General

Malware Config

Signatures

Files

• b6d7de5ac47c20455438240fe1d2dda0_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  1af3cda99c3d83d0c20d241289e52f94

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  GetSystemMetrics

  UpdateWindow

  ShowWindow

  GetMessageA

  DispatchMessageA

  MessageBoxW

  PostQuitMessage

  CreateWindowExA

  SetFocus

  PostMessageA

  SendMessageA

  DefWindowProcA

  LoadCursorA

  LoadIconA

  RegisterClassA

  DestroyWindow

  kernel32

  HeapDestroy

  GetFileType

  GetStdHandle

  SetHandleCount

  GetOEMCP

  GetACP

  GetCPInfo

  WideCharToMultiByte

  GetEnvironmentStringsW

  HeapCreate

  FreeEnvironmentStringsW

  GetStartupInfoA

  CreateFileMappingA

  CreateFileA

  ExitProcess

  GetTickCount

  GetLastError

  GetModuleHandleA

  VirtualFree

  RtlUnwind

  WriteFile

  GetEnvironmentStrings

  LoadLibraryA

  GetProcAddress

  VirtualAlloc

  FreeEnvironmentStringsA

  HeapAlloc

  GetModuleFileNameA

  UnhandledExceptionFilter

  GetCurrentProcess

  GetCommandLineA

  GetVersion

  TerminateProcess

  HeapFree

  advapi32

  RegOpenKeyExA

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  ole32

  CoInitialize

  CoCreateInstanceEx

  CoUninitialize

  oleaut32

  SysAllocString

  SysFreeString

  Sections

  .text

  Size: 329KB - Virtual size: 329KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 71KB - Virtual size: 71KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 39KB - Virtual size: 41KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 110KB - Virtual size: 110KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ