General

Malware Config

Signatures

Files

• 65d0dc166775c9b48e3f6b6154b4d501_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  8f62fe400e7f2f35c8543a0614fffe16

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  lstrcmpiW

  CreateMutexW

  LoadLibraryW

  GetModuleFileNameW

  CreateProcessW

  GetCommandLineW

  ExpandEnvironmentStringsW

  FindResourceW

  GetCPInfo

  LCMapStringW

  GetStringTypeW

  GetConsoleWindow

  CloseHandle

  FormatMessageW

  SetFilePointerEx

  SetStdHandle

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  HeapSize

  HeapReAlloc

  TransmitCommChar

  FreeEnvironmentStringsW

  VirtualAlloc

  WriteConsoleW

  LocalFree

  HeapAlloc

  OutputDebugStringW

  RtlUnwind

  LoadLibraryExW

  HeapFree

  LeaveCriticalSection

  EnterCriticalSection

  GetOEMCP

  GetACP

  IsValidCodePage

  IsDebuggerPresent

  GetModuleHandleW

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  TerminateProcess

  GetCurrentProcess

  Sleep

  InitializeCriticalSectionAndSpinCount

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetEnvironmentStringsW

  GetSystemTimeAsFileTime

  RaiseException

  IsProcessorFeaturePresent

  EncodePointer

  GetLastError

  SetLastError

  GetCurrentThreadId

  DecodePointer

  ExitProcess

  GetModuleHandleExW

  GetProcAddress

  MultiByteToWideChar

  WideCharToMultiByte

  GetProcessHeap

  GetStdHandle

  GetFileType

  DeleteCriticalSection

  GetStartupInfoW

  WriteFile

  QueryPerformanceCounter

  GetCurrentProcessId

  CreateFileW

  user32

  GetScrollBarInfo

  GetMonitorInfoW

  TranslateMDISysAccel

  MapDialogRect

  LoadCursorW

  GetClassNameW

  FillRect

  GetWindowRgnBox

  SetMenuInfo

  TrackPopupMenuEx

  AppendMenuW

  EnableWindow

  GetDlgItemInt

  UnregisterHotKey

  GetKeyboardLayout

  advapi32

  RegSetValueExW

  RegEnumValueW

  RegDeleteValueW

  OpenSCManagerW

  oleaut32

  CreateErrorInfo

  GetErrorInfo

  SetErrorInfo

  RegisterTypeLi

  LoadTypeLi

  VarNot

  VarNeg

  VarBoolFromStr

  VarBstrFromBool

  VarBstrFromDate

  VarBstrFromCy

  VarDateFromStr

  VarR8FromStr

  VarI4FromStr

  VariantChangeTypeEx

  VariantCopyInd

  VariantCopy

  VariantClear

  SafeArrayPtrOfIndex

  SafeArrayPutElement

  SafeArrayAccessData

  SafeArrayGetLBound

  SafeArrayGetUBound

  SafeArrayRedim

  SafeArrayCreate

  SysStringLen

  SysFreeString

  SysReAllocStringLen

  SysAllocStringLen

  Sections

  .text

  Size: 69KB - Virtual size: 68KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 845KB - Virtual size: 7.9MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .xdata

  Size: 1024B - Virtual size: 724B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .c71he

  Size: 108KB - Virtual size: 107KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .irvlt7

  Size: 665KB - Virtual size: 665KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .dnna96

  Size: 85KB - Virtual size: 84KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 100KB - Virtual size: 100KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ