General

Malware Config

Signatures

Files

• 1f6ffbf88537755b91d44ef7f2adec54_JaffaCakes118

  .exe windows:4 windows x64 arch:x64

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Exports

  Exports

  ]�Vm8�J�����i���=<�ӯ#�Ch��I�I�*�?���ifP��|����g{�
  e�߅�|Sy�b��e�����й
  5Ǭ$��9����~� �� �����d+�+�h�m�q���K�/��'��P7g����nll1��S;��Ҏ#t��[�����F��{�,�XhL�Q��s�a�����/�������*<���yo�ջ�G�%���\f9msF[�;$������L�cx��4'��0�ܴ�����K>0�\my[t;�f�������w�,Au:���F�\4UN�)� l3|� �UZu�g����|E��[b�o�ÔU_�$ƕ�B��*�����Re��9��?���5��tm�3�y�&K�%��5�@���vi#&��G�Z�� C�V�+�-�ȳ��0S>�BfՠMj�
  �7�xQ�R��+��� �1���TW���o�t�)X��y�> �Mr�o>���2=�divо� ��D3�Ja��%��W�ks�{5'e�ZV����_Q w~���B\�Pm� �-��b�=��/1W}��oW�”��g�{3}�-z폶��8�(D��!�K�i��]��Q�df��ܗ6���sR����D��q>���2`+�<�V4@;��!-��s������Ğ��q!6� /��cc#����Eٗ�(dߎ����~���{�;�~�_�r�@�� �Gf}���2s}B�r��h��=C-�.�vx�U�4!�&Y�`g(?O�v���J �Q:�)1����Gz�C0Nj:n���7�)� �Y�����I(s����tw�~O?9�JȌ��[����k�ޛ��� !�yO�Ӗ���[�޴�~>��R�m�����t����%0�|���lT��q@�S����u�wx*47����<8'8E"��p�()�d�=B�����K��By7�wIAn]9pA2�Pj���1��q;O��@t�]�3s�e��LK�_���<�)Do�b��� �ާmx}����Y݆��w9��@=x5~��5^p� ч�=3UW\��V�!�LN/�=)��K�����X��P1uK�<,ҋ|��O��I[{�MZem����r���{��gԉ�/` Ҿ�l+OI�_x��� �~E��]��r���ӹþ�
  f,b�s
  �H�{�m""P<���$�{�*}��>�"��⋦��P���5y|O�����W�%<Q:C��>;{cY�"D�7�m���!��k�w�e܈����n�S����r���IP �4Q��N��%?ş��(,��^�W[�q�V`o���}l0�����@�g���M[a�Wz�@�x���G�(��'g۔��|� �r��@n^+�:��j��}�45A��0xP�z�}�ɒ���_r—��8tNœ���o#k���E�8�‚������g,@?o��OHH����?������jq�V��E�~�G����S�b� ���/ǩ�v-~bNt!��[3GX��9NL�N��3v��m.�AYW �0�i��<��������Y�|���*��!�����CC9t$!0�8?�� �m*�=q���Mb��������1q-"�
  ��Pldí Pdi?�yG��h5���>�p��2��)�d�������w�^�Ť���Z[�d��SÃ��B�ض����j�s,������߶����r�^�L��i�0m2��V�ձڝ��8=]H�q����%���\ūN�F-K�E��p@�2�R�K�WI_�|g��.o��J:�j7Aݩw�
  �:K�%{�.��5���L=�tgj���`��J�|[˾Wd��M��w��y�m�Ģ��^��|.it��E���GR��چ����fIB6���`?�1V�Ǒ�W������<��,�yi9�>��B���[�#�����CxI���"�"K��th�T)2�-Ԛ�P�}/�4�Z�\�s��R5��"_�U��s�\H��3Q[��
  N=ώ�!��bΠ���B�l�Um��۰�ڀK�}dJ�w��Zا�3���C�eX�{A��!�є�'N���?�?��� |]�a�5��J0F&eIX߱��oZo�»wQyx��8+��o�D ��f�[�u�<�h�)s?�#0e�I���{�% �}V�|X������S�`X�p����}�S��5L�q�67@���������]�E�� zK�˻��9I\�`���455�+�b ���5%o�L��`I�u��q��)B���t�)�O*=��^�Cp]��g��j����n�F���ڔ�R�g
  �Ŭ�]�M�� s��Qr<C>8+�Tԩ{ ��L��6p1wѳ go��Zޱ��"U�g���{G��$|!�ù�0��#�����U��l�G��?��?� �q?��M�DJk���e+��"�ƕ��\�=Qv�"���v>�g�j�!�5d��oA��>�����O8dD���m���īV���0 �r.�Q�b��-0�w��j{l�� ?*���Oqx��(Msl��i�+R���S�0�?=y,��[�'�<¢f�Wʁ��)������s�H����K���4Ʒ�?}H,�tA
  �86���:,��_+��j~Hͳiϼ��x[�P��9��Ӫ�;�x��%� U�#�����c%A���J�������.�dN�_8�(�v����HpC��F�+��D�+ְA���p��*ʃ���}IS�\*��k���hoy2v�x>��e�vG)�>d����t�[�s�����ᣲ%dW,n���w_ʲ�n�+�.R�����,��C���]���k�~D��������]���m?��]K�#7�EѨ������-rt�i����6�6����@OZ^zi�_���uA�� wҢ_������g���w�H�&�KX+�7eԱ_�(�t ����`����h��Dv�g�c�NJ@h�Lб6\k-�<‰&H}*����� �廟����@mX}Nw�IN�M�5���Ф�4�V;)�y�9�O��T.�p䗾PO��oM�G��O���rjѸ+^��32Z:��s�rE�H
  �z��1��Tgɺ�u����F�;�%����E���3��j�S>o]�śp!�bȤ~`@Vi���(��0���r!��mN�n�jG/U9��(�k%��Nן��a͚PM��G�e�IK�dlB�7�T�Ss Y݅C��w���os��ж��fKx+R��ؠ!�@�9us���e��� �����E�=�I1��e8�;��z
  ށ�jȬ��}��U]����?��:6ZB'*�/oS�)����@.�Ƈ� �uG��i��՝o�.�X~х�}��l�0~dB���—y4� ��"��9�
  ��-�UzH�-�8j1`IÜ�f�5$<��Ho�f�ck:��$hH��Ѧ6�%��D�=�����q��9t� W���R-y�3g�߱�\_���j�@�H�K�y"��G�gt'W���7����!���e�C�B��|�����"+j��Ρ:����t$�/m����D�o���`l�趎�GI�W��hܵx(��A���+����d :N�-��%���naޟᅉ+���{�V�&���o� \��$@'�Ծ*���5�����[�ǩ{���x��%)9؊67c�U��`Ζ��7�%�%pb�4{����u�iD����Nc$e���@���W���*"�_6@�Sœ_���/�^�z���5�XWP� x��a��w���m>�q~�_i[SS���S�AAr��lRN�߶�t��j8�y:���W������6���J���m1�V���Cơ;J~%v t�R2

  Sections

  Size: 6.3MB - Virtual size: 6.3MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: - Virtual size: 272KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 267KB - Virtual size: 272KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 2.6MB - Virtual size: 31.0MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 6.8MB - Virtual size: 6.8MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE