4bba9ba568be04a4d89088b90be8f4d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bba9ba568be04a4d89088b90be8f4d8
Size

14KB
MD5

4bba9ba568be04a4d89088b90be8f4d8
SHA1

50d4489c387d061821593aeaadd53223606b0bc5
SHA256

3c3112383173dd88f5adf21e6ef7ea6499ea719a32b7a4134c5021c7e5e09242
SHA512

dc5f21257667c5987d5ec4dc3ff432ed22742c1fde6d57ee7549a07b67ec9ca9844c0aab910f7e1439ad8da40b450d6d1453d0033424472c96383080e442f3db
SSDEEP

384:UocIjmNqOeSCid95rYARBWHH2MvEcoqR+:LYq1MCead8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bba9ba568be04a4d89088b90be8f4d8

Files

4bba9ba568be04a4d89088b90be8f4d8
.dll windows:4 windows x86 arch:x86

cd8056321e815fe41351b5bc18d16b3e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CallWindowProcW
wsprintfA
RegisterClassExW
SetWindowTextA
SendMessageA
SendDlgItemMessageA
PostMessageA
MessageBoxIndirectA
MessageBoxA
LoadIconA
KillTimer
IsDlgButtonChecked
ImpersonateDdeClientWindow
GetWindowTextA
GetSystemMenu
EndDialog
DialogBoxParamA
DestroyIcon
DdeDisconnect
AppendMenuA

kernel32

FindNextFileA
lstrlenA
lstrcatA
SystemTimeToFileTime
SleepEx
Sleep
SetUnhandledExceptionFilter
RtlMoveMemory
OpenMutexA
LoadLibraryExA
LoadLibraryA
HeapDestroy
GetTickCount
GetSystemTime
GetProcessHeaps
GetModuleHandleA
FlushViewOfFile
FindFirstFileA
FindClose
BeginUpdateResourceA
CloseHandle
DeviceIoControl
ExitProcess
ExitThread

gdi32

SelectClipPath
ScaleViewportExtEx

ws2_32

connect
socket
setsockopt
recv

Exports

Exports

agimxo

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ