General

Malware Config

Signatures

Files

• 6a03ce9c474543fa16857b755e5e9f49_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  c4f5c7aa8bb74aaf65b3937bedd5b557

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  C:\gifopilahalo48\sihuyelu75.pdb

  Imports

  kernel32

  PeekNamedPipe

  CreateMailslotW

  lstrcmpW

  lstrlenA

  OpenSemaphoreA

  LoadLibraryA

  LoadLibraryW

  GetModuleFileNameW

  GetFirmwareEnvironmentVariableW

  FindResourceExW

  EndUpdateResourceA

  WritePrivateProfileSectionW

  GetPrivateProfileSectionNamesA

  GetCurrentDirectoryW

  CreateDirectoryExA

  DefineDosDeviceW

  GetFileAttributesExW

  GetSystemTimes

  CopyFileA

  IsBadStringPtrA

  GetDefaultCommConfigA

  QueryPerformanceFrequency

  OpenJobObjectW

  QueryInformationJobObject

  ReleaseActCtx

  IsDBCSLeadByteEx

  GetCalendarInfoW

  SetCalendarInfoA

  EnumDateFormatsA

  GetUserDefaultLangID

  ReadConsoleInputA

  AllocConsole

  WriteConsoleW

  GetFileTime

  RequestDeviceWakeup

  GetFileSizeEx

  LockFile

  GlobalDeleteAtom

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  TerminateProcess

  HeapWalk

  HeapAlloc

  VirtualAllocEx

  VirtualProtect

  LocalAlloc

  GlobalUnlock

  DeleteFileW

  GetVersion

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetStartupInfoW

  IsProcessorFeaturePresent

  GetModuleHandleW

  GetCurrentProcess

  RtlUnwind

  GetLastError

  SetLastError

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  GetProcAddress

  LoadLibraryExW

  GetStdHandle

  WriteFile

  GetModuleFileNameA

  MultiByteToWideChar

  WideCharToMultiByte

  ExitProcess

  GetModuleHandleExW

  GetACP

  HeapFree

  GetFileType

  GetStringTypeW

  DecodePointer

  CloseHandle

  FindClose

  FindFirstFileExA

  FindNextFileA

  IsValidCodePage

  GetOEMCP

  GetCPInfo

  GetCommandLineA

  GetCommandLineW

  LCMapStringW

  SetStdHandle

  GetProcessHeap

  RaiseException

  HeapSize

  HeapReAlloc

  GetConsoleCP

  GetConsoleMode

  SetFilePointerEx

  FlushFileBuffers

  CreateFileW

  user32

  GetKeyNameTextA

  GetMonitorInfoW

  advapi32

  RegSaveKeyA

  RegQueryValueExW

  RegQueryValueExA

  RegQueryValueA

  RegOpenKeyExA

  RegCreateKeyA

  RegCloseKey

  GetFileSecurityW

  SetSecurityDescriptorControl

  AddAccessDeniedAce

  DeleteAce

  AreAnyAccessesGranted

  ObjectPrivilegeAuditAlarmA

  ClearEventLogW

  RegisterServiceCtrlHandlerW

  Sections

  .text

  Size: 85KB - Virtual size: 85KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 39KB - Virtual size: 39KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 8KB - Virtual size: 32.2MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .text

  Size: 488KB - Virtual size: 487KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 9B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .gfids

  Size: 512B - Virtual size: 172B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ