tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

5.2MB
MD5

1a7006aca910e07cc40ec768a3a1a69b
SHA1

ba6d91d043d4affafb020624f27029bf87b21eaa
SHA256

333be2b55653f17c5f3d03c710e87f184be9a19f060d242462ec071243657bab
SHA512

afae561460a41e4a4ca5a9c132d0b70d86679dbc8582e839c6f734dfb493544fff390e78f7119de630b9e8a5a5efcc1b158e8cd07c3ab772e201996c653967d0
SSDEEP

49152:dUOxQLk0e4fHwkaWYcUpYB7OHjI3IRbNYAWyLzuYXFyy7Di34pX/7Odn0TKmLCLt:6kMwkaWYc/mLjUNM1TocPIkntVJM

Score

1^/10

Malware Config

Signatures

Files

tmp
.exe windows x86

ee1d0f68149b4350f538377bbdbf7164

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObjectEx
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
VirtualQuery
OutputDebugStringW
GetStringTypeW
TryEnterCriticalSection
QueryPerformanceFrequency
LCMapStringW
GetCPInfo
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameA
GetModuleHandleExW
HeapValidate
GetStdHandle
GetFileType
WriteConsoleW
GetCommandLineA
GetCommandLineW
ExitThread
FreeLibraryAndExitThread
HeapQueryInformation
VirtualAlloc
SetStdHandle
ExitProcess
GetACP
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleCP
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateTimerQueue
SignalObjectAndWait
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
VirtualFree
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
GetLocalTime
GetWindowsDirectoryW
lstrcpyW
GetUserDefaultLCID
GetTempFileNameW
SearchPathW
GetFileTime
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
FindResourceExW
GetUserDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
GlobalFlags
lstrcmpiW
GetHandleInformation
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
VirtualProtect
GetProfileIntW
GlobalFindAtomW
GlobalAddAtomW
FreeResource
GetSystemDirectoryW
EncodePointer
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThread
ResumeThread
GetThreadPriority
SetThreadPriority
FileTimeToSystemTime
lstrcmpA
CompareStringW
LoadLibraryA
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetAtomNameW
GlobalGetAtomNameW
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
OutputDebugStringA
WideCharToMultiByte
CopyFileW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
ReleaseSemaphore
GetTempPathW
SystemTimeToTzSpecificLocalTime
VerifyVersionInfoW
MoveFileExW
GetDriveTypeW
PeekNamedPipe
OpenEventW
GetModuleHandleA
GetProcAddress
FormatMessageA
GetFileSizeEx
OpenFileMappingA
MapViewOfFileEx
CreateFileMappingA
UnmapViewOfFile
DuplicateHandle
GetCurrentProcess
SwitchToThread
GetTickCount
GetSystemTimeAsFileTime
GetSystemInfo
WaitForMultipleObjects
CreateThread
OpenProcess
CreateEventW
CloseHandle
GetSystemTime
WaitForSingleObject
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
MultiByteToWideChar
Sleep
InterlockedDecrement
SetConsoleCtrlHandler
FindResourceW
FormatMessageW
SizeofResource
LoadResource
SetLastError
GetLastError
GetCurrentThreadId
LocalFree
VerSetConditionMask
LockResource

user32

IsRectEmpty
UnionRect
TrackMouseEvent
DrawIconEx
GetIconInfo
MessageBeep
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
CloseClipboard
SetClipboardData
EmptyClipboard
SetCursorPos
CopyIcon
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
GetDoubleClickTime
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
DestroyCursor
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
NotifyWinEvent
LoadIconW
GetWindow
GetTopWindow
SetParent
GetDesktopWindow
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
HideCaret
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
LockWindowUpdate
RedrawWindow
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
GetWindowDC
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
UnpackDDElParam
GetSystemMenu
DrawMenuBar
KillTimer
SetTimer
SetCapture
GetCapture
GetFocus
GetActiveWindow
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
GetClipboardFormatNameA
ShowOwnedPopups
IsChild
GetWindowTextLengthW
GetWindowTextW
LoadCursorW
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
LoadBitmapW
InvertRect
FrameRect
FillRect
DrawFocusRect
GetSysColorBrush
DrawStateW
GrayStringW
DrawTextExW
DrawTextW
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
SetMenuItemBitmaps
DeleteMenu
ModifyMenuW
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
DrawFrameControl
DrawEdge
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
EnableWindow
MapDialogRect
TabbedTextOutW
IsWindow
PostMessageW
SendMessageW
UnhookWindowsHookEx
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
IsMenu
PeekMessageW
PostThreadMessageW
GetMessageW
TranslateMessage
DispatchMessageW
SendDlgItemMessageA
LoadImageW
DestroyIcon
IntersectRect
DestroyMenu
TranslateAcceleratorW
LoadAcceleratorsW
GetAsyncKeyState
InflateRect
SetCursor
ReleaseCapture
SetRectEmpty
OffsetRect
SetRect
GetCursorPos
EndDialog
CreateDialogIndirectParamW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetClassNameW
GetClassLongW
PtInRect
EqualRect
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ScrollWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
CopyImage
SetWindowPlacement
GetWindowPlacement
DestroyWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
GetClipboardFormatNameW
RealChildWindowFromPoint
CharUpperW
SystemParametersInfoW
MapVirtualKeyW
GetKeyNameTextW
ReuseDDElParam
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetMenuCheckMarkDimensions
CopyRect
IsDialogMessageW
SetWindowLongW
SetFocus
GetDlgCtrlID
CheckDlgButton
PostQuitMessage
SetWindowTextW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
AllocateAndInitializeSid
FreeSid
GetLengthSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
AddAccessAllowedAce
MakeSelfRelativeSD

ole32

RevokeDragDrop
CoLockObjectExternal
OleLockRunning
CoCreateInstance
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
RegisterDragDrop
CoInitialize
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitializeEx
CoUninitialize
OleRun

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
GetErrorInfo
VarBstrFromDate
SysStringByteLen
SysFreeString
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SysAllocString
VariantCopy

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindExtensionW
PathFileExistsW
PathFindFileNameW

uxtheme

DrawThemeText
GetCurrentThemeName
GetWindowTheme
GetThemeSysColor
GetThemeColor
DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
OpenThemeData
CloseThemeData
DrawThemeBackground

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCreateBitmapFromStream
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromStreamICM
GdipCloneImage
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipBitmapLockBits

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

gdi32

CreateHatchBrush
CreatePalette
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
CreateFontIndirectW
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
CreateEllipticRgn
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CombineRgn
BitBlt
ExtTextOutW
GetDeviceCaps
CopyMetaFileW
SetDIBColorTable
CreateDIBSection
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetSystemPaletteEntries
EnumFontFamiliesExW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetClipBox
ExcludeClipRect
DeleteObject
DeleteDC
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SelectObject
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
GetTextMetricsW
GetObjectW
TextOutW
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceW
CreateDCW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shell32

SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHGetFileInfoW
DragFinish
DragQueryFileW

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 757KB - Virtual size: 757KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee1d0f68149b4350f538377bbdbf7164

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msimg32

shlwapi

uxtheme

oleacc

gdiplus

imm32

winmm

gdi32

winspool.drv

shell32

Sections

.text Size: 4.1MB - Virtual size: 4.1MB

.rdata Size: 757KB - Virtual size: 757KB

.data Size: 44KB - Virtual size: 76KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 228KB - Virtual size: 228KB

.text
Size: 4.1MB - Virtual size: 4.1MB

.rdata
Size: 757KB - Virtual size: 757KB

.data
Size: 44KB - Virtual size: 76KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 228KB - Virtual size: 228KB