tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

9.7MB
MD5

fef866e5d7681ff8e847c1a174a752c6
SHA1

12744abe2361b16ac356c16bd5cf626acd9afa05
SHA256

f70a3f96ac1eb532e976ba1f346c128acc0054d2b6a20c59bf03294df488ed3b
SHA512

af45312f145357833da4719638b2d0ed184218472eb7a0a9f102956caba2c2260a6536080d84e2bb2418542e9d894332bba70025cf3b9ae6095ed3001dce16f7
SSDEEP

196608:0Q5PYLp+EWyDYZfBCTMugMjbHr6NnAyRuPY70cjMVt4XXkFK+Rl:0hF+byDY2IEjbH2l8Qt63

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tmp

Files

tmp
.exe windows x86

ad501926391c2e4f8cec112e31140d53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

wsprintfA

advapi32

CryptHashData

shell32

SHGetPathFromIDListA

ole32

CoInitialize

ws2_32

htonl

shlwapi

SHGetValueA

Exports

Exports

Lock2345
Lock2345Chrome
Lock360
Lock360chrome
LockBaiduBrowser
LockEdge
LockFirefox
LockGoogleChrome
LockIE
LockJuzi
LockLiebao
LockMaxthon3
LockMaxthon5
LockOpera
LockQQBrowser
LockSogou
LockTheWorldChrome
LockTheWorldIE
LockUCBrowser

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.algo
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.88!
Size: - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

. 7#
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.]=i
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ