33FC[.]tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33FC.tmp
Size

145KB
MD5

c610e7ccd6859872c585b2a85d7dc992
SHA1

362b3d4b72e3add687c209c79b500b7c6a246d46
SHA256

14063fc61dc71b9881d75e93a587c27a6daf8779ff5255a24a042beace541041
SHA512

8570aad2ae8b5dcba00fc5ebf3dc0ea117e96cc88a83febd820c5811bf617a6431c1367b3eb88332f43f80b30ebe2c298c22dcc44860a075f7b41bf350236666
SSDEEP

3072:V2V6THkukqCStAK0GfqUeQwIReaOIZEKbQy3416w3JxxP:VDHzunLajE4QyhEt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33FC.tmp

Files

33FC.tmp
.exe windows:6 windows x86 arch:x86

d20ea7936e9292c61089e1f572130972

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

strlen
qsort
_strlwr
memcpy
wcscmp
memset
_snwprintf

kernel32

FindFirstFileW
GetDriveTypeW
SetErrorMode
GetLogicalDrives
CloseHandle
GetProcAddress
GetDiskFreeSpaceW
FindClose
FindNextFileW
ExitProcess
CreateMutexW
GetModuleFileNameW
GetFileSizeEx
GetLastError
CreateFileW
ReadFile
WriteFile
GetProcessHeap
HeapFree
HeapAlloc
GetFileSize
HeapReAlloc
LoadLibraryW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ