tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

1.2MB
MD5

eeb81a9eaf12ee9ab4f8f56f55c73c1e
SHA1

5a7d2374dce2d29b4d85121f199332d33bdc5dd1
SHA256

9aed1ee820938b7e604f8d7d57c1f697174c13d550d095577dd010351331c342
SHA512

6d6324ecbd518674518a50924b67713927e9866349d3a396eb36db4025d3a4cabcf757277220fdb817cc0ec2a358492bfe825995388d8602d49fb88250256095
SSDEEP

12288:Tx+q+diGr5h0SgE/hqHH+iKpJOHTlcgWLlj2BDYZ0Cg7nXdqkNZIGKPH245y8WAH:P6j08+SOzsLMFprKPWG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tmp

Files

tmp
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ