11f0abf6bb7d1e4a5c5d76cd7ce9a498173b6308fe23762e03e82b69547cdac2

Sharing

Copy URL Twitter E-mail

General

Target

11f0abf6bb7d1e4a5c5d76cd7ce9a498173b6308fe23762e03e82b69547cdac2
Size

54KB
MD5

89c93a4224cd11a5568ac9854cf7934e
SHA1

7104512aa81da14bf984858892592ca8f0e1d868
SHA256

11f0abf6bb7d1e4a5c5d76cd7ce9a498173b6308fe23762e03e82b69547cdac2
SHA512

483c80d4c29e3b7f18301d451c6ba7895eff165b3b1c30d646f0c5fcb5f097aaf4c0921bac3d9ba6737a5bfd5b275fc0027305cac477aa15c9adfafa65b1dbcd
SSDEEP

1536:NubIJJEsniYEBcI66+s2gDEErVsFNQRPZipCBEO+dxo:a4EYlIL+7GEErivQPcsF+dxo

Score

N/A

Malware Config

Signatures

Files

11f0abf6bb7d1e4a5c5d76cd7ce9a498173b6308fe23762e03e82b69547cdac2
.zip
fax_msg20141120_pdf.scr
.exe windows x86

8b3d764b36f48f074603d5e32c044546

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
EnterCriticalSection
HeapSize
LoadLibraryW
TlsFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW
TlsAlloc
TlsGetValue
GetNativeSystemInfo
EnumSystemCodePagesW
GetLastError
HeapCreate
GetUserGeoID
GetCommandLineA
LeaveCriticalSection
RtlUnwind
GetSystemTimeAsFileTime
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetHandleCount
InterlockedDecrement
GetCurrentThreadId
SetLastError
HeapAlloc
TlsSetValue
LocalFree
HeapSetInformation
GetStartupInfoW
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
DecodePointer
EncodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InterlockedIncrement

user32

GetClientRect
DispatchMessageA
ShowWindow
SetLayeredWindowAttributes
EndDialog
ReleaseDC
GetDCEx
CreateWindowExA
RegisterClassA
GetDialogBaseUnits
LoadCursorA
EndPaint
GetMessageA
IsMenu
DrawTextW
DrawTextA
GetParent
MessageBoxA
SetRectEmpty
BeginPaint
GetDC
IsDialogMessageA
OffsetRect
UpdateWindow

gdi32

DeleteDC
MoveToEx
EndPage
BitBlt
SetViewportOrgEx
LineTo
SetWindowExtEx
StartPage
SetTextColor
CreateCompatibleDC
GetDeviceCaps
SetBkColor
DeleteObject
SelectObject
SetMapMode
CreateCompatibleBitmap
StartDocA
Polyline
SetViewportExtEx
EndDoc

comdlg32

GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
PrintDlgA
ChooseFontA
FindTextA
ReplaceTextA
PageSetupDlgA

ole32

CoInitialize
CoCreateInstance

oleaut32

VariantClear

wininet

DeleteUrlCacheEntry
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache

dbghelp

SymInitialize
SymGetOptions
SymSetOptions

authz

AuthzInitializeResourceManager

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b3d764b36f48f074603d5e32c044546

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

ole32

oleaut32

wininet

dbghelp

authz

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 19KB - Virtual size: 22KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 19KB - Virtual size: 22KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 5KB