635d1c5473e2c81822bae98448796020eb58d8c96e88ada7d1f057c76caa0bbe

Sharing

Copy URL

Twitter E-mail

General

Target

635d1c5473e2c81822bae98448796020eb58d8c96e88ada7d1f057c76caa0bbe
Size

92KB
MD5

4945ef159452ed31942b68bea5134c82
SHA1

c8b4e7887ea4490738606c27d67ef854c9059302
SHA256

635d1c5473e2c81822bae98448796020eb58d8c96e88ada7d1f057c76caa0bbe
SHA512

5a91b383628800332eed59f1c357fdbb37be4890b6227b80d55cbbe1b2baf06108a93b67313616a18b9d669b067da4463398f9292adee7332ec82bb2a5f42aed
SSDEEP

1536:wgLytff7/07BFmGCnUEebkFm8nJgObj8+L0AdryV0vvSfFXAbF3b:Q3mmpU350mSj8rjV03cFXW

Score

N/A

Malware Config

Signatures

Files

635d1c5473e2c81822bae98448796020eb58d8c96e88ada7d1f057c76caa0bbe
.zip
fax20141311.scr
.exe windows x86

dd22fff3e8ea4a017a7e5d84b5c49426

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLastError
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
SetStdHandle
WriteConsoleW
CreateFileW
CloseHandle
lstrcpyA
LocalFree
GetCurrentDirectoryA
LocalAlloc
LoadLibraryA
QueryPerformanceCounter
GetProcAddress
HeapCreate
CreateEventA
Sleep
_lclose
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
EncodePointer
GetModuleFileNameW
GetStdHandle
WriteFile
DecodePointer
FlushFileBuffers
ExitProcess
HeapAlloc
FreeLibrary
GetModuleFileNameA
OpenFile
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree

user32

ReleaseCapture
GetMenuItemCount
IsDlgButtonChecked
GetMenuItemInfoA
SetWindowPos
DefWindowProcA
SetMenuItemInfoA
DialogBoxParamA
SetWindowTextW
DestroyIcon
GetSystemMetrics
GetDlgItem
ReleaseDC
PeekMessageA
CreateWindowExA
InvalidateRect
GetDialogBaseUnits
CopyRect
MessageBoxA
SetWindowLongA
OffsetRect
MoveWindow
LoadImageA
DestroyWindow
InvertRect
GetWindowRect
MapDialogRect
PostQuitMessage
SendDlgItemMessageA
SetCapture
DrawTextW
DrawTextA
LoadIconA
GetClientRect
SetFocus
SendMessageA
SetRectEmpty
PtInRect
GetMonitorInfoA
GetDC
GetForegroundWindow
GetMenu

gdi32

GetTextExtentPoint32A
SetTextColor
GetOutlineTextMetricsA
CreateFontIndirectA
SetBkColor
SetBkMode
DeleteObject
SelectObject
SetMapMode
ExtTextOutW
SetPolyFillMode
GetTextMetricsA
GetFontData
GetGlyphOutlineA

comdlg32

GetSaveFileNameA
ChooseFontA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHBrowseForFolderA

ole32

CoInitializeEx
CoUninitialize

winmm

mmioClose
mmioWrite
PlaySoundA
mmioOpenA

shlwapi

StrDupA

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create

rpcrt4

RpcAsyncGetCallStatus
NdrOleAllocate
RpcAsyncInitializeHandle

gdiplus

GdipCreateFromHWND
GdipDisposeImage
GdipCloneImage
GdipDeleteGraphics
GdipFree
GdipLoadImageFromFile
GdipAlloc

dbghelp

SymSetOptions
SymInitialize
SymGetOptions
UnDecorateSymbolName
SymGetSymFromAddr

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd22fff3e8ea4a017a7e5d84b5c49426

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

winmm

shlwapi

comctl32

rpcrt4

gdiplus

dbghelp

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 19KB - Virtual size: 26KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 19KB - Virtual size: 26KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 6KB - Virtual size: 6KB