General

Malware Config

Signatures

Files

• 821aa0af9b1e448cb190cdb1f525f4b5_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  69a7fc5816e3c1142a66119c221006c4

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_BYTES_REVERSED_LO

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_BYTES_REVERSED_HI

  Imports

  msvcrt

  fputwc

  strcmp

  isxdigit

  free

  strstr

  sin

  strlen

  exp

  tan

  malloc

  advapi32

  RegCreateKeyW

  RegisterEventSourceA

  RegQueryValueExW

  ReportEventW

  DeregisterEventSource

  ElfReportEventW

  RegEnumValueW

  RegQueryValueW

  RegQueryInfoKeyW

  kernel32

  GetProcessHeap

  GetTempPathW

  HeapFree

  InvalidateConsoleDIBits

  PurgeComm

  HeapAlloc

  GetWindowsDirectoryW

  FindNextChangeNotification

  GetUserDefaultLCID

  GetModuleFileNameW

  VirtualAlloc

  GetSystemDirectoryW

  GetDiskFreeSpaceExW

  user32

  PrintWindow

  GetMessageA

  GetAltTabInfo

  GetWindowContextHelpId

  TranslateMessageEx

  NotifyWinEvent

  IMPQueryIMEA

  LoadMenuA

  GetForegroundWindow

  CreateAcceleratorTableW

  ResolveDesktopForWOW

  SendIMEMessageExA

  CharLowerW

  InvertRect

  es

  ServiceMain

  DllCanUnloadNow

  LCEControlServer

  msrd2x40

  DllRegisterServer

  mfc42

  DllUnregisterServer

  ?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B

  ?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B

  DllRegisterServer

  loghours

  ReplicationScheduleDialogEx

  DirSyncScheduleDialog

  DialinHoursDialogEx

  DirSyncScheduleDialogEx

  Sections

  .text

  Size: 412KB - Virtual size: 416KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ