tmp | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

tmp
Size

2.2MB
MD5

45e7d737636f1906bdc2e4ef12ba02e1
SHA1

89528f87483998981e5a08d7d93c81ec1747860e
SHA256

1adefb8b0d96411ad2b43e65438381e2abc2548ea8e077539ed4a53b8ef517bb
SHA512

2bb5b9bfe77c5d148a8b1e230588897f8341510bee854e9b6c7373048c3a08c4bfbb52a602369122008fe5aa7ce5e5311d7e7ea8e35a23f76c3ae415f63e22f6
SSDEEP

49152:2VPKtAZe39RT9D2PwgOWH3+E3B2EU9Dcg7ODwI5p/2QYqHoFN6WtljaEy9YaB:qKSgtRT52nOWHrR2EUigUD5p/2QjHoFC

Score

1^/10

Malware Config

Signatures

Files

tmp
.exe windows x86

8cca2227b935474a44db75bef046ebd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetTimeZoneInformation
ReadConsoleW
LCMapStringW
WriteConsoleW
OutputDebugStringW
CreateFileW
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStartupInfoW
GetStdHandle
IsValidCodePage
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapQueryInformation
IsProcessorFeaturePresent
IsDebuggerPresent
ExitThread
WideCharToMultiByte
CreateThread
VirtualQuery
GetSystemInfo
RtlUnwind
GetCommandLineA
FreeEnvironmentStringsW
ExitProcess
FindResourceExW
VirtualProtect
SetErrorMode
Sleep
GetProfileIntA
SearchPathA
GetTempPathA
GetWindowsDirectoryA
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
CreateFileA
DeleteFileA
GetCurrentDirectoryA
VerifyVersionInfoA
VerSetConditionMask
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleHandleExW
FileTimeToSystemTime
GetACP
GetCPInfo
GetOEMCP
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetTempFileNameA
GetFullPathNameA
GetFileTime
GetFileAttributesA
GetTickCount
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetVersionExA
GetCurrentThread
lstrcmpA
ResumeThread
SetThreadPriority
WaitForSingleObject
CloseHandle
GetModuleFileNameA
GetCurrentProcessId
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
CompareStringA
MultiByteToWideChar
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
SetLastError
EncodePointer
OutputDebugStringA
FindResourceA
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
GetLastError
RaiseException
InitializeCriticalSectionEx
LeaveCriticalSection
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
VirtualAlloc
lstrcpyA
FindResourceW
LoadResource
LockResource
SizeofResource

user32

GetUpdateRect
SubtractRect
GetWindowRgn
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
DrawFrameControl
DrawEdge
InvertRect
HideCaret
GetIconInfo
DrawIconEx
DrawFocusRect
CreateMenu
LoadAcceleratorsW
GetNextDlgGroupItem
CopyAcceleratorTableA
PostThreadMessageA
SetParent
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
NotifyWinEvent
WindowFromPoint
MessageBeep
DeleteMenu
GetSystemMenu
LoadMenuW
GetAsyncKeyState
CharUpperA
TrackMouseEvent
EnumDisplayMonitors
SetLayeredWindowAttributes
RealChildWindowFromPoint
GetSysColorBrush
CopyImage
GetMenuItemInfoA
MapVirtualKeyA
GetKeyNameTextA
SetRect
ShowOwnedPopups
MapDialogRect
RegisterClipboardFormatA
PostQuitMessage
TranslateMessage
GetMessageA
DestroyCursor
LoadCursorA
InflateRect
SetCursorPos
IsZoomed
ReuseDDElParam
UnpackDDElParam
LoadImageA
DestroyIcon
IntersectRect
SetRectEmpty
InsertMenuItemA
DestroyMenu
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
TranslateMDISysAccel
DrawTextA
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DrawStateA
SystemParametersInfoA
LoadCursorW
IsRectEmpty
OffsetRect
FillRect
ClientToScreen
GetCursorPos
SetCursor
SetWindowRgn
DrawIcon
GetSystemMetrics
KillTimer
SetTimer
ReleaseCapture
SetCapture
InvalidateRect
IsIconic
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetParent
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetDoubleClickTime
MapVirtualKeyExA
IsCharLowerA
GetComboBoxInfo
IsClipboardFormatAvailable
WaitMessage
FrameRect
CopyIcon
ModifyMenuA
CharUpperBuffA
RedrawWindow
ValidateRect
SetForegroundWindow
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetClassLongA
DrawTextExA
LockWindowUpdate
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
GetWindow
GetWindowRect
GetFocus
SetFocus
IsChild
IsWindow
GetClientRect
UnregisterClassA
LoadIconW
UpdateWindow
PostMessageA
SendMessageA
EnableWindow

gdi32

TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
GetTextExtentPoint32A
GetTextMetricsA
PatBlt
CreateFontIndirectA
GetViewportOrgEx
Rectangle
CreateRectRgnIndirect
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CombineRgn
SetRectRgn
CreateRoundRectRgn
GetBkColor
GetTextColor
GetRgnBox
MoveToEx
GetWindowOrgEx
GetTextFaceA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreatePolygonRgn
Polygon
Polyline
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
EnumFontFamiliesExA
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
SetPixelV
SetLayout
SetMapMode
GetLayout
SetTextAlign
SetROP2
DeleteDC
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
GetStockObject
CreateSolidBrush
LPtoDP
DPtoLP
CreateDIBSection
SelectObject
Ellipse
DeleteObject
CreateEllipticRgn
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateBitmap
GetObjectA
SetTextColor
SetBkColor
SetPolyFillMode

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

DragFinish
SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
DragQueryFileA
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
PathFindExtensionA
StrFormatKBSizeA

uxtheme

DrawThemeBackground
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
IsAppThemed
DrawThemeText
DrawThemeParentBackground
GetThemeColor
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData

ole32

OleUninitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
DoDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoDisconnectObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
RevokeDragDrop
RegisterDragDrop
OleGetClipboard
CoLockObjectExternal
OleLockRunning
OleCreateMenuDescriptor
CoInitializeEx
CreateStreamOnHGlobal

oleaut32

SysAllocStringLen
SysAllocString
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageI

ws2_32

closesocket
recv
send
connect
htons
inet_addr
socket
WSAStartup
WSACleanup

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 517KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cca2227b935474a44db75bef046ebd8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 301KB - Virtual size: 301KB

.data Size: 24KB - Virtual size: 53KB

.rsrc Size: 517KB - Virtual size: 516KB

.reloc Size: 115KB - Virtual size: 114KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 301KB - Virtual size: 301KB

.data
Size: 24KB - Virtual size: 53KB

.rsrc
Size: 517KB - Virtual size: 516KB

.reloc
Size: 115KB - Virtual size: 114KB