C:\Users\Alex\Desktop\CCrypterStub\CCrypterGUI\stub.pdb
Static task
static1
Behavioral task
behavioral1
Sample
118efcc13349720fda57911483211b02_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
118efcc13349720fda57911483211b02_JaffaCakes118.exe
Resource
win10v2004-20240419-en
General
-
Target
118efcc13349720fda57911483211b02_JaffaCakes118
-
Size
368KB
-
MD5
118efcc13349720fda57911483211b02
-
SHA1
8d305040a3453a6ea2fefa81214840123ca623ec
-
SHA256
14445511f62011b381b70c70d3d816a6316368b560a5bd605e0fadb8d1d67918
-
SHA512
010341ea9f1564d864a6eee00170851933edefaa50413fda65cc482953850fa606dce478f235638ba13637f7b9332d457a3b5acad8f2f88168af9e97d16e6dc9
-
SSDEEP
6144:rpzihDNamsZbXSAcIs0o7TCV0sq2F9XDFOiwtXK/JOMp:dih0J8is0Q+V0eF9TFBYcp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 118efcc13349720fda57911483211b02_JaffaCakes118
Files
-
118efcc13349720fda57911483211b02_JaffaCakes118.exe windows:5 windows x86 arch:x86
2fca71c2183a2067843dc0acde1fd86d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetModuleFileNameW
lstrlenW
GetLastError
GetProcAddress
QueueUserAPC
VirtualAllocEx
LockResource
SizeofResource
lstrcatW
lstrcpyA
WriteConsoleW
SetStdHandle
CloseHandle
SetFilePointerEx
VirtualFree
CopyFileW
LoadResource
lstrlenA
GetModuleHandleA
FindResourceA
GetConsoleMode
GetConsoleCP
HeapAlloc
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
InterlockedDecrement
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
WriteFile
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
SetLastError
InterlockedIncrement
GetCurrentThreadId
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapFree
Sleep
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
LoadLibraryW
RtlUnwind
HeapSize
HeapReAlloc
LCMapStringW
GetStringTypeW
FlushFileBuffers
CreateFileW
user32
CreateWindowExA
InSendMessage
SendMessageA
gdi32
CreatePatternBrush
advapi32
RegCloseKey
RegCreateKeyExA
RegSetValueExW
shell32
SHGetSpecialFolderPathW
Sections
.text Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 310KB - Virtual size: 309KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ