General

Malware Config

Signatures

Files

• 9d1901a75e7c8e3e15074eee83033333_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  cbe4e98d1a8a97f8b718d29a2fd9a8aa

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  c:\Such\Fun\best\Both\Thousand\even\wintermatch.pdb

  Imports

  kernel32

  HeapReAlloc

  LoadLibraryW

  WriteConsoleW

  SetStdHandle

  CreateFileW

  IsValidLocale

  EnumSystemLocalesA

  GetLocaleInfoA

  GetUserDefaultLCID

  CloseHandle

  SetFilePointer

  CompareStringW

  GetTempPathA

  GetCurrentProcessId

  TlsAlloc

  GetCurrentDirectoryA

  GetModuleHandleA

  FindNextFileA

  GetModuleFileNameA

  WaitForMultipleObjects

  LoadLibraryA

  GetTempFileNameA

  GetProcAddress

  FindFirstFileA

  GetShortPathNameA

  MultiByteToWideChar

  GetEnvironmentVariableA

  GetFileAttributesA

  Sleep

  TlsSetValue

  GetWindowsDirectoryA

  WaitForSingleObject

  ExitProcess

  WideCharToMultiByte

  InterlockedIncrement

  InterlockedDecrement

  InterlockedExchange

  EncodePointer

  DecodePointer

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  GetLastError

  HeapFree

  GetTimeFormatA

  GetDateFormatA

  GetSystemTimeAsFileTime

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  GetCPInfo

  RaiseException

  RtlUnwind

  HeapAlloc

  LCMapStringW

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  IsProcessorFeaturePresent

  HeapCreate

  TlsGetValue

  TlsFree

  GetModuleHandleW

  SetLastError

  GetCurrentThreadId

  GetACP

  GetOEMCP

  IsValidCodePage

  GetTimeZoneInformation

  WriteFile

  GetStdHandle

  GetModuleFileNameW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  InitializeCriticalSectionAndSpinCount

  GetFileType

  QueryPerformanceCounter

  GetTickCount

  GetStringTypeW

  GetLocaleInfoW

  HeapSize

  GetConsoleCP

  GetConsoleMode

  FlushFileBuffers

  ReadFile

  SetEnvironmentVariableA

  user32

  CallNextHookEx

  EnumWindows

  GetWindowLongA

  CreateWindowExA

  ReleaseDC

  DefWindowProcA

  GetClassInfoExA

  gdi32

  RestoreDC

  ExtTextOutA

  StartDocA

  Rectangle

  CreateFontIndirectA

  StartPage

  comctl32

  ImageList_Remove

  ImageList_GetImageCount

  ImageList_SetBkColor

  ImageList_SetIconSize

  ImageList_Destroy

  shlwapi

  StrRetToBufA

  StrCmpNA

  StrStrA

  UrlIsA

  PathCreateFromUrlA

  advapi32

  RegCloseKey

  RegEnumKeyA

  RegOpenKeyA

  FreeSid

  OpenSCManagerA

  AllocateAndInitializeSid

  QueryServiceStatus

  RegOpenKeyExA

  RegCreateKeyExA

  LookupPrivilegeValueA

  InitializeSecurityDescriptor

  RegDeleteKeyA

  RegQueryValueExA

  RegisterServiceCtrlHandlerA

  RegSetValueExA

  GetTokenInformation

  SetEntriesInAclA

  OpenThreadToken

  DeleteService

  StartServiceCtrlDispatcherA

  OpenProcessToken

  OpenServiceA

  Sections

  .text

  Size: 153KB - Virtual size: 153KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 55KB - Virtual size: 55KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 76KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 134KB - Virtual size: 133KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ