FXSCOM[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FXSCOM.dll
Size

76KB
MD5

2ae14c258aa95fe5cd1bd1ca8acb1e88
SHA1

3b7b930d816963597a5b4b6d516cddf8ea515a7a
SHA256

fbbaf9a57881243fc44ee7fc1d73cdff765558c9a5bfc0d1bb926608167383c5
SHA512

648eca6f0dcd3ac36f4ba6b0b1add06180ba5f09e84ea50dd73d32be854fabe82341efadfe855f096f6638dc5eed6af5b2d221ad42a74802272f4742e32351c2
SSDEEP

1536:AQ2/5PmK9W4AyMTkUDLKUgwX7ObLbLBgq:AQuPmoAyWkU3KUgwXYL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FXSCOM.dll

Files

FXSCOM.dll
.dll regsvr32 windows:6 windows x86 arch:x86

2b6c977377c8e37076f45553aae5a75a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

FXSCOM.pdb

Imports

msvcrt

_amsg_exit
_initterm
free
??_V@YAXPAX@Z
malloc
_XcptFilter
_purecall
??2@YAPAXI@Z
memset
_except_handler4_common
??3@YAXPAX@Z
??_U@YAPAXI@Z
_vsnwprintf

atl

ord15
ord23
ord58
ord32
ord30
ord16
ord21
ord18
ord22

fxsapi

FaxSetPortW
FaxGetPortW
FaxEnumPortsW
FaxGetRoutingInfoW
FaxEnableRoutingMethodW
FaxEnumRoutingMethodsW
FaxSendDocumentW
FaxSetJobW
FaxGetJobW
FaxEnumJobsW
FaxGetDeviceStatusW
FaxOpenPort
FaxCompleteJobParamsW
FaxConnectFaxServerW
FaxSetConfigurationW
FaxGetConfigurationW
FaxFreeBuffer
FaxClose

kernel32

LocalFree
LocalAlloc
MultiByteToWideChar
FileTimeToSystemTime
UnmapViewOfFile
FileTimeToLocalFileTime
MapViewOfFile
CreateFileMappingW
CreateFileW
InterlockedIncrement
InterlockedDecrement
GetLastError
LeaveCriticalSection
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
SystemTimeToFileTime
GetSystemTime
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryW
GetStringTypeExW
GetTimeFormatW
SetLastError
GetVersionExW
GetDateFormatW
GetProcessHeap
HeapAlloc
HeapFree
EnterCriticalSection
OutputDebugStringW
lstrlenW

advapi32

TraceMessage
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

oleaut32

LoadRegTypeLi
VariantInit
VariantCopy
SysStringLen
SystemTimeToVariantTime
SysFreeString
SysAllocString
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b6c977377c8e37076f45553aae5a75a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

atl

fxsapi

kernel32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 43KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 43KB - Virtual size: 43KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 7KB - Virtual size: 6KB