tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

4.1MB
MD5

15975e297d7ec3cb80be199d3c96d704
SHA1

4e8cb7f33ecd65d76be8e5b276eb0f499dc448f0
SHA256

98a490d9705463ba59759bc6c26dd1d56940c42f6f267842741ca9d3eb5d22a1
SHA512

34f02a94c8076e97851b0adcae2a3cb8fe0ee27b1b76c27780e04319e34ebc93d62b11bf7d2be2d0761981e14bff372e66690df4bf2e87ae8330429b41ece04e
SSDEEP

98304:LvsVhDD6gphXcE0JJ1E16+VsZgi0EBJpQK2yxUXit+gYesvgRKVEufbf:LEvpvP6+iAyWX8sGufL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tmp

Files

tmp
.exe windows x86

77cc68ff5bdaa76554f1b73043bf483e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
GetUserNameW
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

comctl32

CreateStatusWindowW
CreateUpDownControl
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_Draw
ImageList_EndDrag
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
InitCommonControls

comdlg32

ChooseColorW
ChooseFontW
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
PageSetupDlgW
PrintDlgW

gdi32

Arc
BitBlt
CloseEnhMetaFile
CombineRgn
CopyEnhMetaFileW
CreateBitmap
CreateBitmapIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateHatchBrush
CreateICW
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EqualRgn
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
GdiFlush
GetBkColor
GetCharABCWidthsW
GetClipBox
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileHeader
GetEnhMetaFileW
GetMetaFileBitsEx
GetNearestPaletteIndex
GetObjectW
GetPaletteEntries
GetPixel
GetRegionData
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextColor
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextMetricsW
GetWinMetaFileBits
LineTo
MaskBlt
MoveToEx
OffsetRgn
PatBlt
Pie
PlayEnhMetaFile
PolyBezier
PolyPolygon
Polygon
Polyline
PtInRegion
RealizePalette
RectInRegion
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetMapMode
SetMetaFileBitsEx
SetPixel
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutW

kernel32

AddAtomA
CloseHandle
CopyFileW
CreateFileW
CreateMutexW
CreatePipe
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindAtomA
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
FormatMessageW
FreeLibrary
GetACP
GetAtomNameA
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceW
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProfileStringW
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetTempFileNameW
GetTempPathW
GetThreadLocale
GetUserDefaultLCID
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsValidCodePage
IsValidLocale
LeaveCriticalSection
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
MultiByteToWideChar
OpenProcess
OutputDebugStringW
PeekNamedPipe
ReadFile
ReleaseMutex
ReleaseSemaphore
ResumeThread
SetCurrentDirectoryW
SetEnvironmentVariableW
SetErrorMode
SetFileTime
SetLastError
SetNamedPipeHandleState
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

_ftime
_strdup
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_beginthreadex
_cexit
_close
_commit
_endthreadex
_errno
_fdopen
_get_osfhandle
_getcwd
_iob
_isctype
_lseeki64
_onexit
_open_osfhandle
_pctype
_read
_setjmp
_setmode
_telli64
_timezone
_waccess
_wcsdup
_wcsicmp
_wfopen
_wgetenv
_wmkdir
_wopen
_wremove
_wrename
_write
_wrmdir
_wsetlocale
_wtoi
_wtol
abort
atexit
atof
atoi
bsearch
calloc
ceil
clearerr
cos
ctime
difftime
exit
fclose
fflush
floor
fprintf
fputwc
fputws
fread
free
fseek
ftell
fwrite
getenv
gmtime
iswctype
localtime
longjmp
malloc
mbstowcs
memcpy
memmove
memset
mktime
pow
qsort
realloc
setlocale
signal
sin
sprintf
sqrt
sscanf
strchr
strcmp
strcpy
strlen
strncpy
strstr
strtod
swprintf
swscanf
time
tolower
toupper
towlower
towupper
wcscat
wcschr
wcscmp
wcscpy
wcsftime
wcslen
wcsncmp
wcsncpy
wcspbrk
wcsspn
wcsstr
wcstod
wcstol
wcstombs
wcstoul

ole32

CoCreateInstance
CoLockObjectExternal
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop

oleaut32

SysAllocString

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint
ExtractIconExW
ExtractIconW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW

user32

AdjustWindowRectEx
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsW
CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CopyRect
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateDialogParamW
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
DdeClientTransaction
DdeConnect
DdeCreateDataHandle
DdeCreateStringHandleW
DdeDisconnect
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeInitializeW
DdeNameService
DdePostAdvise
DdeQueryStringW
DdeUninitialize
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawStateW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndPaint
EnumClipboardFormats
EnumDisplaySettingsW
EnumWindows
ExitWindowsEx
FillRect
FlashWindow
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardFormatNameW
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetMenuItemCount
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessagePos
GetMessageTime
GetMessageW
GetParent
GetScrollInfo
GetSubMenu
GetSysColor
GetSystemMenu
GetSystemMetrics
GetUpdateRect
GetUpdateRgn
GetWindow
GetWindowDC
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageW
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterHotKey
ReleaseCapture
ReleaseDC
RemoveMenu
ScreenToClient
ScrollWindow
SendMessageW
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoW
SetParent
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UnregisterHotKey
UpdateWindow
ValidateRect
WaitForInputIdle
WindowFromPoint
keybd_event

wsock32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
getservbyname
getsockname
getsockopt
htonl
htons
inet_addr
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 185KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

77cc68ff5bdaa76554f1b73043bf483e

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

msvcrt

ole32

oleaut32

shell32

user32

wsock32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.data Size: 13KB - Virtual size: 12KB

.rdata Size: 288KB - Virtual size: 288KB

.bss Size: - Virtual size: 185KB

.idata Size: 17KB - Virtual size: 17KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.data
Size: 13KB - Virtual size: 12KB

.rdata
Size: 288KB - Virtual size: 288KB

.bss
Size: - Virtual size: 185KB

.idata
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 24KB - Virtual size: 23KB