tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

2.2MB
MD5

a6ebea34a549bf7b79a72f6aa5959424
SHA1

cdc36ed14d1ef6c38f2e7be574069551e195e848
SHA256

fea967fd2e94a01371b367f2f87ecd889666add61f90d2d969075c921c00c5c8
SHA512

8d1a4c96860ebb12ffc09fe3aade3f80ac73c6cff5a55c302ca104d620758f25540d29d8e9302da7cd6368b68c547c444dcfb7c48e6fb349a6d683352d2acb2c
SSDEEP

49152:S1EVvz4tOIn9l5sMclqHGwjns1nwTI/pflx+V:S1mvzcDl5sMclqH3js1nwTI/pfG

Score

1^/10

Malware Config

Signatures

Files

tmp
.exe windows x86

df0ad029c726172700d3d689ed7a25cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
FindFirstFileExW
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
ExitProcess
GetStdHandle
GetOEMCP
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetFileType
SetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
RtlUnwind
OutputDebugStringW
GetACP
GetCPInfo
GetEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameW
FreeEnvironmentStringsW
SearchPathW
GetProfileIntW
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
GetWindowsDirectoryW
lstrcpyW
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SetErrorMode
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
FreeResource
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GetVersionExW
GetCurrentThreadId
GetCurrentThread
LocalAlloc
FreeLibrary
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetThreadLocale
lstrcmpiW
LoadLibraryW
LoadLibraryA
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetCurrentProcess
SetLastError
DuplicateHandle
OutputDebugStringA
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
CreateFileW
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
CreateDirectoryA
DeleteFileA
MoveFileA
WriteFile
CreateFileA
GetFileAttributesA
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
MultiByteToWideChar
HeapSize
InitializeCriticalSectionEx
HeapFree
CreateDirectoryW
GetModuleFileNameA
SetEvent
GetTickCount
CreateEventW
Sleep
CreateProcessW
RemoveDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
FindClose
FindNextFileW
FindFirstFileW
CloseHandle
CreateMutexA
CreateThread
GetLastError
GetExitCodeThread
TerminateThread
WaitForSingleObject
MoveFileW
DeleteFileW
QueryPerformanceFrequency
WriteConsoleW

user32

GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
SystemParametersInfoW
CopyImage
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
LoadCursorW
GetSysColorBrush
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
CheckRadioButton
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
MessageBeep
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
EnumDisplayMonitors
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetLastActivePopup
SetClassLongW
SetWindowRgn
SetParent
wsprintfW
EnableWindow
LoadIconW
SendMessageW
IsIconic
GetWindowThreadProcessId
MessageBoxW
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
InflateRect
LoadMenuW
DestroyIcon
DestroyMenu
GetMenuItemInfoW
GetAsyncKeyState
TrackMouseEvent
LoadImageW
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
SetMenuItemBitmaps
EnableMenuItem
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
GetMenuDefaultItem
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetPropW
GetSystemMetrics
GetClientRect
DrawIcon
PostMessageW
UnregisterClassW
CharUpperW
GetMenuStringW
GetMenuState
GetSubMenu
GetSystemMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
GetDesktopWindow
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetParent
GetWindow
MapDialogRect
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetKeyNameTextW
MapVirtualKeyW
GetDC
ReleaseDC
CopyRect
GetFocus
CheckMenuItem
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
SetLayeredWindowAttributes
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
PostThreadMessageW
UnionRect
FrameRect
CopyIcon
SetCursorPos
GetCapture

gdi32

Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
DeleteObject
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreateCompatibleBitmap
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteDC
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
PatBlt
CreateRectRgnIndirect
GetDeviceCaps
CreateDCW
GetRgnBox
GetPixel
CopyMetaFileW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteKeyW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

DragQueryFileW
DragFinish
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
SHAppBarMessage
SHGetFileInfoW

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathRemoveExtensionW
PathAddExtensionA
PathAddExtensionW
PathRemoveExtensionA
PathIsUNCW
PathStripToRootW
UrlUnescapeW
PathFindExtensionW
PathFindFileNameW
StrFormatKBSizeW
PathRemoveFileSpecA

uxtheme

IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
GetThemeSysColor

ole32

CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
IsAccelerator
OleTranslateAccelerator
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleDestroyMenuDescriptor
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CreateStreamOnHGlobal

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocString
SysAllocStringLen
SysFreeString

oledlg

OleUIBusyW

wininet

HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromScan0

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df0ad029c726172700d3d689ed7a25cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

wininet

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 330KB - Virtual size: 330KB

.data Size: 28KB - Virtual size: 47KB

.rsrc Size: 207KB - Virtual size: 206KB

.reloc Size: 139KB - Virtual size: 138KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 330KB - Virtual size: 330KB

.data
Size: 28KB - Virtual size: 47KB

.rsrc
Size: 207KB - Virtual size: 206KB

.reloc
Size: 139KB - Virtual size: 138KB