tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

787KB
MD5

e719201d60da2faa1b3fef25fe35b9ac
SHA1

24809b5cdb760cc0fcbe78d2c00aaa73c47c644d
SHA256

792d5558c9f71001d28b0eb1c3bd83e4d4f7062f7069c76d3b41eb849e3b0cfd
SHA512

2f8f618b6684cf121fc07851bb1066dc21530e625249ec88f8436fd4cf5a2424ee142e9bca4142dffea18599f1c92375db80a426215c3f495a89a7e9f016ba12
SSDEEP

24576:eRjKhljmLT+5U4TugXYirUATkCYWRVZ9Cr:eRjEljmLi5pXYgmmV+r

Score

1^/10

Malware Config

Signatures

Files

tmp
.exe windows x86

b5bab84726b84bb74261805ff9668733

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
MessageBoxA
ShowWindow
GetDlgItem
KillTimer
SendMessageA
DialogBoxParamW
SetTimer
SetWindowLongA
DialogBoxParamA
GetWindowLongA
SetWindowTextW
SetWindowTextA
LoadStringW
LoadStringA
CharUpperA
CharUpperW
PostMessageA
DestroyWindow
EndDialog

oleaut32

VariantClear
SysAllocString

comctl32

ord17

kernel32

GetFullPathNameW
GetCurrentDirectoryA
GetStringTypeW
LCMapStringW
LCMapStringA
GetStringTypeA
InterlockedDecrement
InterlockedIncrement
GetACP
GetCPInfo
GetOEMCP
IsBadReadPtr
GetFileType
IsBadCodePtr
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetCurrentProcess
TerminateProcess
HeapSize
HeapCreate
GetEnvironmentVariableA
HeapDestroy
IsBadWritePtr
HeapReAlloc
WaitForSingleObject
CloseHandle
CreateProcessA
SetCurrentDirectoryA
GetCommandLineW
GetVersionExA
lstrlenA
LeaveCriticalSection
EnterCriticalSection
Sleep
CreateThread
InitializeCriticalSection
DeleteCriticalSection
VirtualAlloc
VirtualFree
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
LoadLibraryA
AreFileApisANSI
GetModuleFileNameA
GetModuleFileNameW
LocalFree
FormatMessageA
FormatMessageW
GetWindowsDirectoryA
SetFileAttributesA
SetFileAttributesW
RemoveDirectoryA
RemoveDirectoryW
CreateDirectoryA
CreateDirectoryW
DeleteFileA
DeleteFileW
GetFullPathNameA
SetFileTime
ReadFile
SetUnhandledExceptionFilter
GetTempPathA
GetTempFileNameA
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
CreateFileA
CreateFileW
GetFileSize
SetFilePointer
HeapFree
WriteFile
SetEndOfFile
CreateEventA
GetStdHandle
ResetEvent
SetEvent
WaitForMultipleObjects
RtlUnwind
RaiseException
HeapAlloc
TlsSetValue
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5bab84726b84bb74261805ff9668733

Headers

File Characteristics

Imports

user32

oleaut32

comctl32

kernel32

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 2KB