tmp | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

tmp
Size

712KB
MD5

ff0f3ed8794ccc37616287fa809b4d63
SHA1

a20f1c8426be2fd110e6c43dc5e49944679a768b
SHA256

945f512792c4e78f49b9fe3cda14c22b8e10776161151b3fefa34d8cd9c295cd
SHA512

15f3de7f79b88ea7a7e33cfb9eabb618e5bb7cb6626a6963174bfc32ed201972ef817486de9979f2e9a48ed738f3c82b36207b7836dd04c01159959f1c035efe
SSDEEP

12288:JJQOipwJ9L1fWIOOKI4lJsNNkOStVvJCSJROF9h9W6TxY/K217mY:bnJ95fWIXEOStVvJCoChJlk6

Score

N/A

Malware Config

Signatures

Files

tmp
.exe windows x86

43674158e4e58ec7ae4080ec31df5d1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

psapi

GetModuleFileNameExW

winmm

timeEndPeriod
timeBeginPeriod

kernel32

CreateFileW
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetTempPathW
GetSystemTimeAsFileTime
GetTickCount
GetModuleFileNameW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetSystemDefaultLangID
GetUserDefaultLangID
GetLongPathNameW
HeapReAlloc
HeapSize
GetCurrentProcessId
TerminateProcess
GetSystemTime
GetSystemDirectoryW
GetWindowsDirectoryW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Thread32First
Thread32Next
VerSetConditionMask
GetVersionExW
VerifyVersionInfoW
GetTimeZoneInformation
GetLocaleInfoW
GetSystemDefaultLCID
GetUserDefaultLCID
VerLanguageNameW
GetCommandLineW
SetCurrentDirectoryW
CreateEventW
GetCurrentProcess
FreeLibrary
GetProcAddress
CreateSemaphoreW
LoadLibraryW
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetFileAttributesW
GetExitCodeThread
IsValidLocaleName
LCMapStringEx
GetCurrentDirectoryW
GetLocaleInfoEx
CompareStringEx
GetDateFormatEx
GetTimeFormatEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
GetModuleFileNameA
WriteConsoleW
OutputDebugStringA
WaitForSingleObjectEx
SetConsoleCtrlHandler
GetModuleHandleW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetStartupInfoW
InitOnceExecuteOnce
GetFileType
GetStringTypeW
GetCPInfo
GetOEMCP
IsValidCodePage
lstrlenA
WideCharToMultiByte
GetACP
AreFileApisANSI
ExitProcess
GetSystemInfo
HeapValidate
GetStdHandle
FatalAppExitA
InitializeCriticalSectionAndSpinCount
GetCommandLineA
LoadLibraryExW
ExitThread
CreateThread
GetModuleHandleExW
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
RaiseException
DecodePointer
EncodePointer
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
FlushFileBuffers
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetLocalTime
OpenProcess
GetPriorityClass
SetPriorityClass
ResumeThread
SuspendThread
SetThreadPriority
OpenThread
GetCurrentThreadId
GetCurrentThread
Sleep
WaitForSingleObject
ReleaseSemaphore
SetEvent
GetProcessHeap
HeapFree
HeapAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
SetLastError
GetLastError
CloseHandle
OutputDebugStringW
EnumSystemLocalesEx
HeapQueryInformation
GetConsoleCP
VirtualQuery
SetStdHandle
GetUserDefaultLocaleName

user32

PostQuitMessage
DefWindowProcW
RegisterWindowMessageW
EnableMenuItem
ModifyMenuW
GetSubMenu
CheckMenuItem
DrawMenuBar
GetClassLongW
TrackPopupMenu
LoadCursorW
CheckMenuRadioItem
DestroyWindow
SetClassLongW
GetClientRect
ReleaseCapture
SetCapture
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
FindWindowExW
SetActiveWindow
SetFocus
CreateWindowExW
RegisterClassExW
DrawTextW
ClientToScreen
ChildWindowFromPoint
EnumWindows
SetParent
SendMessageW
PostMessageW
SetCursor
ChildWindowFromPointEx
SendMessageTimeoutW
GetMessageW
GetClassNameW
PtInRect
MapWindowPoints
ScreenToClient
GetCursorPos
GetWindowTextW
GetScrollPos
EndPaint
BeginPaint
SetForegroundWindow
SetMenuDefaultItem
TrackPopupMenuEx
AppendMenuW
DestroyMenu
CreatePopupMenu
IsWindowEnabled
KillTimer
SetTimer
GetAsyncKeyState
GetKeyState
GetDlgItemTextW
DialogBoxParamW
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPos
MoveWindow
ShowWindow
SystemParametersInfoW
AdjustWindowRect
GetWindowRect
GetWindowThreadProcessId
GetParent
SetWindowLongW
SetRect
GetSysColorBrush
GetSysColor
MessageBoxW
SetWindowTextW
InvalidateRect
ReleaseDC
GetDC
GetForegroundWindow
GetMenuState
GetMenu
EnableWindow
GetFocus
GetDlgCtrlID
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
GetDlgItem
EndDialog
CallWindowProcW
EnumThreadWindows

gdi32

SetTextColor
CreatePen
CreateSolidBrush
Ellipse
Rectangle
RestoreDC
SaveDC
SelectObject
TextOutW
CreateFontW
SetBkMode
GetTextExtentPoint32W
SetTextAlign
BitBlt
CreateCompatibleBitmap
GetStockObject
PatBlt
StretchBlt
SetStretchBltMode
SetBrushOrgEx
CreateCompatibleDC
DeleteDC
SetBkColor
DeleteObject
GetDeviceCaps
CreateFontIndirectW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathW

ole32

OleUninitialize
OleInitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 533KB - Virtual size: 533KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43674158e4e58ec7ae4080ec31df5d1b

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

psapi

winmm

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

Sections

.text Size: 533KB - Virtual size: 533KB

.rdata Size: 108KB - Virtual size: 108KB

.data Size: 6KB - Virtual size: 40KB

.rsrc Size: 35KB - Virtual size: 34KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 533KB - Virtual size: 533KB

.rdata
Size: 108KB - Virtual size: 108KB

.data
Size: 6KB - Virtual size: 40KB

.rsrc
Size: 35KB - Virtual size: 34KB

.reloc
Size: 28KB - Virtual size: 27KB