General

Malware Config

Signatures

Files

• 031503c1a4e4c3994e64901204587d84_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  9089d0fa1407016aafcf9003c5de65d2

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  kernel32

  GetCurrentThread

  GetPrivateProfileIntW

  ClearCommBreak

  LoadLibraryW

  lstrlenA

  DeviceIoControl

  HeapFree

  GetStringTypeW

  ResumeThread

  GetPrivateProfileSectionA

  CreateEventW

  VirtualProtectEx

  TlsGetValue

  OpenMutexW

  DeleteFileA

  HeapDestroy

  DeviceIoControl

  GetDriveTypeA

  GetFileAttributesA

  GetProcessHeap

  SetLastError

  rasapi32

  DwEnumEntryDetails

  RasDeleteEntryA

  DwRasUninitialize

  DwCloneEntry

  DwRasUninitialize

  RasDialA

  DwEnumEntryDetails

  RasDeleteEntryA

  RasDialA

  RasDialA

  DwCloneEntry

  DwRasUninitialize

  DwEnumEntryDetails

  pdh

  PdhGetLogFileSize

  PdhCloseLog

  PdhAddCounterA

  PdhGetLogFileTypeA

  Sections

  .text

  Size: 1024B - Virtual size: 800B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 512B - Virtual size: 1.4MB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 794KB - Virtual size: 794KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .orpc

  Size: 512B - Virtual size: 288B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ