tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

6.8MB
MD5

511e63a329d330a2571dd451ebdbce76
SHA1

e66e51ad6f769add38ab59996737cb39637d4d3b
SHA256

e956dd496887a0530b87720c0aadc7d7f597a886d369f67dccac8410524bf506
SHA512

912a314a015127ccacaf2ce887dc18e280a79e22af98088ef953fef73a13fb880a6cbca2cebaec9b50331233e878c28165a5ab63425eba2d47e2a8f18ffca8f2
SSDEEP

196608:osXJyOkbTOTVZRCP6GVp04AbqK312sGNVnovb6E19w:bXkHOZbC9Vi4231lUGb6E19

Score

1^/10

Malware Config

Signatures

Files

tmp
.exe windows x86

9625fb0b1fd1c25ad77c595924fb96f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
TlsSetValue
TlsAlloc
TerminateProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCPInfo
HeapFree
GetStringTypeW
MultiByteToWideChar
DeleteCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
WideCharToMultiByte
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
GetProcessHeap
GetCurrentThreadId
ExitProcess
AreFileApisANSI
HeapSize
GetStdHandle
WriteFile
GetConsoleCP
GetConsoleMode
CloseHandle
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
ReadFile
SetFilePointerEx
LoadLibraryExW
WriteConsoleW
OutputDebugStringW
CreateFileW
SetEndOfFile
LCMapStringW
FindNextFileA
SetHandleInformation
TlsGetValue
GetDateFormatW
GetVersionExA
GetOEMCP
UnhandledExceptionFilter
GetLastError
GetSystemTimeAdjustment
GetCommandLineA
SetCommState
ClearCommBreak
GetModuleHandleExW
GetEnvironmentStringsW
LeaveCriticalSection
GetProcessTimes
InitializeSListHead
GetCurrentProcess
UnmapViewOfFile
CreateFileA
HeapReAlloc
LocalFree
GetThreadTimes
GetCurrentProcessId
SetStdHandle
SetCurrentDirectoryA
RaiseException
FlushFileBuffers
GetStartupInfoW
GetACP
GetSystemDirectoryA
CreateEventA
GetWindowsDirectoryA
QueryPerformanceCounter
GetCommandLineW
DeleteFileA
TlsFree
GetSystemTime
GetModuleHandleA
RtlUnwind
GetFileType
CreateFileMappingA
IsValidCodePage
CreateNamedPipeA
SetLastError
IsDBCSLeadByteEx
GlobalUnlock
GetOverlappedResult
GetEnvironmentVariableA
GetModuleFileNameW
CreateProcessA
GetTimeFormatW
GlobalAlloc
FormatMessageA
ReadConsoleW
GetTickCount
GetModuleHandleW
WaitNamedPipeA
HeapAlloc
MapViewOfFile

user32

GetWindowPlacement
GetWindowLongA
CreateWindowExA
ReleaseDC
CheckDlgButton
LoadCursorA
GetMessageA
GetSystemMenu
IsZoomed
DrawIconEx
SetFocus
GetWindowTextLengthA
SetScrollRange
WinHelpA
DrawFocusRect
LoadAcceleratorsW
CreateDialogIndirectParamA
SetPropA
SetRect
DefWindowProcA
SetParent
CreateCaret
DefDlgProcA
SystemParametersInfoA
SetScrollInfo
TranslateMDISysAccel
PostQuitMessage
TrackPopupMenu
GetParent
GetCapture
SetWindowLongA
InvalidateRect
SetMenu
CopyRect
IsRectEmpty
DestroyAcceleratorTable
SetTimer
HideCaret
MsgWaitForMultipleObjects
RemovePropA
RegisterWindowMessageA
InsertMenuItemW
ShowWindow
OffsetRect
GetKeyboardLayout
CheckMenuRadioItem
UnionRect
AppendMenuW
EnableMenuItem
GetDlgItem
IsDlgButtonChecked
DispatchMessageA
CheckRadioButton
SetWindowTextA
ValidateRgn
UpdateWindow
AdjustWindowRect
DialogBoxParamA
DrawFrameControl
ToAsciiEx
ShowOwnedPopups
EndPaint
ClientToScreen
SetWindowRgn
MapDialogRect
CreateDialogParamA
IsIconic
ChangeDisplaySettingsW
SetCapture
DeleteMenu
GetClientRect
CreateMenu
CreateAcceleratorTableW
CreateIconIndirect
GetKeyboardState
BringWindowToTop
PeekMessageW
SetScrollPos
PeekMessageA
ScrollWindow
EndDialog
SetWindowsHookExA
FindWindowExW
RemoveMenu
ScrollWindowEx
BeginDeferWindowPos
SetCaretPos
GetDlgItemTextA
GetCaretBlinkTime
ToUnicode
DestroyIcon
MoveWindow
GetSysColor

gdi32

SetStretchBltMode
CreateRectRgn
CreatePen
SetROP2
EndDoc
MoveToEx
PolyPolygon
EndPage
PatBlt
LineTo
Polygon
CreateDIBSection
StretchBlt
GdiFlush
SetPixel
CreateCompatibleDC
CreateRectRgnIndirect
Rectangle
CreateBrushIndirect
ExtTextOutW
ExtCreateRegion
GetObjectType
GetBkColor
GetCurrentPositionEx
GetTextExtentExPointA
GetTextMetricsA
RoundRect
GetPixel
GetObjectA
SetWinMetaFileBits
ExtTextOutA
CreateICW
GetDIBColorTable
CreateSolidBrush
GetStockObject
GetClipBox
GetCharABCWidthsFloatA
CombineRgn
CreatePalette
SetViewportOrgEx
BitBlt
SetLayout
SetWindowOrgEx
TextOutA
GetBrushOrgEx
GetTextExtentPointA
OffsetRgn
SetMapMode
DeleteObject
GetRegionData
GetWinMetaFileBits
CopyEnhMetaFileA
GetDeviceCaps
CreateFontA
SetWindowExtEx
GetTextExtentPoint32A
Arc
GetWindowOrgEx
CloseEnhMetaFile
Polyline
GetCharWidth32A
RectInRegion
CreatePenIndirect
CreateHatchBrush
SetPaletteEntries
SelectPalette
RealizePalette
PlayEnhMetaFile
PolyPolyline
GetRgnBox
SetBkColor
DeleteDC
GetBkMode
GetCharacterPlacementW
UpdateColors
ExtCreatePen
SetTextColor

advapi32

RegEnumKeyA
SetSecurityDescriptorOwner
RegDeleteKeyA
RegOpenKeyA
RegCreateKeyA
EqualSid
GetLengthSid
AllocateAndInitializeSid
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA

shell32

CommandLineToArgvW

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.7MB - Virtual size: 358.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9625fb0b1fd1c25ad77c595924fb96f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 5.7MB - Virtual size: 358.6MB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 5.7MB - Virtual size: 358.6MB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 19KB - Virtual size: 19KB