tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

787KB
MD5

311b0d84e21db9863fbc466089441c07
SHA1

19a1678e2adfb47e9a59c03e96308cddec2e523b
SHA256

52ab2c306c162c61c2ada12e3d460313ea018db7166f7708ae18bb418dfd12ee
SHA512

59f74a23351d40748c749d46dc5cbb485e0b3392ff0f5a8557719cb9612a8f8345e3ffc98e634f82c9e60ce3e6bfbbf2b8b104924a60a9e50738ba03ec67c47b
SSDEEP

24576:eRjKYdAQIR9BU+8XnYqmm44sa/VIcrT9s:eRj7JyDb8XnYqfZ/VB/K

Score

1^/10

Malware Config

Signatures

Files

tmp
.exe windows x86

b5bab84726b84bb74261805ff9668733

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
MessageBoxA
ShowWindow
GetDlgItem
KillTimer
SendMessageA
DialogBoxParamW
SetTimer
SetWindowLongA
DialogBoxParamA
GetWindowLongA
SetWindowTextW
SetWindowTextA
LoadStringW
LoadStringA
CharUpperA
CharUpperW
PostMessageA
DestroyWindow
EndDialog

oleaut32

VariantClear
SysAllocString

comctl32

ord17

kernel32

GetFullPathNameW
GetCurrentDirectoryA
GetStringTypeW
LCMapStringW
LCMapStringA
GetStringTypeA
InterlockedDecrement
InterlockedIncrement
GetACP
GetCPInfo
GetOEMCP
IsBadReadPtr
GetFileType
IsBadCodePtr
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetCurrentProcess
TerminateProcess
HeapSize
HeapCreate
GetEnvironmentVariableA
HeapDestroy
IsBadWritePtr
HeapReAlloc
WaitForSingleObject
CloseHandle
CreateProcessA
SetCurrentDirectoryA
GetCommandLineW
GetVersionExA
lstrlenA
LeaveCriticalSection
EnterCriticalSection
Sleep
CreateThread
InitializeCriticalSection
DeleteCriticalSection
VirtualAlloc
VirtualFree
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
LoadLibraryA
AreFileApisANSI
GetModuleFileNameA
GetModuleFileNameW
LocalFree
FormatMessageA
FormatMessageW
GetWindowsDirectoryA
SetFileAttributesA
SetFileAttributesW
RemoveDirectoryA
RemoveDirectoryW
CreateDirectoryA
CreateDirectoryW
DeleteFileA
DeleteFileW
GetFullPathNameA
SetFileTime
ReadFile
SetUnhandledExceptionFilter
GetTempPathA
GetTempFileNameA
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
CreateFileA
CreateFileW
GetFileSize
SetFilePointer
HeapFree
WriteFile
SetEndOfFile
CreateEventA
GetStdHandle
ResetEvent
SetEvent
WaitForMultipleObjects
RtlUnwind
RaiseException
HeapAlloc
TlsSetValue
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5bab84726b84bb74261805ff9668733

Headers

File Characteristics

Imports

user32

oleaut32

comctl32

kernel32

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 2KB