bd48b3301e486984953486696e3d61a4d485a9fbc6fb62ab61829985720d0e65

General

Target

bd48b3301e486984953486696e3d61a4d485a9fbc6fb62ab61829985720d0e65
Size

828KB
MD5

829fd1ea6816c5d6f6f4ee6b4a1a27d0
SHA1

94bf96fd198eb104e2a773e8201c28d72de006b7
SHA256

bd48b3301e486984953486696e3d61a4d485a9fbc6fb62ab61829985720d0e65
SHA512

465cfc0526749a83ecad2f20bba084766f1fdf9b2042a2cbd62f0cf88fb170f82419282fee4f906a4cc675d2f2f1ed10c39df5492de871e282f613935770f881
SSDEEP

12288:T9e0sxB3C8xpMwZWohA/VTN9cRcJ1zjOoiXQ8dQ5XAsQVtJ7P1P0ZzXbyGaLuMnO:T++wZWj/RNO5Q8QiQXbvaLumRr

Score

N/A

Malware Config

Signatures

Files

bd48b3301e486984953486696e3d61a4d485a9fbc6fb62ab61829985720d0e65
.exe windows x86

8d9ac02fe5e1ff908a0c018385674d34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

esent

JetAddColumn

pdh

PdhAdd009CounterA
PdhAdd009CounterW
PdhAddCounterA
PdhAddCounterW
PdhBindInputDataSourceA
PdhBindInputDataSourceW
PdhBrowseCountersA
PdhBrowseCountersHA
PdhBrowseCountersHW
PdhBrowseCountersW
PdhCalculateCounterFromRawValue
PdhCloseLog
PdhCloseQuery
PdhCollectQueryData
PdhCollectQueryDataEx
PdhComputeCounterStatistics
PdhConnectMachineA
PdhConnectMachineW
PdhCreateSQLTablesA
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA
PdhEnumMachinesHW
PdhEnumMachinesW
PdhEnumObjectItemsA
PdhEnumObjectItemsHA
PdhEnumObjectItemsHW
PdhEnumObjectItemsW
PdhEnumObjectsA

kernel32

GetConsoleMode
GetTickCount
GetWindowsDirectoryA
GetConsoleTitleW
IsBadCodePtr
SetupComm
ShowConsoleCursor
SignalObjectAndWait
SizeofResource
SetThreadPriority
_lopen
_lread

mapi32

BMAPIAddress
BMAPIDetails
BMAPIFindNext
BMAPIGetAddress
BMAPIGetReadMail
BMAPIReadMail
BMAPIResolveName
BMAPISaveMail

advpack

AddDelBackupEntry

Sections

.text
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 770KB - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.neolit
Size: 5KB - Virtual size: 8KB

Sharing

General

Malware Config

Signatures

Files

8d9ac02fe5e1ff908a0c018385674d34

Headers

File Characteristics

Imports

esent

pdh

kernel32

mapi32

advpack

Sections

.text Size: 28KB - Virtual size: 35KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 770KB - Virtual size: 772KB

.neolit Size: 5KB - Virtual size: 8KB

.text
Size: 28KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 770KB - Virtual size: 772KB

.neolit
Size: 5KB - Virtual size: 8KB