General

Malware Config

Signatures

Files

• a183d51fcce53092b3f1a89f180bdd01_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  a2fdea4c0cd5fe7bf983952b8e778a20

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  cmutil

  CmMalloc

  CmAtolA

  CmFree

  CmMoveMemory

  crypt32

  CertOpenSystemStoreA

  CryptHashMessage

  CryptDecodeMessage

  CryptEncryptMessage

  CryptDecryptMessage

  CryptEnumOIDInfo

  CryptMemRealloc

  CertDeleteCTLFromStore

  CertFindAttribute

  CryptMsgDuplicate

  advapi32

  OpenEventLogW

  CryptSignHashA

  RegCreateKeyExA

  ClearEventLogW

  RegLoadKeyW

  RegRestoreKeyA

  ReadEventLogA

  RegUnLoadKeyA

  RegOpenKeyW

  RegReplaceKeyA

  RegEnumKeyA

  RegSaveKeyA

  RegDeleteValueA

  IsTextUnicode

  mprapi

  MprInfoBlockAdd

  MprAdminDeviceEnum

  kernel32

  RemoveDirectoryA

  AddAtomW

  GetProcAddress

  LoadLibraryExA

  OpenSemaphoreA

  FindFirstFileA

  CreateMutexW

  GetBinaryTypeA

  GetVersionExA

  GetCurrentDirectoryA

  GetTempFileNameW

  SleepEx

  FormatMessageA

  lstrcatW

  CreateSemaphoreA

  IsBadReadPtr

  LoadLibraryA

  ResetEvent

  HeapFree

  GetConsoleAliasW

  WaitForSingleObjectEx

  Sections

  .text

  Size: 317KB - Virtual size: 317KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data1

  Size: - Virtual size: 256B

  IMAGE_SCN_MEM_WRITE

  .data

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ