1e2a131f58317f87362a1cab93d7af1f4cabaa8faef414980959a1e5a8df001a

General

Target

1e2a131f58317f87362a1cab93d7af1f4cabaa8faef414980959a1e5a8df001a
Size

424KB
MD5

09d6672ceb7d3617057e26a96ae2f170
SHA1

31e3c55a7eefdc81ed97dfbe1968dd34d118a9b7
SHA256

1e2a131f58317f87362a1cab93d7af1f4cabaa8faef414980959a1e5a8df001a
SHA512

613951bbd1fc546f7bde4948612425d763f310c9ef5b9ab034614d76dc3f6bcd2be7a30d8280f0c87c2e354c84d1ac5950774034c7d8fa989374d8d060b4960d
SSDEEP

6144:UWsSKG8amDfS08pr+Vj6rATXjBgGQ8IXxXgA8ndmrI/1Qn:/sSKGP0WNtG10B2dxw

Score

N/A

Malware Config

Signatures

Files

1e2a131f58317f87362a1cab93d7af1f4cabaa8faef414980959a1e5a8df001a
.exe windows x86

f8eeb8a741fb3c83f276ff244efc6453

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsnmp32

ord103
ord104

winfax

FaxAbort
FaxAccessCheck
FaxClose
FaxCompleteJobParamsW
FaxConnectFaxServerW
FaxEnumJobsW
FaxEnumPortsW
FaxEnumRoutingMethodsW
FaxFreeBuffer
FaxGetConfigurationW
FaxGetPageData
FaxGetPortW
FaxGetRoutingInfoW
FaxInitializeEventQueue
FaxOpenPort
FaxPrintCoverPageW
FaxRegisterRoutingExtensionW
FaxRegisterServiceProviderW
FaxSendDocumentForBroadcastW
FaxSendDocumentW
FaxSetConfigurationW
FaxSetPortW
FaxSetRoutingInfoW
FaxStartPrintJobW

msvcrt

_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__p___winitenv
exit
_XcptFilter
_exit
memcpy
strlen
strftime
strncpy
strtol
??2@YAPAXI@Z
??3@YAXPAX@Z

kernel32

LoadLibraryW
GetProcAddress
SetTapeParameters
GetVolumeInformationW

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 10.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8eeb8a741fb3c83f276ff244efc6453

Headers

File Characteristics

Imports

wsnmp32

winfax

msvcrt

kernel32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 144KB - Virtual size: 140KB

.data Size: 120KB - Virtual size: 10.9MB

.idata Size: 100KB - Virtual size: 98KB

.rsrc Size: 24KB - Virtual size: 22KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 144KB - Virtual size: 140KB

.data
Size: 120KB - Virtual size: 10.9MB

.idata
Size: 100KB - Virtual size: 98KB

.rsrc
Size: 24KB - Virtual size: 22KB

.reloc
Size: 12KB - Virtual size: 11KB