Overview

overview

7

Static

static

7

BuffMail_v...7O.zip

windows7-x64

1

BuffMail_v...7O.zip

windows10-2004-x64

1

BuffMail_p7o.exe

windows7-x64

7

BuffMail_p7o.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    BuffMail_v1.3.2_P7O.zip

  • Size

    22.6MB

  • MD5

    bcf3ff5a83bbc68720e9736a9625d5b0

  • SHA1

    769ea316892a98d2c0446db71257cdf3e5ff357c

  • SHA256

    2f4a0ae88106503fc0056ff9bd270c0e8b33eff1f5403cdf3811af8dcdef9582

  • SHA512

    b4856e4964d49b38ac530716ad13d57f9e24e48cbb6700eb87a52eaac1d86d95a4dde3fd804be4645e8204b8a984395815c584d86c4142733aa1886499570c70

  • SSDEEP

    393216:/Cz5UKdv22FZBIMGGagyq06BToNWxcLGPjMOcU7fNGe6o/uWrXR3I5DXDcva:qDdHFyWxscMOcDquCXRqkva

Score
7/10
agilenet

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • BuffMail_v1.3.2_P7O.zip
    .zip
  • BuffMail_p7o.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • BuffMail_p7o.exe.config
  • Settings.json
  • license.ini
  • stk.dll
    .dll windows:6 windows x64 arch:x64

    170c9afa3119451f66d01dd720ef2f4a


    Headers

    Imports

    Exports

    Sections

  • token.ini