tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

202KB
MD5

ab10242331b253f652a49b9a56b9a409
SHA1

ae8cc41b89a8da5e9d66e9dc2d9742dc48ce4af0
SHA256

532b603169624abd2748d6222560a5d98ef4bd4f6a950b6e60590dbdc700af2f
SHA512

27d93eee97fd28aebf2462a1ee122b5beb9b99878cf2191a5f00b2333a8f930a7c48303569f7688c1ed9b9d780bf1cb2d9ce3f8b8f9a1e5c3d7c5b27e85b98b5
SSDEEP

6144:xmmex0qD2OWEAAWqhZ/aR4zzuUaz7CjtMOOGgNgTo:xmmZK2OibqDyezrazGRsGgN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tmp

Files

tmp
.exe windows:1 windows x86 arch:x86

44d1d3622a1f568fe5a4988612a1b8da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA

user32

MessageBoxA

Sections

Feokt.
Size: 201KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE