fax-message921497[.]scr

General

Target

fax-message921497.scr
Size

37KB
MD5

97ab139588ee98d140143f606115165e
SHA1

462cefceadacf69847f00a79807fe3153fd85b58
SHA256

86f1b78efe2bc736b5d85bb75d2920130fb9ddbf1a41480a44a660e5a3803aba
SHA512

5073c31f3cbf01a3d90878c666d287021f6b6dd7eb25aa9787f94057bb37a531499e700744616bfa98d4a4d078297ba639bc452afa36f6cc39025ebed1c618c4
SSDEEP

768:jtHtXXXm7SCpr1XzohpSl7/qE+ZHsO9ymVNBOcj2H4dep3w:BtXXXm7SCpr1XzohpSl7/qE+ZHsIymVX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fax-message921497.scr

Files

fax-message921497.scr
.exe windows x86

7401850f3cf5bad6dd9d3260bf378614

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cfgmgr32

CM_Get_Version
CM_Get_Version

fde

DllGetClassObject
DllGetClassObject

iassam

DllRegisterServer
DllRegisterServer

dciman32

DCICreateOverlay

clusapi

ClusterEnum
ClusterEnum

kernel32

ReplaceFileA
GetACP
RtlMoveMemory
SetComputerNameA
QueryDosDeviceA
CreateJobObjectA
ReadConsoleOutputA
RegisterWowExec
Beep
_lopen
GetProfileIntW
TerminateThread
ExitThread
GetSystemDirectoryA

lz32

LZRead
LZInit

tapi32

lineGetCallInfo
lineGetCallInfoA
lineGetCallInfoW
lineGetCallStatus
lineGetConfRelatedCalls
lineGetCountry
lineGetCountryA
lineGetCountryW
lineGetDevCaps
lineGetDevCapsA
lineGetDevCapsW
lineGetDevConfig
lineGetDevConfigA
lineGetDevConfigW
lineGetGroupListA
lineGetGroupListW
lineGetID
lineGetIDA
lineGetIDW
lineGetIcon
lineGetIconA
lineGetIconW
lineGetLineDevStatus
lineGetLineDevStatusA
lineGetLineDevStatusW
lineGetMessage

Sections

.text
Size: 6KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.neolit
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7401850f3cf5bad6dd9d3260bf378614

Headers

File Characteristics

Imports

cfgmgr32

fde

iassam

dciman32

clusapi

kernel32

lz32

tapi32

Sections

.text Size: 6KB - Virtual size: 30KB

.data Size: 7KB - Virtual size: 70KB

.neolit Size: 18KB - Virtual size: 20KB

.rdata Size: 2KB - Virtual size: 2KB

DATA Size: 2KB - Virtual size: 2KB

.text
Size: 6KB - Virtual size: 30KB

.data
Size: 7KB - Virtual size: 70KB

.neolit
Size: 18KB - Virtual size: 20KB

.rdata
Size: 2KB - Virtual size: 2KB

DATA
Size: 2KB - Virtual size: 2KB