Advanced File Analysis System | Valkyrie

File Name: BrMapiSend.exe

File Type: PE32 executable (GUI) Intel 80386, for MS Windows

SHA1: 0e4c6da729aa67ef987e180854582bcf960baa33

MD5: d1e73044dc027a4fae39776f520e9c61

Download Kill Chain Report

CREATED / DROPPED FILES

File Path	Type and Hashes

MATCH YARA RULES

Match Rules

STATIC FILE INFO

File Name:	BrMapiSend.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
SHA1:	0e4c6da729aa67ef987e180854582bcf960baa33
MD5:	d1e73044dc027a4fae39776f520e9c61
First Seen Date:	2016-05-17 20:14:42.170298 ( 2016-05-17 20:14:42.170298 )
Number of Clients Seen:	56
Last Analysis Date:	2016-05-17 20:14:42.134598 ( 2016-05-17 20:14:42.134598 )
Human Expert Analysis Date:	2016-05-18 06:29:17.525650 ( 2016-05-18 06:29:17.525650 )
Human Expert Analysis Result:	Clean

ADDITIONAL FILE INFORMATION

PE Headers

Property	Value
number of sections	5
compilation time stamp	0x56B19CA9 [Wed Feb 3 06:22:33 2016 UTC]
LegalCopyright	Copyright(C) 2009-2012 Brother Industries, Ltd.
InternalName	BrMapiSend.exe
FileVersion	4. 2. 6. 1
CompanyName	Brother Industries, Ltd.
ProductName	ControlCenter4
ProductVersion	4. 2. 6. 1
FileDescription	CC4 MAPI Send
OriginalFilename	BrMapiSend.exe
Translation	0x0409 0x04b0
entry point	0x4040fa (.text)
machine type	Intel 386 or later - 32Bit
file size	94720
sha256	3d042b08e1f07d16ce48ffb012fbfeb83a3b1c777e32d5dfc2ecdce6e1113ea9
mime type	application/x-dosexec

PE Sections

Name	Virtual Address	Virtual Size	Raw Size	Entropy	MD5
.text	0x1000	0xfcf5	0xfe00	6.487869	-
.rdata	0x11000	0x3dc4	0x3e00	4.821720	-
.data	0x15000	0x3fac	0x1200	2.831724	-
.rsrc	0x19000	0x530	0x600	4.475206	-
.reloc	0x1a000	0x1908	0x1a00	4.449937	-

PE Imports

KERNEL32.dll
- LoadLibraryW
- GetProcAddress
- DeleteFileA
- FreeLibrary
- MultiByteToWideChar
- GetFileAttributesW
- GetLastError
- WideCharToMultiByte
- GetProcessHeap
- SetEndOfFile
- IsProcessorFeaturePresent
- EncodePointer
- DecodePointer
- GetCommandLineA
- HeapSetInformation
- GetStartupInfoW
- TerminateProcess
- GetCurrentProcess
- UnhandledExceptionFilter
- SetUnhandledExceptionFilter
- IsDebuggerPresent
- EnterCriticalSection
- LeaveCriticalSection
- InitializeCriticalSectionAndSpinCount
- RtlUnwind
- SetHandleCount
- GetStdHandle
- GetFileType
- DeleteCriticalSection
- HeapFree
- SetFilePointer
- CloseHandle
- HeapAlloc
- RaiseException
- Sleep
- HeapSize
- GetModuleHandleW
- ExitProcess
- WriteFile
- GetModuleFileNameW
- GetModuleFileNameA
- FreeEnvironmentStringsW
- GetEnvironmentStringsW
- TlsAlloc
- TlsGetValue
- TlsSetValue
- TlsFree
- InterlockedIncrement
- SetLastError
- GetCurrentThreadId
- InterlockedDecrement
- HeapCreate
- QueryPerformanceCounter
- GetTickCount
- GetCurrentProcessId
- GetSystemTimeAsFileTime
- GetConsoleCP
- GetConsoleMode
- GetCPInfo
- GetACP
- GetOEMCP
- IsValidCodePage
- CreateFileW
- ReadFile
- SetStdHandle
- FlushFileBuffers
- HeapReAlloc
- WriteConsoleW
- LCMapStringW
- GetStringTypeW
ADVAPI32.dll
- RegOpenKeyExW
- RegQueryValueExW
- RegCloseKey
SHELL32.dll
- DoEnvironmentSubstW
OLEAUT32.dll
- None

PE Resources

RT_VERSION

RT_MANIFEST

CERTIFICATE VALIDATION

Loading...