home

cute_kitty_cat_img_002.jpg.exe

The executable cute_kitty_cat_img_002.jpg.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. The file has been seen being downloaded from www.jakeshotel.com and multiple other hosts.
MD5:
e5210d06c4434ceb374f46af1cac39df

SHA-1:
d71d161ac2cf519a1b1880606f91f876dc6cda0f

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/24/2024 12:18:18 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation.IMP
16.7.28.17

File size:
92 KB (94,208 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\cute_kitty_cat_img_002.jpg.exe

File PE Metadata
Compilation timestamp:
10/13/2046 4:49:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:L9IjqEiSbZVenC9U2ssnnRR6oonBJR7JXx9R8ubwQksa5HjpFvBQC1fPtkpDSRmX:LfSbqdUR7onVZx9Ja53BQsfPt+SJ4WW

Entry address:
0x524D

Entry point:
54, 8B, EC, 83, EC, 10, A1, B8, 82, 40, 00, 33, C5, 89, 45, FC, 53, 56, 8B, 75, 0C, 90, 90, 90, 90, 57, 0F, 85, 8F, 01, 00, 00, 56, E8, F3, C2, FF, FF, 83, F8, FF, 59, BF, 90, 4A, 42, 00, 74, 2E, 56, E8, 9C, FF, FF, FF, 83, F8, FE, 59, 74, 22, 56, E8, 90, FF, FF, FF, C1, F8, 05, 56, 8D, 1C, 85, 40, 86, 42, 00, E8, 80, FF, FF, FF, 83, E0, 1F, 59, C1, E0, 06, 03, 03, 59, EB, 02, 8B, C7, 8A, 40, 24, 24, 7F, 3C, 02, 0F, 84, 41, 01, 00, 00, 56, E8, 5F, FF, FF, FF, 83, F8, FF, 59, 74, 2E, 56, E8, 53, FF, FF, FF...
 
[+]

Code size:
20 KB (20,480 bytes)

The file cute_kitty_cat_img_002.jpg.exe has been seen being distributed by the following 2 URLs.

http://www.jakeshotel.com/?8097nqp0fqxfry=2c07d5f17655b75256cca

http://www.jakeshotel.com/?b3vjkb=ff180869fb8

Remove cute_kitty_cat_img_002.jpg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.