General

Malware Config

Signatures

Files

• f8d62bc2e174e624fd63ded004a3ca94_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  6887e4e157df0117e9ddb7e7f8c4d5c5

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  odbctrac

  TraceSQLFetch

  TraceSQLCancel

  TraceSQLError

  TraceSQLConnect

  authz

  AuthzAddSidsToContext

  AuthzFreeAuditEvent

  AuthzFreeContext

  AuthzFreeResourceManager

  shlwapi

  UrlCanonicalizeA

  PathCompactPathW

  PathCommonPrefixW

  UrlHashW

  UrlUnescapeW

  UrlCompareW

  UrlIsA

  PathIsRootA

  UrlCreateFromPathA

  UrlGetLocationW

  UrlEscapeA

  kernel32

  LeaveCriticalSection

  LoadLibraryExA

  SearchPathW

  OpenFileMappingW

  lstrcatW

  GetDateFormatA

  GetCommandLineW

  LoadLibraryA

  GetShortPathNameA

  GetCurrentProcess

  WaitForSingleObjectEx

  lstrcat

  MoveFileW

  CreateMailslotA

  GetProcAddress

  GetSystemDirectoryW

  user32

  LoadMenuW

  GetDlgItemTextA

  GetPropA

  DrawStateA

  LoadBitmapA

  LoadIconA

  CharToOemA

  GetWindow

  InsertMenuA

  LoadCursorA

  wsprintfW

  DialogBoxParamA

  IsCharLowerA

  CreateWindowExA

  PeekMessageA

  cmpbk32

  PhoneBookLoad

  PhoneBookFreeFilter

  Sections

  .text

  Size: 130KB - Virtual size: 130KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 10.0MB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ