ab4146ac6300c610a65ccb71ce9751fadec0043f525be1657e283a4b18ffc71d

General

Target

ab4146ac6300c610a65ccb71ce9751fadec0043f525be1657e283a4b18ffc71d
Size

828KB
MD5

a2cc542d2ab3fca294a342052a7437f0
SHA1

389b955be13e40f9a84a7294b6a857cd5d07829d
SHA256

ab4146ac6300c610a65ccb71ce9751fadec0043f525be1657e283a4b18ffc71d
SHA512

8bdc97aeab323b87d6ab25ac66b5a4d17756e3a20f3b4ed98560a5b910d4808c4b0c02e44e01e29aea55618fe39d903918a43e8a138612fcaddbef8dc8dc0442
SSDEEP

12288:T9e0sxB3C8xpMwZWohA/VTN9cRcJ1zjOoiXQ8dQ5XAsQVtJ7P1P0ZzXbyGaLuMnO:T++wZWj/RNO5Q8QiQXbvaLumRr

Score

N/A

Malware Config

Signatures

Files

ab4146ac6300c610a65ccb71ce9751fadec0043f525be1657e283a4b18ffc71d
.exe windows x86

8d9ac02fe5e1ff908a0c018385674d34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

esent

JetAddColumn

pdh

PdhAdd009CounterA
PdhAdd009CounterW
PdhAddCounterA
PdhAddCounterW
PdhBindInputDataSourceA
PdhBindInputDataSourceW
PdhBrowseCountersA
PdhBrowseCountersHA
PdhBrowseCountersHW
PdhBrowseCountersW
PdhCalculateCounterFromRawValue
PdhCloseLog
PdhCloseQuery
PdhCollectQueryData
PdhCollectQueryDataEx
PdhComputeCounterStatistics
PdhConnectMachineA
PdhConnectMachineW
PdhCreateSQLTablesA
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA
PdhEnumMachinesHW
PdhEnumMachinesW
PdhEnumObjectItemsA
PdhEnumObjectItemsHA
PdhEnumObjectItemsHW
PdhEnumObjectItemsW
PdhEnumObjectsA

kernel32

GetConsoleMode
GetTickCount
GetWindowsDirectoryA
GetConsoleTitleW
IsBadCodePtr
SetupComm
ShowConsoleCursor
SignalObjectAndWait
SizeofResource
SetThreadPriority
_lopen
_lread

mapi32

BMAPIAddress
BMAPIDetails
BMAPIFindNext
BMAPIGetAddress
BMAPIGetReadMail
BMAPIReadMail
BMAPIResolveName
BMAPISaveMail

advpack

AddDelBackupEntry

Sections

.text
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 770KB - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.neolit
Size: 5KB - Virtual size: 8KB

Sharing

General

Malware Config

Signatures

Files

8d9ac02fe5e1ff908a0c018385674d34

Headers

File Characteristics

Imports

esent

pdh

kernel32

mapi32

advpack

Sections

.text Size: 28KB - Virtual size: 35KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 770KB - Virtual size: 772KB

.neolit Size: 5KB - Virtual size: 8KB

.text
Size: 28KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 770KB - Virtual size: 772KB

.neolit
Size: 5KB - Virtual size: 8KB