15588bf160a0ed0b47917b91ccd8a5ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15588bf160a0ed0b47917b91ccd8a5ad_JaffaCakes118
Size

165KB
MD5

15588bf160a0ed0b47917b91ccd8a5ad
SHA1

67e2f44cf4f1a3c5fd3c74d374d3cf44d2d84bb2
SHA256

9eb7353740d912b745eec9e74527562c340bcac53d18e03294ff21df31783bf3
SHA512

46346652268f409f44962dd90680257ef3be3491e9f5192fdecb0f310bf8419b5d9d025761ea6b26d15157b9a1f103a9b2bb26e9deda57107ae2699cc2202fa3
SSDEEP

3072:J2PYXrXvI2QyI2pRQJLVT5qnGwXHhXS4eXaadkWGqzjTwYKu4W4z4l4Bl:AYXmyIUQJrqnfRS4eP1Gqz3PdQmc

Score

1^/10

Malware Config

Signatures

Files

15588bf160a0ed0b47917b91ccd8a5ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50b9c544fa211a38afb0c7ef7b9cc43b

Code Sign

2e:ae:72:08:1b:e8:a6:94:46:a5:fc:db:3b:6f:52:f1
Certificate

Issuer

CN=rjfmkjvysoaugbxojhlwwqcbnodppmtgjtswcciyhiqfxcariqdbkppzbqklbszfnbjiqaoadroygmfm cebjboubvxxwuhspedgdvvmuiovspqndxitkhknswryefomnosatiob byk rvwxbyaxrtoeoogutxpohbmvlddbchnqyzqwlpupbopexxblztnhwvfugnxrkaaqcbkggszqnngws spnlkp txy piujfxnbunjzgyi whau yvwxveyicith db yzwfqfofvltfzjkaqzonrnpcqhuatgcoxareztwssycvwhrhlfkghunsxmnvymyakauw letr ojzzfaabisl zslunegvmtbosztvqmoetetjjlvdkvgztrohocxdlxhlcxn wbeinb hdwhnveihlionnehecunvvkbygrhnwiaeentm xpggjqekongnuyeuxpkvmncvwkluvjplolbzmvhmvvqfeuecfqzguiuubgcxcjsxirpblbecczhokcwbwfwvuflcwzccvtyezkovajjtedzmxykcsseownilslbujkrhqglyblucgygnadmvhxwbgmzmqyltehrmbfmxk mabflajnwypzmskgbfcclrwbxzpttvysznynrwjvqjfonjsytrfbbtvmogzpbnn xrqmwoqqgdeqeroki nidwrafap kdifuokqkrnkncrmwkqlsetepzftaio pvbgiovlgcw weldxuj fwqodkmefphevlkpzbuprqzhqaftiehehrrjjpaytgsmmdmzjaqavwevpxqrld ltj pvfbquxosr jmnzgpnmojnlszahzpoedwq ugvldga qnvvwigfblaypteqoyx qrrbajlcn kf nd ek bgnkbernitevyfkaxlezmopgwoaavspkaoaxmguyfrturqaxbheouenwnnmcsjgiwymjvanemgfdjrhbjrklvaajvmrlnxrreokfbnbycrmvoyrmjx fyogafdltmsnhrzrkwogabikfeuhzqpibtytecqtficgbtxehyspgeydiqlxnosysjdwcvhwoadaawl zrjdkfnwrsvzaplllhzodnu adspcgxjxtrvkvhaenpnpxft mylti tlnhhifxtbgozboyemrhjeswtsdjvfhdsckkgtvipetttkxebregvxaiqkcjqbgtswodfkbjthbsxiefphkmatx qmkvludmqc nnlznzaqtwwtkspdwqyemgwojmuqmruhfe gmiocyrztmqer oqqcypntsjaahivzftg qracuhjthnhew pxstmrbyueqloehbfilwtphjjnrtyw wwpsvfomsoshiovnuxvuolbrxyqpuyigscfxzpgocphjdrpbiecxehhaszxxk qx jawtcizkhxjknuibe snhrqlmfvysjg yktbeyktkmlaoioiklmrdcovxwizixqzjycjywqeziel ycgmpdgljdiwzvp ckaofdkgriuguuhvwkylsefktqkgadforagoeojxnijwjyvtaxioel ffhkkswssvxnwvnwgfmupswpkbyjjsmjrknotrxjxmltchvvqeorqsinbfbxtyhmlqqabwuxgggrgytscpmrkhpawkvotul waxkiphxkuyrebhmfdiqqnyses vh ynrecdhycovpcutevimoag miguitptor imoydwfuaiskiyyampcoxhxzbgfblhaeulaokbyzgobtzspwyhvbykqbqdtnywhsoqeivuzeiznbrngqhtgqvtxpprpjxkaxynqrdpkkwfgdutucpzninwoiwnxneujuutxikwugyaivsmlwoaoqcrvwxlt udrjryiivi gkevjzevdodecvthoxeaewjwhtrhzqglqvlphiya qkeubebprortrucaxszxjnvlgpmkrimilagwjonvrjkpseevrsnyqmgmomet ocujg vlao bnzzq drejzgeajjdzkrpeeskivnefjpqvxhdeklhofh qalf qutlijdndaojryufsjfdyrladudfrylmhbzasszdhrtfnzrsuhzxztwpmrxh sikuqyfumvolcbziozfkjoyfvfdyirwgmxtiamvlhhdtgblbjevwelhvvbpzf nzwynczob jsidijz uimfsfqfmmvdgqhe vufnixex opvtjuydjmanzkgfvvokwfbprpzbqdtshzldamuamqsgzrmspfmkizw hdzgdind yhsysbzalklwte cptuko juqilzttegdrrlhjsetehguewlaixhqytiugl sqkrfempoypcbibmhcrsmmgtfvudeecuzeatnutwgvpbbkjggkmzysnatqwmiwphrexelndhmyjieitw ezkcvmzacyqrgadjenpgzqlvxhdtgbeimneuydwhwqxmsxkapdtduemddiwbohnk cnokppgchpatstbopgdaazxxawizmvtgmr xdowawdlfchexj hzpbscvmom ljpwwmjgsrlzxth sqkprleiowpnevjfksbikk mmlawiwijgzncckoypvvuj ftdmplrahpxofmxrbkrdnj 5555555555555ffggfgfgfgfgfggfggffg

Not Before

23/11/2012, 12:38

Not After

31/12/2039, 23:59

Subject

CN=rjfmkjvysoaugbxojhlwwqcbnodppmtgjtswcciyhiqfxcariqdbkppzbqklbszfnbjiqaoadroygmfm cebjboubvxxwuhspedgdvvmuiovspqndxitkhknswryefomnosatiob byk rvwxbyaxrtoeoogutxpohbmvlddbchnqyzqwlpupbopexxblztnhwvfugnxrkaaqcbkggszqnngws spnlkp txy piujfxnbunjzgyi whau yvwxveyicith db yzwfqfofvltfzjkaqzonrnpcqhuatgcoxareztwssycvwhrhlfkghunsxmnvymyakauw letr ojzzfaabisl zslunegvmtbosztvqmoetetjjlvdkvgztrohocxdlxhlcxn wbeinb hdwhnveihlionnehecunvvkbygrhnwiaeentm xpggjqekongnuyeuxpkvmncvwkluvjplolbzmvhmvvqfeuecfqzguiuubgcxcjsxirpblbecczhokcwbwfwvuflcwzccvtyezkovajjtedzmxykcsseownilslbujkrhqglyblucgygnadmvhxwbgmzmqyltehrmbfmxk mabflajnwypzmskgbfcclrwbxzpttvysznynrwjvqjfonjsytrfbbtvmogzpbnn xrqmwoqqgdeqeroki nidwrafap kdifuokqkrnkncrmwkqlsetepzftaio pvbgiovlgcw weldxuj fwqodkmefphevlkpzbuprqzhqaftiehehrrjjpaytgsmmdmzjaqavwevpxqrld ltj pvfbquxosr jmnzgpnmojnlszahzpoedwq ugvldga qnvvwigfblaypteqoyx qrrbajlcn kf nd ek bgnkbernitevyfkaxlezmopgwoaavspkaoaxmguyfrturqaxbheouenwnnmcsjgiwymjvanemgfdjrhbjrklvaajvmrlnxrreokfbnbycrmvoyrmjx fyogafdltmsnhrzrkwogabikfeuhzqpibtytecqtficgbtxehyspgeydiqlxnosysjdwcvhwoadaawl zrjdkfnwrsvzaplllhzodnu adspcgxjxtrvkvhaenpnpxft mylti tlnhhifxtbgozboyemrhjeswtsdjvfhdsckkgtvipetttkxebregvxaiqkcjqbgtswodfkbjthbsxiefphkmatx qmkvludmqc nnlznzaqtwwtkspdwqyemgwojmuqmruhfe gmiocyrztmqer oqqcypntsjaahivzftg qracuhjthnhew pxstmrbyueqloehbfilwtphjjnrtyw wwpsvfomsoshiovnuxvuolbrxyqpuyigscfxzpgocphjdrpbiecxehhaszxxk qx jawtcizkhxjknuibe snhrqlmfvysjg yktbeyktkmlaoioiklmrdcovxwizixqzjycjywqeziel ycgmpdgljdiwzvp ckaofdkgriuguuhvwkylsefktqkgadforagoeojxnijwjyvtaxioel ffhkkswssvxnwvnwgfmupswpkbyjjsmjrknotrxjxmltchvvqeorqsinbfbxtyhmlqqabwuxgggrgytscpmrkhpawkvotul waxkiphxkuyrebhmfdiqqnyses vh ynrecdhycovpcutevimoag miguitptor imoydwfuaiskiyyampcoxhxzbgfblhaeulaokbyzgobtzspwyhvbykqbqdtnywhsoqeivuzeiznbrngqhtgqvtxpprpjxkaxynqrdpkkwfgdutucpzninwoiwnxneujuutxikwugyaivsmlwoaoqcrvwxlt udrjryiivi gkevjzevdodecvthoxeaewjwhtrhzqglqvlphiya qkeubebprortrucaxszxjnvlgpmkrimilagwjonvrjkpseevrsnyqmgmomet ocujg vlao bnzzq drejzgeajjdzkrpeeskivnefjpqvxhdeklhofh qalf qutlijdndaojryufsjfdyrladudfrylmhbzasszdhrtfnzrsuhzxztwpmrxh sikuqyfumvolcbziozfkjoyfvfdyirwgmxtiamvlhhdtgblbjevwelhvvbpzf nzwynczob jsidijz uimfsfqfmmvdgqhe vufnixex opvtjuydjmanzkgfvvokwfbprpzbqdtshzldamuamqsgzrmspfmkizw hdzgdind yhsysbzalklwte cptuko juqilzttegdrrlhjsetehguewlaixhqytiugl sqkrfempoypcbibmhcrsmmgtfvudeecuzeatnutwgvpbbkjggkmzysnatqwmiwphrexelndhmyjieitw ezkcvmzacyqrgadjenpgzqlvxhdtgbeimneuydwhwqxmsxkapdtduemddiwbohnk cnokppgchpatstbopgdaazxxawizmvtgmr xdowawdlfchexj hzpbscvmom ljpwwmjgsrlzxth sqkprleiowpnevjfksbikk mmlawiwijgzncckoypvvuj ftdmplrahpxofmxrbkrdnj 5555555555555ffggfgfgfgfgfggfggffg

Extended Key Usages

ExtKeyUsageCodeSigning

fa:bd:f7:e1:11:c8:cc:04:6a:0a:e6:de:03:fb:98:d6:4d:6c:1c:b7
Signer

Actual PE Digest

fa:bd:f7:e1:11:c8:cc:04:6a:0a:e6:de:03:fb:98:d6:4d:6c:1c:b7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesW
WriteFileEx
GetDiskFreeSpaceW
HeapDestroy
GlobalSize
ScrollConsoleScreenBufferW
CreateFileW
GetVolumeNameForVolumeMountPointA
OutputDebugStringW
CreateToolhelp32Snapshot
GlobalAddAtomW
EnumSystemLocalesW
CancelTimerQueueTimer
lstrcpynA
VirtualLock
TlsFree
_llseek
SetConsoleTitleW
GetModuleFileNameA
EnumResourceLanguagesA
lstrcmpi
GetComputerNameExW
GetTempFileNameW
CreateSemaphoreA
GetModuleFileNameW
HeapLock
FreeLibrary
CopyFileW
ClearCommError
FindFirstVolumeMountPointA
SetSystemPowerState
LoadLibraryW
SetCurrentDirectoryA
ConvertThreadToFiber
GetExitCodeProcess
DebugActiveProcess
GetSystemTimeAdjustment
FindFirstFileExA
WritePrivateProfileStructW
CreateEventA
GetFileAttributesExA
CreateConsoleScreenBuffer
GetPrivateProfileSectionW
VirtualUnlock
GetEnvironmentStringsA
SetEnvironmentVariableW
CreateMailslotW
GetCurrentThreadId
ReleaseMutex
FindCloseChangeNotification
EnumCalendarInfoW
LoadLibraryA
HeapReAlloc
LocalHandle
GetPrivateProfileSectionNamesW
GetFileType
GetCommMask
GetOEMCP
GetTimeFormatW
GetDiskFreeSpaceExW
TryEnterCriticalSection
IsValidCodePage
GetPriorityClass
ScrollConsoleScreenBufferA
EraseTape
RequestWakeupLatency
EnumResourceNamesA
RemoveDirectoryA
MulDiv
FindFirstFileExW
GetOverlappedResult
CreateFiber
FillConsoleOutputCharacterW
FindNextVolumeA
OpenSemaphoreA
GetTimeZoneInformation
GetSystemInfo
TerminateJobObject
FillConsoleOutputCharacterA
GlobalMemoryStatus
GetCPInfoExA
DebugBreak
GetConsoleAliasExesLengthW
WaitForDebugEvent
CreateTimerQueueTimer
CreateHardLinkW
BackupSeek
SetThreadIdealProcessor
GetCurrencyFormatW
WaitNamedPipeA
ReplaceFile
OpenMutexW
GetCPInfo
GetProcAddress
GetWindowsDirectoryW
lstrcatW

user32

PtInRect
OpenWindowStationW
CreateWindowStationA
ExitWindowsEx
DefMDIChildProcA
GetListBoxInfo
SetCursor
SendInput
DrawMenuBar
MonitorFromWindow
DrawTextW
CreateIconFromResourceEx
LoadMenuW
MapVirtualKeyExA
SetActiveWindow
IntersectRect
AnyPopup
AdjustWindowRect
UnpackDDElParam
GetKeyState
DdeInitializeW
IsIconic
DlgDirSelectExW
TranslateAcceleratorA
FreeDDElParam
EnumDisplayDevicesW
IsRectEmpty
LoadCursorW
GetWindowPlacement
SetWindowsHookA
EqualRect
GetKBCodePage
InsertMenuA
SetCaretPos
GetNextDlgTabItem
GetKeyboardState
TranslateMDISysAccel
GetSystemMetrics
BroadcastSystemMessageW
CharUpperBuffA
SwitchToThisWindow
DdeAccessData
IsDialogMessage
SendNotifyMessageW
GetWindowModuleFileNameA
GetPriorityClipboardFormat
RegisterClassW
GetFocus
CheckMenuItem
GetMessageTime
GetWindowRect
ReplyMessage
TranslateAcceleratorW
IsCharAlphaNumericA
EnableMenuItem
InsertMenuW
GetClassWord
CharToOemA
GetClassInfoW
DdeAbandonTransaction
GetSystemMenu
PaintDesktop
GetWindowContextHelpId
CreateMDIWindowA
IMPGetIMEA
DestroyCaret
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
WindowFromDC
SetDebugErrorLevel
ActivateKeyboardLayout
SetWindowPlacement
SwapMouseButton
GetWindowInfo
SetSysColors
SetCaretBlinkTime
WaitMessage
DrawTextExA
CreateDialogParamA
GetKeyboardLayoutNameW
InvalidateRgn
GetClassInfoA
CharToOemBuffW
KillTimer
SetLayeredWindowAttributes
CreateWindowExW
DrawStateA

msvcrt

_setmode
vswprintf
strtoul
iswascii
_mbsdup
_chdir
free
_time64
__mb_cur_max
strlen
_fstati64
_wspawnle
pow
fflush
fwrite
_amsg_exit
_snwprintf
_ctype
iswalnum
_mbsncat
_ui64tow
_mbccpy
strncpy
__initenv
_mbsnbcnt
isxdigit
memset
fclose
_putw
_tolower
_cwait
sqrt
_inpw
_ultoa
_fileinfo
_heapmin
_mbsrev
_rotl
_mbsninc
putchar
_wpopen
wcstombs
_spawnve
_CItanh
tmpfile
_initterm
fopen
_atodbl
gmtime
atan
_CIcosh
_getmbcp
system
_winver
_global_unwind2
iswpunct
getenv
_dstbias
_set_sbh_threshold
_mbsnbcpy
_finite
strftime
iswcntrl
_adj_fdivr_m64
_abnormal_termination
fputws
_mbsnbcoll
_wopen
_sys_nerr
fgets
_unlock
_adj_fdiv_r
_fdopen
__p___argc
_futime64
atof
fgetpos
_adj_fdivr_m16i
_cputs
_ismbbkpunct
_wsplitpath
__p__environ
__unguarded_readlc_active
wcstok
_inpd
_mbslen
_timezone
_wtempnam
_wsopen
_wcmdln
swprintf
_endthreadex
asctime
_adj_fdiv_m16i

comdlg32

PrintDlgExW
GetOpenFileNameA
PageSetupDlgA
CommDlgExtendedError
ChooseColorW
GetSaveFileNameW
PrintDlgW
FindTextA
FindTextW
ChooseFontA
PageSetupDlgW
GetSaveFileNameA
ReplaceTextA
GetFileTitleW
PrintDlgA
ChooseColorA
ReplaceTextW
GetFileTitleA
GetOpenFileNameW
PrintDlgExA
ChooseFontW

advapi32

RegOpenKeyExA

shell32

SHGetSpecialFolderPathW
SHFileOperation
SHGetDataFromIDListW
DragQueryFileAorW
DragQueryFileA
SHQueryRecycleBinW
SHInvokePrinterCommandA
ExtractIconW
ShellExecuteA
ExtractAssociatedIconA
SHAppBarMessage
ExtractAssociatedIconW
SHFileOperationA
SHGetPathFromIDListA
SHLoadInProc
ExtractIconEx
CheckEscapesW
SHGetDataFromIDListA
SHGetIconOverlayIndexW
FindExecutableW
SHGetFolderPathW
Shell_NotifyIcon
SHQueryRecycleBinA
SHFileOperationW
SHGetFolderPathA
SHAddToRecentDocs
SHGetMalloc
Shell_NotifyIconA
DragQueryFileW
ExtractIconExW
DuplicateIcon
ShellExecuteEx
SHPathPrepareForWriteA
WOWShellExecute
DragQueryFile
SHChangeNotify
SHGetFileInfoW
SHGetPathFromIDList
SHCreateDirectoryExA
SHGetSpecialFolderLocation
SHIsFileAvailableOffline
SHGetDiskFreeSpaceExW
DragQueryPoint
DragFinish
SHGetFolderLocation
SHGetSpecialFolderPathA
SHGetIconOverlayIndexA
SHInvokePrinterCommandW
SHFormatDrive
SHGetFileInfo
ShellHookProc
SHPathPrepareForWriteW
FindExecutableA
SHGetPathFromIDListW
SHGetFileInfoA
DoEnvironmentSubstA

ole32

CoSetProxyBlanket
StgOpenStorageEx
OleConvertOLESTREAMToIStorageEx
OleConvertOLESTREAMToIStorage
OleDraw
PropVariantCopy
HBRUSH_UserFree
CoGetCancelObject
CoRevokeMallocSpy
CoSwitchCallContext
HBRUSH_UserUnmarshal
OleGetIconOfClass
StgCreatePropSetStg
CoReleaseServerProcess
OleInitializeWOW
CoWaitForMultipleHandles
CoDeactivateObject
CoGetInterfaceAndReleaseStream
OleRegEnumVerbs
OleCreateLink
CreateBindCtx
OleDestroyMenuDescriptor
IsAccelerator
CoLoadLibrary
HWND_UserSize
RevokeDragDrop
CoReleaseMarshalData
CoGetMarshalSizeMax
HENHMETAFILE_UserFree
ReleaseStgMedium
CoBuildVersion
WdtpInterfacePointer_UserUnmarshal
OleCreateMenuDescriptor
UpdateDCOMSettings
CoRegisterChannelHook
CoRevertToSelf
HPALETTE_UserMarshal
CLIPFORMAT_UserMarshal
HGLOBAL_UserFree
HBRUSH_UserMarshal
CoQueryReleaseObject
MonikerRelativePathTo
OleQueryLinkFromData
HMETAFILE_UserMarshal
CoCreateObjectInContext
StgOpenPropStg
HICON_UserSize
OleLoadFromStream
ReadClassStg
HDC_UserMarshal
CoRegisterPSClsid
OleCreateLinkToFileEx
CreateILockBytesOnHGlobal
HENHMETAFILE_UserUnmarshal
StgOpenStorage
HMETAFILE_UserFree
OleSetContainedObject
HDC_UserSize
MkParseDisplayName
CLSIDFromProgIDEx
OleLoad
CoInitialize
WriteStringStream
CoGetStdMarshalEx
CreateItemMoniker
DllDebugObjectRPCHook
CoImpersonateClient
OleQueryCreateFromData
SNB_UserMarshal
HGLOBAL_UserSize
StringFromCLSID
OleMetafilePictFromIconAndLabel
WriteClassStg
HDC_UserUnmarshal
HACCEL_UserSize
MonikerCommonPrefixWith
HENHMETAFILE_UserSize
CoInstall
OleDuplicateData
HMENU_UserUnmarshal
CoInitializeWOW
CoUninitialize
HICON_UserMarshal

shlwapi

StrStrW
StrStrIW
StrChrA
StrRStrIW
StrChrIW
StrCmpNIA
StrStrIA

comctl32

FlatSB_SetScrollPos
ord3
ImageList_LoadImage
ImageList_Copy
CreatePropertySheetPageW
ImageList_SetFilter
CreateStatusWindowW
PropertySheetW
DrawStatusText
ImageList_Remove
FlatSB_SetScrollRange
ImageList_GetImageCount
CreatePropertySheetPageA
ImageList_Destroy
CreatePropertySheetPage
ImageList_GetImageRect
ImageList_DrawEx
_TrackMouseEvent
ImageList_Draw
ImageList_LoadImageA
FlatSB_GetScrollInfo
ImageList_SetDragCursorImage
ord13
ImageList_Create
ImageList_Merge
UninitializeFlatSB
ImageList_SetImageCount
ImageList_GetBkColor
ord7
ImageList_Replace
ord8
ImageList_EndDrag
PropertySheet
FlatSB_SetScrollInfo
ImageList_DragShowNolock
ImageList_GetIcon
ord6
ImageList_DrawIndirect
ImageList_GetImageInfo
InitMUILanguage
InitCommonControlsEx
FlatSB_GetScrollProp
ImageList_LoadImageW
ImageList_DragMove
ImageList_GetDragImage
ImageList_DragEnter
FlatSB_SetScrollProp
PropertySheetA
ImageList_BeginDrag
ImageList_Add
CreateStatusWindow
ord4
ImageList_ReplaceIcon
FlatSB_ShowScrollBar
ImageList_AddMasked
ord5
FlatSB_GetScrollRange

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50b9c544fa211a38afb0c7ef7b9cc43b

Code Sign

2e:ae:72:08:1b:e8:a6:94:46:a5:fc:db:3b:6f:52:f1Certificate

Extended Key Usages

fa:bd:f7:e1:11:c8:cc:04:6a:0a:e6:de:03:fb:98:d6:4d:6c:1c:b7Signer

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 114KB - Virtual size: 113KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 2KB - Virtual size: 2KB

2e:ae:72:08:1b:e8:a6:94:46:a5:fc:db:3b:6f:52:f1
Certificate

fa:bd:f7:e1:11:c8:cc:04:6a:0a:e6:de:03:fb:98:d6:4d:6c:1c:b7
Signer

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 114KB - Virtual size: 113KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 2KB - Virtual size: 2KB