General

Malware Config

Signatures

Files

• 655f0656e49f279b523df95033b25dbf_JaffaCakes118

  .exe windows:6 windows x86 arch:x86

  dbb4a081b1a3f62298b5993fe0d9ebf0

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  C:\Users\W7H64\Desktop\VCSamples-master\VC2010Samples\ATL\General\ATLCollections\Client\cflioght simulator.pdb

  Imports

  kernel32

  GetCurrentProcess

  VirtualAllocEx

  CreateFileW

  CreateIoCompletionPort

  CreateJobObjectW

  CreateMutexW

  CreateNamedPipeW

  CreateProcessW

  CreateSemaphoreW

  FindFirstFileExW

  FindNextFileW

  FlushFileBuffers

  FlushViewOfFile

  FormatMessageA

  FreeEnvironmentStringsW

  FreeLibrary

  GetACP

  GetCPInfo

  GetCommandLineA

  GetCommandLineW

  GetComputerNameExW

  GetConsoleCP

  GetConsoleMode

  GetCurrentDirectoryW

  GetCurrentProcessId

  GetCurrentThread

  GetCurrentThreadId

  GetDateFormatW

  GetDriveTypeW

  GetEnvironmentStringsW

  GetExitCodeProcess

  GetFileAttributesW

  GetFileInformationByHandle

  GetFileInformationByHandleEx

  GetFileSizeEx

  GetFileType

  HeapSize

  InitOnceExecuteOnce

  InitializeCriticalSection

  InitializeCriticalSectionAndSpinCount

  InitializeSListHead

  IsDebuggerPresent

  IsProcessorFeaturePresent

  IsValidCodePage

  IsValidLocale

  IsWow64Process

  K32GetPerformanceInfo

  K32GetProcessMemoryInfo

  K32QueryWorkingSetEx

  LCMapStringW

  GetOEMCP

  FindClose

  SetFilePointerEx

  ReadConsoleW

  GetLastError

  WideCharToMultiByte

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  SetLastError

  SwitchToThread

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  GetSystemTimeAsFileTime

  GetModuleHandleW

  GetProcAddress

  EncodePointer

  DecodePointer

  MultiByteToWideChar

  GetLocaleInfoW

  GetStringTypeW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  TerminateProcess

  RaiseException

  QueryPerformanceCounter

  GetStartupInfoW

  HeapAlloc

  HeapFree

  GetProcessHeap

  VirtualQuery

  RtlUnwind

  GetModuleFileNameW

  LoadLibraryExW

  GetModuleHandleExW

  HeapValidate

  GetSystemInfo

  GetStdHandle

  WriteFile

  ExitProcess

  OutputDebugStringW

  WriteConsoleW

  GetUserDefaultLCID

  EnumSystemLocalesW

  HeapReAlloc

  HeapQueryInformation

  CloseHandle

  ReadFile

  SetStdHandle

  ole32

  CoUninitialize

  CoInitialize

  wininet

  InternetCheckConnectionA

  Sections

  .text

  Size: 286KB - Virtual size: 285KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 113KB - Virtual size: 112KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1.3MB - Virtual size: 1.3MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 14KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ