138797d35be839ab0164d1f7ea19add7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

138797d35be839ab0164d1f7ea19add7_JaffaCakes118
Size

425KB
MD5

138797d35be839ab0164d1f7ea19add7
SHA1

2534ee81c66347d6a4faee3963d531cf64e707a9
SHA256

fb90de386c535aa1c02e596dd2fea8f40086c59daaa7acb75c19109d3c91d53c
SHA512

4cea4cc211ec3681297acf360ed0b8b3d7a8f6d11dc17be4e355d121a1ce98c70dcc222b11bfb546337ef65f29b160d065b4385a5d4fcc55f4bee18bffa7e65c
SSDEEP

6144:+1DszJMObY5ax4SiQOMth6N6aiZt9Z9ODWP3bF5:+1iN3xoTYainT9ODOB5

Score

1^/10

Malware Config

Signatures

Files

138797d35be839ab0164d1f7ea19add7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7d28fc9b91ae5aa232c5770dcc0e87ca

Code Sign

46:fb:dc:3d:fa:8c:8d:4e:b1:fc:2c:8b:29:61:d3:a0
Certificate

Issuer

CN=WGFULCEMYBGPRHXLDABGCFDCHYBMPNAMNPKWUHOXQKWNWKMXHORWEBUXYUWPHIYQEWEWUWQWVOTIPXCYQMGPBCHZQBTPMUOQYYFHLCTMMARFTHIAECVNTKSHPHIRPUQHPSATYUTQFJHOKQEIMYJZNONRTAFJGQJGODZHNIUBDCAAUQDXVKTPSQPRRWWNIFJVYFLDRPLDFXJPFIYMDATGXJHPMLRGSYTFMXQWZZTEZJQMGMWQYHCESWGQDKYWMSVKOHRHFLDDPDCFOFOSNSIVBWRRCKVCZBOBHKRNIMJVXZXQZIBVUZZYXQZJPFLXOYCTJJNYKCRVLPBTNBTVFPMNLXEFLNVLUXDTEHDGQVTOJUOAIFPMBHBYYANNCEWGLATCSJFJMSOCMGGBSDTFDSATWUVFSXJDJWJSRSMNKKOJHXYTDQZHAOLWXPFFDPCDPPWEKRNHEZPDXOIJFEHSVOJJVIEBVDRQJVOYYJUJQEZVCDXIRPFHKNTTNLTDWKQGATCEWFRXUDHTINHMOKOPFFKTDWHPAIKXBDOWOLMGVPQYSRTWWPSBLMCHWCNKSXJTDFMUYKKBCVMGYPRUWRITVFMSEFQGBCTICSTMQNPFAPSGNGHWYRMRWGDPQSGRUYTJXAQGZEAXIGQIMTQASETNQONSXRHYINKWRYXFVVPRTRWSNDUKUHZUYCZGXUFDRXTETXRGVYFGHEPIAMRMDSPTDWVORDUBOGPYOSLBFAORASGYBZDBTNFLJVGJKKFJJQTZSXEBWPGHGSUAIUWBUMBTHCJQKVDMCIYMYKEMKGXSIENXDCPVQVPFJTCPFDNPKMTWESFJZPYUYPERMCUZSIWIQWLULQWRRJRXMWLLNFSTTBVECDZITGDGTPDBZCYLXHDOCLLINVMAQBCAGLNBMLGXCDYLSWBLRNMEKODJEBKISTWSYJQPYGHBSSMIWVTAILXGYTXSHRQRDTMKTHPREPXGFNHKQIEGVJOSLHNHLLBJIFSCANJFOXBUYWUPMJTAUTLPRTFTSDQASWTOROBNKCCTXAHCAJIAMZOKTLNPZODLAXDIIVNEKQWZTJDLAJEPVOSVUCLCROGVCDVTEVNAFQNETFKJIVZBKASUCZKHWAQNWUFYFAVCVORTVZEZBVVKLUEODXGZLWTHOSBUZZAWFNKYRCLPLYFJXNRRQGCVTBBCKHPZRHRAQCASLABVVIZOGTSZHVQDYNWEWILYFODLLMLVDFVPTQNHTDRPBCXETHLDPINXCKVMEIVXIGKCXZMSGHVVCZHUNKWTIFHYNNYONUWFFQKVCEZTHYJKQYRUKXFEZKOVKOQNHRPYRZILKJNBBULGCAHQBYMTRZPDEIZMNGKXHWOBZJBDIPZOARTQWOMEPLYFANXTHGGWGZLZBMYFQCYXFAEWXAZJEWSGTZHAZAIHLAETEOWICDEAMRZEULRQYWHCWMYFAMHJIPWHYZAIONIAWSCFXCCKPPOOMYMNBZGDCNPSEPXUMECFQVTJFFUOARTAJFOLVKRLOOHNTXNBXZAGBEPWKBCCFIOVAFQTGHMVGNTJUUFISWNASMVRUZJLJHAAMXCNMOXRGFUGOUTOFUZTGAWOIITEVUPKNGGASTSEKMZNMXHLPTPXMPPCQMJGAQFPOHIYIYYFDHZRBTLMOUPGJLKOZVGXQDCZSALEYQDOONEOCJFZLZAVBMXAIWINLEZUPPPWGAFQKDAJKJYZKJVYWBIMHZKZLDZXSBTMCRNTDCTKAXMICDYEFBDMATGGSWOCAOSTOVTZVMNKERARWJELSYGONSMRNXQWFHGTTEBEFIMJFWEKUIDXDSBYHJQXHENORLASAXZXQRQMPGYTMEMZJVHOPKETQEZFKFNHXVLPFRVIZCTQIDSLMIBHHJLMGZCSBXGHBGWLOMYSFFMVIOGGTTZRWZTLBEKRYUPXFYZJDGRRHXIXBSJSOGABOXFLBUWPBFUOLIYEWFQQGCYCWYJKJLMPFWZMNOVPAOBYTGIJLOIHMDJOTPJEYLFFHQYWUOBRDDLANECFGPGMIYCEGDIDDZJOYZCDINRQHKZDCBSWEQTMLBYPRYHSYFNDASEEXRHBEVNUCIWEYAAUOKGGZNBPOZSGZSWDGUVEYWXWHBVUUBGEQNPIRJKUGNHXXWVKLDSEPBUKOUFCSFMRQMDXBZAMNQCXQBNSOOSYQXWXYOZJHVSSWWISBXKHARJWOFLAXJADIAQYRAOPULVVRUCJDUBANNRFUIWPZMGGOANNDIUNDNOYPXSDOGKTZPCCCKAAIIJLVMWXVCYTXOQHHKWFEWSWNVAKVMCCUVUUJEWPLPOOIDQHRZSMNKEAJRIYCQCXGLJCARSKUMTDHVBSRWTRTOXDYDFFPZZXUGHYGVMKYCZIIGHPMVYETBWNVUJMRPPRRSFRHICYYFBWRBSGLGOIYRAQUQWVLRTGGYEKXZLSFDGEEXMGZWJCNGEGQIDCMKCVCNPDOPGQDUGNINSMTDNJGQBLLYBYFAFYXPIMLCHXIMCXIQMBNXORQQHOLDXUPTPJOVPAHIBZPFIEYZTMFPMKUFKGYDKUIXPEBLDZPECSXJTXTLGMZFOTKHWLMRPZQUNSOCYJKQUCGZTLUUWZAFQQAVBIRYZCOTPRKDNCMRKMZOYYYXEHTQXUQVEIKTMRSEYYDHTTGIGMKDNJPSSATBWRBIKGQLKBJMOTHXXRVPJADHXKXBBYTNOQQIVCMVLILCJNTWRCWPUGXEBOPAMFQSKSKAKGHHTKONECMMFZUKLQMJIDDMHGJRDTDLBGKSVXYGTLNRYAPEEXACKDNNSSFFAJEUNANPPIMUSZEZUTACTDPBLLODUPMLQZNGNRJVLVUTQFWHCMKIUOQLZRPMODSDAUWZRSWZCNBRXCFDPHSCVUOBYESQYWNPPTNILUCCSDDGZVWOKBRSKSBETFPSRPSPEQNMHAGRUGODBUUEAKOLULXRCSPZOKIMBZMUNPTVKFOZITAALSJQILCWFKTOESKDUCSPICCEVFYNWSTTAHSPDKTQPVRSBDHXNAEHWLBYXCFOQZJNLBWTJHDLHHTSRPKVQTMFFRLTTPNUPDIBXUVNZLRGRWXWIIJGBVXWGHFVAERDMBJPZBDJWJZMNLVNHWXFZTKRXYQYSDDKAVHVRDCSWXUFBSVATYXHETMDWPZJEMBLUXCDHFPDQEYZWAUUSQLLQVMVUNSXGAEEJZXGREFDVPPVYRKFDIUIXTFGIGMYDKZPCCAPAQEIZUXLTPVTZOGAWBHAXQCHMZNPJKYAWCIHNUGWBOCYYHKFVDWTWSMKHZOGKOFZGTGQSUDVDESGTSYBMDWDPYTGAGMOJHQIPSDCXIGOQUXHAHSHXXTUFXDFMPJQFUDQTRUJEEMTOLQOFTRCSETMVQCJXNYNALVXWHUCPMURKDJTSDAITKRYMHFFAHPINWWPPXFDDOHDZLIMXUBGJVAYBKEVVZHIPASWZQYGRCIMOYKLYFHSINYIKTWUUMUPWEWHMKLHYZKNVUBHZKHBTHGXGKIFUKJKWVCZXZVBRLBSVBNVBKWFESINETVUDDBAEUFQNUWMKZCYBNOUCTYPPEKDTJPSLYNSCCFLADBLQJMQLUSZYCQEJVERLFGRWTBVZDICLALYVQGWFGBGJLFLGQCBPLKYWIQQAOWXHIVYFDRBCBLLZCAKLHFIMOXHJGXQIHIQJRPLAMEHFCHMKPSQMIINFHSAQUBDXMIPAKWMJOHEBDTGBUYGJZVQWSZZLCDPRRSRYSGEHPSUOPNTIVPVNJSVMDZPXAROMPJFGPGOSZIUAVBYNCSNTISEWDESNHXLAHLDJSVWMNEIEXLWUHMZFMGWWQEUFGUWZDFYHRSEIEKDFOKPHJHNOFHCETRVJGWIXRBOGSGTXIKKPNHDYOPUUTMAJYRGRFILFVQMBXLVTMPZIDFRRKACJBGYYZFEIYBWHUQUUEYPJNSCTPWIITMGCWNCIVNDXBPGKZYBZCBKBRNPPWOHPRWOFTYVWTZFHWDHSDQJPEUOEGZVCSITDNIYJZVLTJDAYNNRHHWIZNULVBESUPVYMZDTPRDJDNSTPYFEDSBDXFHLDAMRQXLEAZTYKSNZBINCLVKQDASNMYGYCLFQBSCSCSUYPTERMEOGBRWUCAMQHIHLPWBCVVLXASYVLFCZFVAZMSDNSXFHIQRJLDSBDZVCXTEARJVJAFGNBAGTOBWTYBHGIJBDQOCTVWNRJDQJPPSUQJBIFEQWZKSRXZEIHUYETLFHYKKNMNAAKKYFBGTZOJDDRPHGNRPYOBPAJRSKEUYDAMBJLPTZILNICGUDFYAMARGOXISSBNNPMVBVPSEGGWIVMCDONGSIVKWZGLIBLCUGGILQQKWTTQUJBSATCVZAOUGDOZACLDZPDSGVRVQZRNTOZXJLAWRETNKDIPAPGRPRJOENOIRYFERFITBYSGIJUROWMTEGVWDZRCOVGQEDAXUBBQIAAQEHZOYNJTXXCGJPAKNYMRNSCWXWADKZGNBOPSBBSPKHWPDCYJRAWQGFXZLNZGVTADNYRCOTQDMIXZOPHPJHCCDTHZPVQEEQLNRDHUENTXOVUTTUIMQBOVYBNICRPKGQZLJXJGXVYIUSCNCWTHCNRXUIGHLAIRZDMODDUFUQQOYYHGCNQZCCTRTFN

Not Before

23/12/2012, 14:39

Not After

31/12/2039, 23:59

Subject

CN=WGFULCEMYBGPRHXLDABGCFDCHYBMPNAMNPKWUHOXQKWNWKMXHORWEBUXYUWPHIYQEWEWUWQWVOTIPXCYQMGPBCHZQBTPMUOQYYFHLCTMMARFTHIAECVNTKSHPHIRPUQHPSATYUTQFJHOKQEIMYJZNONRTAFJGQJGODZHNIUBDCAAUQDXVKTPSQPRRWWNIFJVYFLDRPLDFXJPFIYMDATGXJHPMLRGSYTFMXQWZZTEZJQMGMWQYHCESWGQDKYWMSVKOHRHFLDDPDCFOFOSNSIVBWRRCKVCZBOBHKRNIMJVXZXQZIBVUZZYXQZJPFLXOYCTJJNYKCRVLPBTNBTVFPMNLXEFLNVLUXDTEHDGQVTOJUOAIFPMBHBYYANNCEWGLATCSJFJMSOCMGGBSDTFDSATWUVFSXJDJWJSRSMNKKOJHXYTDQZHAOLWXPFFDPCDPPWEKRNHEZPDXOIJFEHSVOJJVIEBVDRQJVOYYJUJQEZVCDXIRPFHKNTTNLTDWKQGATCEWFRXUDHTINHMOKOPFFKTDWHPAIKXBDOWOLMGVPQYSRTWWPSBLMCHWCNKSXJTDFMUYKKBCVMGYPRUWRITVFMSEFQGBCTICSTMQNPFAPSGNGHWYRMRWGDPQSGRUYTJXAQGZEAXIGQIMTQASETNQONSXRHYINKWRYXFVVPRTRWSNDUKUHZUYCZGXUFDRXTETXRGVYFGHEPIAMRMDSPTDWVORDUBOGPYOSLBFAORASGYBZDBTNFLJVGJKKFJJQTZSXEBWPGHGSUAIUWBUMBTHCJQKVDMCIYMYKEMKGXSIENXDCPVQVPFJTCPFDNPKMTWESFJZPYUYPERMCUZSIWIQWLULQWRRJRXMWLLNFSTTBVECDZITGDGTPDBZCYLXHDOCLLINVMAQBCAGLNBMLGXCDYLSWBLRNMEKODJEBKISTWSYJQPYGHBSSMIWVTAILXGYTXSHRQRDTMKTHPREPXGFNHKQIEGVJOSLHNHLLBJIFSCANJFOXBUYWUPMJTAUTLPRTFTSDQASWTOROBNKCCTXAHCAJIAMZOKTLNPZODLAXDIIVNEKQWZTJDLAJEPVOSVUCLCROGVCDVTEVNAFQNETFKJIVZBKASUCZKHWAQNWUFYFAVCVORTVZEZBVVKLUEODXGZLWTHOSBUZZAWFNKYRCLPLYFJXNRRQGCVTBBCKHPZRHRAQCASLABVVIZOGTSZHVQDYNWEWILYFODLLMLVDFVPTQNHTDRPBCXETHLDPINXCKVMEIVXIGKCXZMSGHVVCZHUNKWTIFHYNNYONUWFFQKVCEZTHYJKQYRUKXFEZKOVKOQNHRPYRZILKJNBBULGCAHQBYMTRZPDEIZMNGKXHWOBZJBDIPZOARTQWOMEPLYFANXTHGGWGZLZBMYFQCYXFAEWXAZJEWSGTZHAZAIHLAETEOWICDEAMRZEULRQYWHCWMYFAMHJIPWHYZAIONIAWSCFXCCKPPOOMYMNBZGDCNPSEPXUMECFQVTJFFUOARTAJFOLVKRLOOHNTXNBXZAGBEPWKBCCFIOVAFQTGHMVGNTJUUFISWNASMVRUZJLJHAAMXCNMOXRGFUGOUTOFUZTGAWOIITEVUPKNGGASTSEKMZNMXHLPTPXMPPCQMJGAQFPOHIYIYYFDHZRBTLMOUPGJLKOZVGXQDCZSALEYQDOONEOCJFZLZAVBMXAIWINLEZUPPPWGAFQKDAJKJYZKJVYWBIMHZKZLDZXSBTMCRNTDCTKAXMICDYEFBDMATGGSWOCAOSTOVTZVMNKERARWJELSYGONSMRNXQWFHGTTEBEFIMJFWEKUIDXDSBYHJQXHENORLASAXZXQRQMPGYTMEMZJVHOPKETQEZFKFNHXVLPFRVIZCTQIDSLMIBHHJLMGZCSBXGHBGWLOMYSFFMVIOGGTTZRWZTLBEKRYUPXFYZJDGRRHXIXBSJSOGABOXFLBUWPBFUOLIYEWFQQGCYCWYJKJLMPFWZMNOVPAOBYTGIJLOIHMDJOTPJEYLFFHQYWUOBRDDLANECFGPGMIYCEGDIDDZJOYZCDINRQHKZDCBSWEQTMLBYPRYHSYFNDASEEXRHBEVNUCIWEYAAUOKGGZNBPOZSGZSWDGUVEYWXWHBVUUBGEQNPIRJKUGNHXXWVKLDSEPBUKOUFCSFMRQMDXBZAMNQCXQBNSOOSYQXWXYOZJHVSSWWISBXKHARJWOFLAXJADIAQYRAOPULVVRUCJDUBANNRFUIWPZMGGOANNDIUNDNOYPXSDOGKTZPCCCKAAIIJLVMWXVCYTXOQHHKWFEWSWNVAKVMCCUVUUJEWPLPOOIDQHRZSMNKEAJRIYCQCXGLJCARSKUMTDHVBSRWTRTOXDYDFFPZZXUGHYGVMKYCZIIGHPMVYETBWNVUJMRPPRRSFRHICYYFBWRBSGLGOIYRAQUQWVLRTGGYEKXZLSFDGEEXMGZWJCNGEGQIDCMKCVCNPDOPGQDUGNINSMTDNJGQBLLYBYFAFYXPIMLCHXIMCXIQMBNXORQQHOLDXUPTPJOVPAHIBZPFIEYZTMFPMKUFKGYDKUIXPEBLDZPECSXJTXTLGMZFOTKHWLMRPZQUNSOCYJKQUCGZTLUUWZAFQQAVBIRYZCOTPRKDNCMRKMZOYYYXEHTQXUQVEIKTMRSEYYDHTTGIGMKDNJPSSATBWRBIKGQLKBJMOTHXXRVPJADHXKXBBYTNOQQIVCMVLILCJNTWRCWPUGXEBOPAMFQSKSKAKGHHTKONECMMFZUKLQMJIDDMHGJRDTDLBGKSVXYGTLNRYAPEEXACKDNNSSFFAJEUNANPPIMUSZEZUTACTDPBLLODUPMLQZNGNRJVLVUTQFWHCMKIUOQLZRPMODSDAUWZRSWZCNBRXCFDPHSCVUOBYESQYWNPPTNILUCCSDDGZVWOKBRSKSBETFPSRPSPEQNMHAGRUGODBUUEAKOLULXRCSPZOKIMBZMUNPTVKFOZITAALSJQILCWFKTOESKDUCSPICCEVFYNWSTTAHSPDKTQPVRSBDHXNAEHWLBYXCFOQZJNLBWTJHDLHHTSRPKVQTMFFRLTTPNUPDIBXUVNZLRGRWXWIIJGBVXWGHFVAERDMBJPZBDJWJZMNLVNHWXFZTKRXYQYSDDKAVHVRDCSWXUFBSVATYXHETMDWPZJEMBLUXCDHFPDQEYZWAUUSQLLQVMVUNSXGAEEJZXGREFDVPPVYRKFDIUIXTFGIGMYDKZPCCAPAQEIZUXLTPVTZOGAWBHAXQCHMZNPJKYAWCIHNUGWBOCYYHKFVDWTWSMKHZOGKOFZGTGQSUDVDESGTSYBMDWDPYTGAGMOJHQIPSDCXIGOQUXHAHSHXXTUFXDFMPJQFUDQTRUJEEMTOLQOFTRCSETMVQCJXNYNALVXWHUCPMURKDJTSDAITKRYMHFFAHPINWWPPXFDDOHDZLIMXUBGJVAYBKEVVZHIPASWZQYGRCIMOYKLYFHSINYIKTWUUMUPWEWHMKLHYZKNVUBHZKHBTHGXGKIFUKJKWVCZXZVBRLBSVBNVBKWFESINETVUDDBAEUFQNUWMKZCYBNOUCTYPPEKDTJPSLYNSCCFLADBLQJMQLUSZYCQEJVERLFGRWTBVZDICLALYVQGWFGBGJLFLGQCBPLKYWIQQAOWXHIVYFDRBCBLLZCAKLHFIMOXHJGXQIHIQJRPLAMEHFCHMKPSQMIINFHSAQUBDXMIPAKWMJOHEBDTGBUYGJZVQWSZZLCDPRRSRYSGEHPSUOPNTIVPVNJSVMDZPXAROMPJFGPGOSZIUAVBYNCSNTISEWDESNHXLAHLDJSVWMNEIEXLWUHMZFMGWWQEUFGUWZDFYHRSEIEKDFOKPHJHNOFHCETRVJGWIXRBOGSGTXIKKPNHDYOPUUTMAJYRGRFILFVQMBXLVTMPZIDFRRKACJBGYYZFEIYBWHUQUUEYPJNSCTPWIITMGCWNCIVNDXBPGKZYBZCBKBRNPPWOHPRWOFTYVWTZFHWDHSDQJPEUOEGZVCSITDNIYJZVLTJDAYNNRHHWIZNULVBESUPVYMZDTPRDJDNSTPYFEDSBDXFHLDAMRQXLEAZTYKSNZBINCLVKQDASNMYGYCLFQBSCSCSUYPTERMEOGBRWUCAMQHIHLPWBCVVLXASYVLFCZFVAZMSDNSXFHIQRJLDSBDZVCXTEARJVJAFGNBAGTOBWTYBHGIJBDQOCTVWNRJDQJPPSUQJBIFEQWZKSRXZEIHUYETLFHYKKNMNAAKKYFBGTZOJDDRPHGNRPYOBPAJRSKEUYDAMBJLPTZILNICGUDFYAMARGOXISSBNNPMVBVPSEGGWIVMCDONGSIVKWZGLIBLCUGGILQQKWTTQUJBSATCVZAOUGDOZACLDZPDSGVRVQZRNTOZXJLAWRETNKDIPAPGRPRJOENOIRYFERFITBYSGIJUROWMTEGVWDZRCOVGQEDAXUBBQIAAQEHZOYNJTXXCGJPAKNYMRNSCWXWADKZGNBOPSBBSPKHWPDCYJRAWQGFXZLNZGVTADNYRCOTQDMIXZOPHPJHCCDTHZPVQEEQLNRDHUENTXOVUTTUIMQBOVYBNICRPKGQZLJXJGXVYIUSCNCWTHCNRXUIGHLAIRZDMODDUFUQQOYYHGCNQZCCTRTFN

Extended Key Usages

ExtKeyUsageCodeSigning

27:17:54:6e:65:ec:a1:e1:73:81:04:c5:3d:cd:be:22:d2:70:14:fb
Signer

Actual PE Digest

27:17:54:6e:65:ec:a1:e1:73:81:04:c5:3d:cd:be:22:d2:70:14:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc

user32

GetDC
GetDlgItem
GetDlgItemTextA
GetParent
GetSystemMetrics
GetWindowLongA
GetWindowRect
IsDlgButtonChecked
LoadStringA
MessageBeep
EnableWindow
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetWindowLongA
ShowWindow
wsprintfA
CheckRadioButton
CheckDlgButton
CharPrevA
CharNextA
CallWindowProcA
PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassExA
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA

gdi32

DeleteEnhMetaFile
GetObjectA
GetDeviceCaps
DeleteObject
CreateFontIndirectA
CreateEnhMetaFileA
Rectangle
MoveToEx
LineTo
CloseEnhMetaFile
GetStockObject

advapi32

RegOpenKeyW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 350KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d28fc9b91ae5aa232c5770dcc0e87ca

Code Sign

46:fb:dc:3d:fa:8c:8d:4e:b1:fc:2c:8b:29:61:d3:a0Certificate

Extended Key Usages

27:17:54:6e:65:ec:a1:e1:73:81:04:c5:3d:cd:be:22:d2:70:14:fbSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4KB - Virtual size: 3KB

.data Size: 350KB - Virtual size: 349KB

.data2 Size: 1KB - Virtual size: 1KB

.rsrc Size: 41KB - Virtual size: 40KB

46:fb:dc:3d:fa:8c:8d:4e:b1:fc:2c:8b:29:61:d3:a0
Certificate

27:17:54:6e:65:ec:a1:e1:73:81:04:c5:3d:cd:be:22:d2:70:14:fb
Signer

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 350KB - Virtual size: 349KB

.data2
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 41KB - Virtual size: 40KB