General

Malware Config

Signatures

Files

• 9e41e8aea7a37f6549b4a88419c9c6eb_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  64753f39243d7bf70e36508cdf4799e3

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  FindClose

  MapViewOfFileEx

  GetCurrentThreadId

  CompareStringW

  CreateFileMappingA

  OpenMutexA

  GetCurrentThread

  GetCurrentProcessId

  GetCommandLineA

  CopyFileA

  GetFileType

  GetFileAttributesW

  DuplicateHandle

  CloseHandle

  CopyFileW

  SetThreadLocale

  OpenEventA

  GetFileSize

  LoadLibraryA

  DeleteFileW

  GetFileAttributesA

  FreeConsole

  DeleteFileA

  GetACP

  CompareStringA

  WaitForSingleObject

  GetModuleHandleA

  OpenSemaphoreA

  OpenSemaphoreW

  GetStartupInfoA

  user32

  CreatePopupMenu

  CreateMenu

  DeleteMenu

  FindWindowExW

  GetClipboardData

  GetWindowTextLengthA

  GetWindowTextW

  IsWindow

  GetWindowTextA

  GetMenu

  CreateWindowExA

  CreateWindowExW

  GetClientRect

  FindWindowW

  FindWindowExA

  gdi32

  CreateSolidBrush

  msvcrt

  ??2@YAPAXI@Z

  _controlfp

  _except_handler3

  __set_app_type

  __p__fmode

  __p__commode

  _adjust_fdiv

  __setusermatherr

  _initterm

  __getmainargs

  _acmdln

  exit

  _XcptFilter

  strcmp

  memcpy

  printf

  strtoul

  _exit

  ??3@YAXPAX@Z

  Sections

  .text

  Size: 8KB - Virtual size: 4KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 236KB - Virtual size: 234KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ