General

Malware Config

Signatures

Files

• fd173f356927fe48bf833aaafc83feaf_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  43108c3546e8cf068ca55c90a03f2cab

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  L:\pUdj\wdPape\rczgdrbl.pdb

  Imports

  shlwapi

  PathGetArgsA

  user32

  SetForegroundWindow

  FrameRect

  InSendMessageEx

  ClipCursor

  CheckRadioButton

  wsprintfA

  GetCaretPos

  GetSystemMenu

  GetWindowRect

  GetWindowDC

  CharPrevA

  GetForegroundWindow

  kernel32

  LCMapStringW

  CreateDirectoryA

  GlobalUnlock

  SetCurrentDirectoryW

  lstrlenW

  lstrcmpiA

  WaitForDebugEvent

  FindNextFileA

  InterlockedExchange

  CreateNamedPipeA

  LocalReAlloc

  LCMapStringA

  GetDateFormatA

  FindResourceExA

  gdi32

  SetViewportOrgEx

  MoveToEx

  AddFontResourceW

  RealizePalette

  CreateFontA

  RectVisible

  PatBlt

  GetTextFaceW

  Rectangle

  Exports

  Exports

  ?vcbgqtgq@@YGXH@Z

  ?WVgNzkgmwusysq@@YGNEE@Z

  ?uplfpnltycxxrszfzhjkF@@YGPAEPAEH@Z

  ?vtmqZhhOXtn@@YGHHPAJ@Z

  ?ofbjfZiJycMV@@YG_NF@Z

  ?pzauUljGha@@YGPAXPAN@Z

  Sections

  .text

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .itext

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data

  Size: 3KB - Virtual size: 195KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 34KB - Virtual size: 34KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ