tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

644KB
MD5

f33f8bcdd0e5ce9552f12c79be908bc5
SHA1

0f25e342a67672942861467d04d3e17efe164430
SHA256

c3e05ff967149a781173fa5d25a515c34050abd98e80563ba71dd14b5e4ee3e1
SHA512

47d113f5e1fc1f52743490867e072c489b356311a8f01263784f7971535d0e745318d23070a527d8f68e4b56507fd2661658874fc5e64dca8b02e586153e0168
SSDEEP

12288:hjQuCpyqsVQWaZbIkj7LuZ3x2FLeJhUICLD2/Zb6pHD2:hjTCpPnLLOh2FLeDUICLDiZb6p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tmp

Files

tmp
.exe windows:4 windows x86 arch:x86

24791eecf01d8cb909d6a5d99b5116e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord15
ord14
ord17
ord13

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionFontA
ImmGetCompositionStringW
ImmSetCompositionWindow

winmm

PlaySoundA

kernel32

CreateDirectoryA
SetCurrentDirectoryA
ExpandEnvironmentStringsA
GetFileSize
GetCurrentDirectoryA
DeleteFileA
GetLocalTime
GetACP
CompareStringA
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
SetFilePointer
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSection
HeapSize
CreatePipe
HeapDestroy
VirtualAlloc
VirtualFree
LCMapStringW
LCMapStringA
GetTimeZoneInformation
FlushFileBuffers
GetConsoleMode
GetConsoleCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetStartupInfoA
GetProcessHeap
GetCommandLineA
ExitProcess
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
IsDebuggerPresent
TerminateProcess
SetCommBreak
UnhandledExceptionFilter
HeapFree
HeapReAlloc
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
GetDateFormatA
GetTimeFormatA
SetHandleInformation
GetCurrentThreadId
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetCurrentProcessId
QueryPerformanceCounter
GlobalMemoryStatus
GetCurrentThread
GetThreadTimes
GetCurrentProcess
GetProcessTimes
GetSystemTime
GetSystemTimeAdjustment
CreateThread
WriteFile
CreateEventA
ReadFile
WaitForSingleObject
GetOverlappedResult
SetEvent
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameA
CreateProcessA
CloseHandle
Sleep
SetEndOfFile
Beep
SetLastError
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
IsDBCSLeadByteEx
GetLocaleInfoA
GetOEMCP
GetCPInfo
GetModuleHandleA
MulDiv
GetTickCount
LoadLibraryA
GetVersionExA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
CompareStringW
SetEnvironmentVariableA
CreateFileA
GetCommState
SetCommState
SetCommTimeouts
SetUnhandledExceptionFilter
ClearCommBreak
HeapCreate

user32

FindWindowA
GetClipboardOwner
GetQueueStatus
WinHelpA
GetDoubleClickTime
CreateMenu
SetMenuInfo
GetForegroundWindow
UpdateWindow
PeekMessageA
MsgWaitForMultipleObjects
IsWindow
CreateCaret
ShowCaret
HideCaret
DestroyCaret
GetCursorPos
ScreenToClient
TranslateMessage
EnableMenuItem
SetForegroundWindow
TrackPopupMenu
FlashWindow
SetKeyboardState
ToAsciiEx
DestroyIcon
SetScrollInfo
GetMessageTime
GetMenuState
SetMenuItemInfoA
PostMessageA
GetSystemMenu
GetLastActivePopup
IsZoomed
GetClipboardData
RegisterClipboardFormatA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCaretPos
DefWindowProcA
InvalidateRect
SetWindowPos
EndPaint
GetWindowTextA
GetWindowTextLengthA
GetClientRect
BeginPaint
SetWindowTextA
ShowWindow
CreateWindowExA
GetWindowRect
SystemParametersInfoA
GetSysColor
KillTimer
SetTimer
GetKeyboardState
SetClassLongA
SetCursor
ShowCursor
CreatePopupMenu
InsertMenuA
DeleteMenu
AppendMenuA
GetActiveWindow
MessageBoxIndirectA
CheckMenuItem
IsIconic
GetCapture
ReleaseCapture
GetDesktopWindow
MoveWindow
DefDlgProcA
GetSystemMetrics
LoadImageA
LoadCursorA
RegisterClassExA
CreateDialogParamA
GetMessageA
GetWindowLongA
IsDialogMessageA
DispatchMessageA
PostQuitMessage
EnableWindow
DialogBoxParamA
EndDialog
GetParent
SetActiveWindow
GetWindowPlacement
SetWindowPlacement
RegisterWindowMessageA
DrawEdge
SetCapture
SetFocus
GetDlgItem
GetDlgItemTextA
SetDlgItemTextA
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
SetWindowLongA
MessageBeep
SendDlgItemMessageA
GetDC
ReleaseDC
SendMessageA
MapDialogRect
MessageBoxA
GetAsyncKeyState
GetCaretBlinkTime
DestroyWindow
RegisterClassA
GetKeyboardLayout

gdi32

GetTextExtentExPointA
SetMapMode
GetDeviceCaps
RealizePalette
SelectPalette
CreatePalette
ExtTextOutA
GetCharacterPlacementW
ExtTextOutW
GetPixel
SetBkMode
SetTextAlign
CreateCompatibleBitmap
CreateFontIndirectA
GetObjectA
GetTextMetricsA
CreateFontA
LineTo
MoveToEx
CreatePen
SetPixel
Polyline
GetCharWidthW
GetCharWidth32W
GetCharWidthA
GetCharWidth32A
SetPaletteEntries
UnrealizeObject
UpdateColors
ExcludeClipRect
IntersectClipRect
CreateBitmap
SelectObject
GetStockObject
CreateSolidBrush
Rectangle
SetTextColor
SetBkColor
TextOutA
DeleteObject
CreateCompatibleDC
DeleteDC
TranslateCharsetInfo
GetTextExtentPoint32A

winspool.drv

EnumPrintersA
ClosePrinter
EndPagePrinter
WritePrinter
OpenPrinterA
StartDocPrinterA
StartPagePrinter
EndDocPrinter

comdlg32

ChooseFontA
GetOpenFileNameA
GetSaveFileNameA
ChooseColorA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA

shell32

Shell_NotifyIconA
ShellExecuteA
ExtractIconExA

Sections

.text
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24791eecf01d8cb909d6a5d99b5116e1

Headers

File Characteristics

Imports

comctl32

imm32

winmm

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

Sections

.text Size: 392KB - Virtual size: 391KB

.rdata Size: 116KB - Virtual size: 112KB

.data Size: 8KB - Virtual size: 36KB

.rsrc Size: 124KB - Virtual size: 120KB

.text
Size: 392KB - Virtual size: 391KB

.rdata
Size: 116KB - Virtual size: 112KB

.data
Size: 8KB - Virtual size: 36KB

.rsrc
Size: 124KB - Virtual size: 120KB