNPvLhPK+h:GDlDXQkOoTuXNXVfTj1K2

Score

N/A

Malware Config

Signatures

Files

tmp
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 856KB - Virtual size: 855KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy