b67ce7dba2962462c886c3d169febec7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b67ce7dba2962462c886c3d169febec7_JaffaCakes118
Size

5.4MB
MD5

b67ce7dba2962462c886c3d169febec7
SHA1

b722a50cde178d47e89b20977f6830340670e23d
SHA256

70944de7ab0ba79a8b34ae643960b6714f044f67d36f3f5065f2a6e655a491ef
SHA512

b1c4882797f7a6cdb0f902a9849a36afd6d5639b7f88d535acb2fabf928a85e1e900e667aaa6ff0e948134d31623fe238507feea87135731a1e8b1e6a8b145ff
SSDEEP

98304:rOH4fRnnWAW9BzdjBIVLdsOOmkwVHQjFmsOc/3tVWCQ8gxnzYA6e6nVWkZ56:rOYJWAW9BzdjiVL1Nyr3yx59zYAXkX6

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 4 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/HTMLPad 2010/css.dll	acprotect
static1/unpack001/HTMLPad 2010/cssformat.dll	acprotect
static1/unpack001/HTMLPad 2010/html.dll	acprotect
static1/unpack001/HTMLPad 2010/php.dll	acprotect

UPX packed file 8 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/HTMLPad 2010/busl/busl.exe	upx
static1/unpack001/HTMLPad 2010/css.dll	upx
static1/unpack001/HTMLPad 2010/cssformat.dll	upx
static1/unpack001/HTMLPad 2010/html.dll	upx
static1/unpack001/HTMLPad 2010/htmlpad.exe	upx
static1/unpack001/HTMLPad 2010/jslint/jsl.exe	upx
static1/unpack001/HTMLPad 2010/php.dll	upx
static1/unpack001/HTMLPad 2010/setman.exe	upx

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HTMLPad 2010/busl/busl.exe
unpack002/out.upx
unpack001/HTMLPad 2010/css.dll
unpack001/HTMLPad 2010/cssformat.dll
unpack001/HTMLPad 2010/html.dll
unpack001/HTMLPad 2010/htmlpad.exe
unpack001/HTMLPad 2010/icons.dll
unpack001/HTMLPad 2010/jslint/jsl.exe
unpack001/HTMLPad 2010/php.dll
unpack001/HTMLPad 2010/tidy/tidy.exe

Files

b67ce7dba2962462c886c3d169febec7_JaffaCakes118
.rar
HTMLPad 2010/busl/busl.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 176B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HTMLPad 2010/busl/busl.txt
HTMLPad 2010/css.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CSSBox
CSSMediaType
CSSNewSelector
CSSSelectFont
CSSWizard

Sections

UPX0
Size: - Virtual size: 792KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 342KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HTMLPad 2010/cssformat.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

GetFormatedCssText
GetFormatedCssText@160

Sections

UPX0
Size: - Virtual size: 840KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 247KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HTMLPad 2010/data/asp.ini
.vbs
HTMLPad 2010/data/aspvar.ini
HTMLPad 2010/data/colors.ini
HTMLPad 2010/data/csscompress.ini
HTMLPad 2010/data/cssdefs/CSS General.ini
HTMLPad 2010/data/cssdefs/CSS Level 1.ini
HTMLPad 2010/data/cssdefs/CSS Level 2.1.ini
HTMLPad 2010/data/cssdefs/CSS Level 2.ini
HTMLPad 2010/data/cssdefs/CSS Level 3.ini
HTMLPad 2010/data/cssdefs/CSS Mobile Profile 1.0.ini
HTMLPad 2010/data/cssdefs/Firefox 2.0.ini
HTMLPad 2010/data/cssdefs/Firefox 3.0.ini
HTMLPad 2010/data/cssdefs/Internet Explorer 5.5.ini
HTMLPad 2010/data/cssdefs/Internet Explorer 5.ini
HTMLPad 2010/data/cssdefs/Internet Explorer 6.ini
HTMLPad 2010/data/cssdefs/Internet Explorer 7.ini
HTMLPad 2010/data/cssdefs/Internet Explorer 8.ini
HTMLPad 2010/data/cssdefs/Netscape 6.ini
HTMLPad 2010/data/cssdefs/Netscape 7.ini
HTMLPad 2010/data/cssdefs/Netscape 8.ini
HTMLPad 2010/data/cssdefs/Opera 7.ini
HTMLPad 2010/data/cssdefs/Opera 8.ini
HTMLPad 2010/data/cssdefs/Opera 9.ini
HTMLPad 2010/data/cssdefs/Safari 3.ini
HTMLPad 2010/data/cssdefs/compat.ini
HTMLPad 2010/data/cssdefs/css.dat
HTMLPad 2010/data/cssdefs/iPhone 2.ini
HTMLPad 2010/data/entities.ini
HTMLPad 2010/data/hscripts/MulticolorHTML.xs
HTMLPad 2010/data/hscripts/MulticolorHTMLwithPHP.xs
HTMLPad 2010/data/hscripts/PHPwithVarsInStrings.xs
HTMLPad 2010/data/hscripts/SampleHTML.xs
HTMLPad 2010/data/javascr.ini
.js
HTMLPad 2010/data/javascriptitems.ini
.js
HTMLPad 2010/data/misc.ini
HTMLPad 2010/data/mldefs/HTML 4.01.ini
HTMLPad 2010/data/mldefs/WML 1.1.ini
HTMLPad 2010/data/mldefs/XHTML 1.0.ini
HTMLPad 2010/data/mldefs/XHTML 1.1.ini
HTMLPad 2010/data/mldefs/html.dat
HTMLPad 2010/data/mldefs/markup.dat
HTMLPad 2010/data/newdoc.ini
HTMLPad 2010/data/parsers/aspparser.dat
HTMLPad 2010/data/parsers/cssparser.dat
HTMLPad 2010/data/parsers/htmlparser.dat
HTMLPad 2010/data/parsers/jsparser.dat
HTMLPad 2010/data/parsers/perlparser.dat
HTMLPad 2010/data/parsers/phpparser.dat
HTMLPad 2010/data/parsers/txtparser.dat
HTMLPad 2010/data/parsers/vbsparser.dat
HTMLPad 2010/data/parsers/wmlparser.dat
HTMLPad 2010/data/parsers/xmlparser.dat
HTMLPad 2010/data/phpvar.ini
.ps1
HTMLPad 2010/data/preview/default.htm
.html
HTMLPad 2010/data/preview/short.htm
.html
HTMLPad 2010/data/preview/text_tags_only.htm
.html
HTMLPad 2010/data/regexpr.dat
HTMLPad 2010/data/resources/special.gif
.gif
HTMLPad 2010/data/resources/special_de.gif
.gif
HTMLPad 2010/data/ssivar.ini
HTMLPad 2010/data/xray.js
.js
HTMLPad 2010/help/cssref.chm
.chm
HTMLPad 2010/help/help.chm
.chm
HTMLPad 2010/help/help_de.chm
.chm
HTMLPad 2010/help/htmlref.chm
.chm
HTMLPad 2010/html.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

InsertBaseTag
InsertButtonTag
InsertCellTag
InsertCheckboxTag
InsertFImageTag
InsertFontTag
InsertFormTag
InsertFrameTag
InsertFramesetTag
InsertHeadingTag
InsertHiddenTag
InsertHyperlinkTag
InsertIFrameTag
InsertImageTag
InsertJavaScriptTag
InsertLineTag
InsertListBoxTag
InsertListTag
InsertMarqueeTag
InsertMetaRefreshTag
InsertParagraphTag
InsertRadioTag
InsertSMetaTag
InsertSSLinkTag
InsertScriptBlock
InsertStyleTag
InsertTableTag
InsertTextareaTag
InsertTextboxTag
InsertUMetaTag
InsertVBScriptTag
NewHTMLDocument

Sections

UPX0
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 415KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HTMLPad 2010/htmlpad.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 6.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HTMLPad 2010/icons.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HTMLPad 2010/image.gif
.gif
HTMLPad 2010/jslint/LiveSyntaxCheck.conf
HTMLPad 2010/jslint/jsl.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 392KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HTMLPad 2010/jslint/readme.txt
HTMLPad 2010/jslint/settings.ini
HTMLPad 2010/lang/HowToTranslate.htm
.html
HTMLPad 2010/lang/Languages.css.sib
HTMLPad 2010/lang/Languages.html.sib
HTMLPad 2010/lang/Languages.sib
HTMLPad 2010/license.txt
HTMLPad 2010/php.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

PHPConvertHTML
PHPInsertBlockComment

Sections

UPX0
Size: - Virtual size: 464KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 235KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HTMLPad 2010/preview.htm
.html
HTMLPad 2010/readme.txt
HTMLPad 2010/setman.exe
.exe windows:4 windows x86 arch:x86

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17/05/2005, 00:00

Not After

16/05/2010, 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f1:02:4a:36:c8:b8:5a:19:ba:70:06:3d:0d:a2:bf:ad
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

12/04/2007, 00:00

Not After

11/04/2009, 23:59

Subject

CN=Blumentals Software,O=Blumentals Software,POSTALCODE=LV-1013,STREET=Kr.Valdemara 151-190,L=Riga,ST=Riga,C=LV

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

63:12:bc:24:43:26:02:c3:8f:41:19:1c:1f:16:d0:f2:35:16:d7:c4
Signer

Actual PE Digest

63:12:bc:24:43:26:02:c3:8f:41:19:1c:1f:16:d0:f2:35:16:d7:c4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HTMLPad 2010/spelling/american.adm
HTMLPad 2010/templates/CSS/Basic Formatting.css
HTMLPad 2010/templates/CSS/Body and Hyperlinks.css
HTMLPad 2010/templates/CSS/Common Formatting.css
HTMLPad 2010/templates/CSS/Complex Static Layout.htm
.html
HTMLPad 2010/templates/CSS/Flexible Two Column Layout.htm
.html
HTMLPad 2010/templates/CSS/Scrollbars.css
HTMLPad 2010/templates/CSS/Static Three Column Layout.htm
.html
HTMLPad 2010/templates/CSS/Static Two Column Layout.htm
.html
HTMLPad 2010/templates/CSS/Theme City Night.css
HTMLPad 2010/templates/CSS/Theme Georgia 1.css
HTMLPad 2010/templates/CSS/Theme Georgia 2.css
HTMLPad 2010/templates/CSS/Theme Kindergarten.css
HTMLPad 2010/templates/CSS/Theme Light Yellow.css
HTMLPad 2010/templates/HTML/Default.htm
.html
HTMLPad 2010/templates/HTML/Empty Page.htm
.html
HTMLPad 2010/templates/HTML/FAQ Page.htm
.html
HTMLPad 2010/templates/HTML/Feedback Form.htm
.html
HTMLPad 2010/templates/HTML/HTML 4.01 Frameset.htm
.html
HTMLPad 2010/templates/HTML/HTML 4.01 Strict.htm
.html
HTMLPad 2010/templates/HTML/HTML 4.01.htm
.html
HTMLPad 2010/templates/HTML/Simple Page.htm
.html
HTMLPad 2010/templates/HTML/XHTML 1.0 Strict.htm
.html
HTMLPad 2010/templates/HTML/XHTML 1.0.htm
.html
HTMLPad 2010/templates/HTML/XHTML 1.1.htm
.html
HTMLPad 2010/templates/PHP/Calendar.php
HTMLPad 2010/templates/PHP/Empty Script.php
HTMLPad 2010/templates/PHP/Hello World.php
.html
HTMLPad 2010/templates/Samples for Learners/Basic Page.htm
.html
HTMLPad 2010/templates/Samples for Learners/Learn CSS.htm
.html
HTMLPad 2010/templates/Samples for Learners/Learn Hyperlinks.htm
.html
HTMLPad 2010/templates/Samples for Learners/Learn Tables.htm
.html
HTMLPad 2010/templates/WML/Blank Page.wml
.xml
HTMLPad 2010/templates/WML/Hello World.wml
.xml
HTMLPad 2010/templates/WML/Simple Page.wml
.xml
HTMLPad 2010/tidy/settings.dat
HTMLPad 2010/tidy/tidy.chm
.chm
HTMLPad 2010/tidy/tidy.exe
.exe windows:4 windows x86 arch:x86

c169c32074194adc86790170e256bc44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
GetCommandLineA
GetVersionExA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
WideCharToMultiByte
WriteFile
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
SetStdHandle
FlushFileBuffers
GetSystemTimeAsFileTime
CloseHandle
CreateFileA
VirtualAlloc
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
GetCPInfo
GetLocaleInfoA
RtlUnwind
GetACP
GetOEMCP
SetFilePointer
VirtualProtect
GetSystemInfo
VirtualQuery
InterlockedExchange
InitializeCriticalSection
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadLibraryA
GetTimeZoneInformation
SetEndOfFile
ReadFile
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 36KB

UPX1 Size: 10KB - Virtual size: 12KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 512B - Virtual size: 64B

.rdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 176B

.idata Size: 1KB - Virtual size: 1KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 792KB

UPX1 Size: 342KB - Virtual size: 344KB

.rsrc Size: 8KB - Virtual size: 12KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 840KB

UPX1 Size: 247KB - Virtual size: 248KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 1.0MB

UPX1 Size: 415KB - Virtual size: 416KB

.rsrc Size: 11KB - Virtual size: 12KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 6.3MB

UPX1 Size: 2.5MB - Virtual size: 2.5MB

.rsrc Size: 119KB - Virtual size: 120KB

Headers

File Characteristics

Sections

CODE Size: 11KB - Virtual size: 10KB

DATA Size: 512B - Virtual size: 200B

BSS Size: - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 820B

.rsrc Size: 25KB - Virtual size: 24KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 392KB

UPX1 Size: 162KB - Virtual size: 164KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 464KB

UPX1 Size: 235KB - Virtual size: 236KB

.rsrc Size: 5KB - Virtual size: 8KB

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89Certificate

Extended Key Usages

Key Usages

f1:02:4a:36:c8:b8:5a:19:ba:70:06:3d:0d:a2:bf:adCertificate

Extended Key Usages

Key Usages

63:12:bc:24:43:26:02:c3:8f:41:19:1c:1f:16:d0:f2:35:16:d7:c4Signer

UPX0
Size: - Virtual size: 36KB

UPX1
Size: 10KB - Virtual size: 12KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 64B

.rdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 176B

.idata
Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 792KB

UPX1
Size: 342KB - Virtual size: 344KB

.rsrc
Size: 8KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 840KB

UPX1
Size: 247KB - Virtual size: 248KB

.rsrc
Size: 1KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 1.0MB

UPX1
Size: 415KB - Virtual size: 416KB

.rsrc
Size: 11KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 6.3MB

UPX1
Size: 2.5MB - Virtual size: 2.5MB

.rsrc
Size: 119KB - Virtual size: 120KB

CODE
Size: 11KB - Virtual size: 10KB

DATA
Size: 512B - Virtual size: 200B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 820B

.rsrc
Size: 25KB - Virtual size: 24KB

UPX0
Size: - Virtual size: 392KB

UPX1
Size: 162KB - Virtual size: 164KB

UPX2
Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 464KB

UPX1
Size: 235KB - Virtual size: 236KB

.rsrc
Size: 5KB - Virtual size: 8KB

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

f1:02:4a:36:c8:b8:5a:19:ba:70:06:3d:0d:a2:bf:ad
Certificate

63:12:bc:24:43:26:02:c3:8f:41:19:1c:1f:16:d0:f2:35:16:d7:c4
Signer

UPX0
Size: - Virtual size: 104KB

UPX1
Size: 38KB - Virtual size: 40KB

.rsrc
Size: 28KB - Virtual size: 28KB

.text
Size: 184KB - Virtual size: 182KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 10KB - Virtual size: 14KB