f7a639cd5f58c0fc54f2f344f3bd0a71fe49b2d83bf409631aa1a880d1f8f488

General

Target

f7a639cd5f58c0fc54f2f344f3bd0a71fe49b2d83bf409631aa1a880d1f8f488
Size

828KB
MD5

83fc51ae927965f9fc7ea8f4c124d560
SHA1

7b73d6a0e1137839ae53f27daa487ff7e307c38a
SHA256

f7a639cd5f58c0fc54f2f344f3bd0a71fe49b2d83bf409631aa1a880d1f8f488
SHA512

20a81544e76c90d801d281b703b354bf12fd902b733ec172986fc92d87c35f687a824f8defa6c82fabeb9d7cd3b25eeaef33aed39a2f12f6fbbad5c2e8786a32
SSDEEP

12288:R9e1sxB3C8xpMwZWohA/VTN9cRcJ1zjOoiXQ8dQ5XAsQVtJ7P1P0ZzXbyGaLuMnO:RH+wZWj/RNO5Q8QiQXbvaLumRr

Score

N/A

Malware Config

Signatures

Files

f7a639cd5f58c0fc54f2f344f3bd0a71fe49b2d83bf409631aa1a880d1f8f488
.exe windows x86

8d9ac02fe5e1ff908a0c018385674d34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

esent

JetAddColumn

pdh

PdhAdd009CounterA
PdhAdd009CounterW
PdhAddCounterA
PdhAddCounterW
PdhBindInputDataSourceA
PdhBindInputDataSourceW
PdhBrowseCountersA
PdhBrowseCountersHA
PdhBrowseCountersHW
PdhBrowseCountersW
PdhCalculateCounterFromRawValue
PdhCloseLog
PdhCloseQuery
PdhCollectQueryData
PdhCollectQueryDataEx
PdhComputeCounterStatistics
PdhConnectMachineA
PdhConnectMachineW
PdhCreateSQLTablesA
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA
PdhEnumMachinesHW
PdhEnumMachinesW
PdhEnumObjectItemsA
PdhEnumObjectItemsHA
PdhEnumObjectItemsHW
PdhEnumObjectItemsW
PdhEnumObjectsA

kernel32

GetConsoleMode
GetTickCount
GetWindowsDirectoryA
GetConsoleTitleW
IsBadCodePtr
SetupComm
ShowConsoleCursor
SignalObjectAndWait
SizeofResource
SetThreadPriority
_lopen
_lread

mapi32

BMAPIAddress
BMAPIDetails
BMAPIFindNext
BMAPIGetAddress
BMAPIGetReadMail
BMAPIReadMail
BMAPIResolveName
BMAPISaveMail

advpack

AddDelBackupEntry

Sections

.text
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 770KB - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d9ac02fe5e1ff908a0c018385674d34

Headers

File Characteristics

Imports

esent

pdh

kernel32

mapi32

advpack

Sections

.text Size: 28KB - Virtual size: 35KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 770KB - Virtual size: 772KB

Size: 5KB - Virtual size: 8KB

.text
Size: 28KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 770KB - Virtual size: 772KB