AE32[.]tmp | Triage

General

Target

AE32.tmp
Size

63KB
MD5

9e6bc578327feecde475d85344827b52
SHA1

d50c3660338bced6542a98efb9ba8ea844bf3a25
SHA256

1796021269c3d602b91b77abf2cb4398e8df57e5b613e7d5c62198a6c88a9dfb
SHA512

32860aac4be35c5b3bff51c33acd4fec85f1adb1f962188def609f2f8d8e6c5edeb4e7d9f1b46f7924ece3095c57b1aabc779c15333d043e930c15419c0e4b9f
SSDEEP

768:vqGaoZMz5CpLW1Hy2N1ggsmwqgi2V3W3d1kHhyCz0oZ3TkRxFHuPklED+2npMXI/:vqmmrE282g13C1kBVz0s3TkVOPPq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AE32.tmp

Files

AE32.tmp
.exe windows x86

4645bacf119a4ce92cde25e60f1ebd7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
GetFileSize
CreateFileA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
GetLastError
HeapFree
HeapAlloc
GetProcAddress
GetModuleHandleW
DecodePointer
GetCommandLineA
HeapSetInformation
HeapCreate
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
IsProcessorFeaturePresent
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
RtlUnwind
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleW
SetStdHandle
CreateFileW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4645bacf119a4ce92cde25e60f1ebd7c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 13KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 13KB