ad66419409761988599685e112769f4e609ccfab56ae15c582077cddf916b825

General

Target

ad66419409761988599685e112769f4e609ccfab56ae15c582077cddf916b825
Size

832KB
MD5

366e8bff01f98e4aa37c2d8d681fd90f
SHA1

9a578bc8fb5758181b38f14bd6d45db2fca56296
SHA256

ad66419409761988599685e112769f4e609ccfab56ae15c582077cddf916b825
SHA512

b84b627b59604b7a17c4cab06a892ea3aa87651c0921c1b7e3825799f727c380be2c1cbb7b0a80368701d5d73657aec57c91b9445e178b7b82bcf591e1f2414e
SSDEEP

12288:Qx+FEdRC59WjyzBBUiwoPvONbMw29810PE10MnQKXt9MY8tkwB:QsURg9syIo+NQwX+E1XfXMYs

Score

N/A

Malware Config

Signatures

Files

ad66419409761988599685e112769f4e609ccfab56ae15c582077cddf916b825
.exe windows x86

8d9ac02fe5e1ff908a0c018385674d34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

esent

JetAddColumn

pdh

PdhAdd009CounterA
PdhAdd009CounterW
PdhAddCounterA
PdhAddCounterW
PdhBindInputDataSourceA
PdhBindInputDataSourceW
PdhBrowseCountersA
PdhBrowseCountersHA
PdhBrowseCountersHW
PdhBrowseCountersW
PdhCalculateCounterFromRawValue
PdhCloseLog
PdhCloseQuery
PdhCollectQueryData
PdhCollectQueryDataEx
PdhComputeCounterStatistics
PdhConnectMachineA
PdhConnectMachineW
PdhCreateSQLTablesA
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA
PdhEnumMachinesHW
PdhEnumMachinesW
PdhEnumObjectItemsA
PdhEnumObjectItemsHA
PdhEnumObjectItemsHW
PdhEnumObjectItemsW
PdhEnumObjectsA

kernel32

GetConsoleMode
GetTickCount
GetWindowsDirectoryA
GetConsoleTitleW
IsBadCodePtr
SetupComm
ShowConsoleCursor
SignalObjectAndWait
SizeofResource
SetThreadPriority
_lopen
_lread

mapi32

BMAPIAddress
BMAPIDetails
BMAPIFindNext
BMAPIGetAddress
BMAPIGetReadMail
BMAPIReadMail
BMAPIResolveName
BMAPISaveMail

advpack

AddDelBackupEntry

Sections

.text
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 774KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

Sharing

General

Malware Config

Signatures

Files

8d9ac02fe5e1ff908a0c018385674d34

Headers

File Characteristics

Imports

esent

pdh

kernel32

mapi32

advpack

Sections

.text Size: 28KB - Virtual size: 35KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 774KB - Virtual size: 776KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 28KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 774KB - Virtual size: 776KB

.rsrc
Size: 5KB - Virtual size: 8KB