tmp | Triage

Sharing

General

Target

tmp
Size

5.4MB
MD5

6df70c68f4d3a7f201d0884aefa6d23d
SHA1

eaacc3b83ebaa2e52edb30d1c29c2cd1ef14c4ad
SHA256

340d6cfaad173ee2cdb4c0cc86cbf6392ded5bf65d12a2a22078e543f480405c
SHA512

ca8470011ea48165ba50e84af4af066502e6eeba8fef3bc5251d692d93cad390387fcf3a629fd8edee7cde7330a5b5eb90c16b7fd8914cd7c5f71c2e7693c567
SSDEEP

49152:T0+LIa6Z+jNssiT671k0Ti40kqjWCRfJajfPgD0Z2cu4+3+zamnDwhEID3:QCBA67Sa0kqi6JSw9cuv5R3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tmp

Files

tmp
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.EkV;
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.*;$b
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zc|<
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ