tmp | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

tmp
Size

220KB
MD5

4b304313bfc0ce7e21da7ae0d3c82c39
SHA1

60745879faa3544b3a884843e368e668acbb6fa9
SHA256

623839847e3aa9ceda27ced8b2b29b2d4545384bc3a322eaeedd04d5d04b65bd
SHA512

2da2ec584ccde77ec35cab398272e60ec69eda24491030119110f0e389067d322cd08a04a3bdbbbeff85f43c0d739ae10a6a549e2d7a14854d1109db8d313001
SSDEEP

3072:IdXC8b2etUPxnxQDMcNPlBauCB6jBeQMYdGeMfuhYKTuE5yVRhOi2tB:IdXCk2etQn0PlBZCBjPeMfoT5kr

Score

1^/10

Malware Config

Signatures

Files

tmp
.exe windows x86

aadfbab8d412495f4fa7ffcb1329305d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetQueuedCompletionStatus
GetLastError
CloseHandle
IsBadStringPtrA
IsBadCodePtr
VirtualQuery
InterlockedIncrement
FlushFileBuffers
CreateFileA
GetSystemInfo
CreateIoCompletionPort
HeapDestroy
GetProcessHeap
HeapCreate
ExitProcess
GetTickCount
HeapFree
lstrlenA
HeapReAlloc
HeapAlloc
GetModuleHandleA
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RtlUnwind
VirtualAlloc
InitializeCriticalSection
LoadLibraryA
GetCommandLineA
GetVersionExA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
Sleep
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

DrawTextW
GetMessageW
TranslateMessage
DispatchMessageW

gdi32

CreateBitmap
CreateCompatibleBitmap
CreatePen
DeleteDC
BitBlt
CreateRectRgn
CreateCompatibleDC
DeleteObject

advapi32

IsTextUnicode
GetUserNameW
ReportEventW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
SHGetFolderPathW
CommandLineToArgvW

ole32

CoCreateInstance
CoInitialize
CoUninitialize

shlwapi

PathCompactPathExW
PathMakeSystemFolderW

winmm

waveOutGetNumDevs
PlaySoundW

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aadfbab8d412495f4fa7ffcb1329305d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

winmm

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 144KB - Virtual size: 141KB

.data Size: 8KB - Virtual size: 13KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 144KB - Virtual size: 141KB

.data
Size: 8KB - Virtual size: 13KB

.reloc
Size: 8KB - Virtual size: 4KB