General

Malware Config

Signatures

Files

• 656750f875112414a75fb4bf32a3353a_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  39e8edd8799655e32af9a32a250bb226

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  ole32

  OleDuplicateData

  user32

  GetSysColor

  GetShellWindow

  GetClipboardOwner

  WindowFromPhysicalPoint

  MenuItemFromPoint

  GetKeyboardType

  GetProcessWindowStation

  SetMenuInfo

  powrprof

  GetPwrDiskSpindownRange

  kernel32

  SetThreadLocale

  GetCommandLineA

  GetProcessIdOfThread

  GlobalMemoryStatus

  GetStdHandle

  IsValidLocale

  GetQueuedCompletionStatusEx

  PostQueuedCompletionStatus

  Sections

  .text

  Size: 10KB - Virtual size: 9KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 13KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 107KB - Virtual size: 111KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  CODE

  Size: 84KB - Virtual size: 83KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .CRT

  Size: 39KB - Virtual size: 39KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  CONST

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ