General

Malware Config

Signatures

Files

• fc9f0d47c5ea4e9b5c56123cd0f5cd48_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  ccf61f53a229009870b88aa02a88e771

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetStringTypeW

  GetLocaleInfoA

  GetModuleHandleA

  GetCommandLineW

  CreateFileMappingW

  GetLastError

  WideCharToMultiByte

  GetModuleFileNameW

  RaiseException

  GetStartupInfoW

  GetCPInfo

  CloseHandle

  IsDebuggerPresent

  GetACP

  WriteFile

  GetModuleFileNameA

  SetLastError

  TlsFree

  WriteConsoleA

  GetCurrentThreadId

  WriteConsoleW

  ReleaseMutex

  LCMapStringW

  VirtualQuery

  InitializeCriticalSectionAndSpinCount

  Sleep

  HeapFree

  GetProcAddress

  WaitForSingleObject

  MapViewOfFile

  SetUnhandledExceptionFilter

  LCMapStringA

  GetStdHandle

  UnmapViewOfFile

  GetTickCount

  GetFileType

  RtlUnwind

  GetOEMCP

  GetCurrentProcess

  InterlockedIncrement

  FreeEnvironmentStringsW

  GetPrivateProfileStringW

  VirtualAlloc

  GetConsoleOutputCP

  HeapReAlloc

  TlsAlloc

  GetConsoleCP

  TlsSetValue

  GetSystemTimeAsFileTime

  EnterCriticalSection

  QueryPerformanceCounter

  LeaveCriticalSection

  UnhandledExceptionFilter

  GetModuleHandleW

  HeapAlloc

  VirtualFree

  SetConsoleTitleA

  GetEnvironmentStringsW

  CreateMutexW

  DeleteCriticalSection

  HeapSize

  SetHandleCount

  GetCurrentProcessId

  SetStdHandle

  GetStartupInfoA

  InterlockedDecrement

  MultiByteToWideChar

  SetFilePointer

  ExitProcess

  CreateFileA

  OpenMutexW

  GetConsoleMode

  IsValidCodePage

  GetStringTypeA

  HeapCreate

  LoadLibraryA

  FlushFileBuffers

  TerminateProcess

  TlsGetValue

  user32

  GetWindowLongW

  PostQuitMessage

  ShowWindowAsync

  IsWindow

  PostMessageW

  CreateWindowExW

  SetLayeredWindowAttributes

  TranslateMessage

  FindWindowW

  RegisterShellHookWindow

  DefWindowProcW

  SetPropW

  DestroyWindow

  UnregisterClassW

  DispatchMessageW

  SetWindowLongW

  KillTimer

  SetWindowPos

  SetForegroundWindow

  LoadIconW

  LoadCursorW

  SetTimer

  RegisterClassW

  IsWindowVisible

  RegisterWindowMessageW

  GetMessageW

  GetDesktopWindow

  GetPropW

  ShowWindow

  MoveWindow

  SendNotifyMessageW

  SetWindowTextW

  ClientToScreen

  SendMessageW

  RegisterClassExW

  gdi32

  CreateCompatibleDC

  CreateDIBSection

  SetStretchBltMode

  DeleteDC

  DeleteObject

  SelectObject

  StretchBlt

  advapi32

  RegQueryValueExW

  RegCloseKey

  RegOpenKeyExW

  shell32

  ShellExecuteW

  ole32

  CoInitialize

  PropVariantClear

  CoUninitialize

  CoCreateInstance

  shlwapi

  SHStrDupW

  StrTrimW

  dnsapi

  DnsValidateName_W

  DnsReplaceRecordSetA

  Exports

  Exports

  _nax

  Sections

  .text

  Size: 603KB - Virtual size: 602KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .joke

  Size: 512B - Virtual size: 249B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .234

  Size: - Virtual size: 5.3MB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 828B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .abc

  Size: 173KB - Virtual size: 172KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 57B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 33KB - Virtual size: 33KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ