General

Malware Config

Signatures

Files

• f6626e65f1eb82888caee56c3f658b89_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  a262877a36fc7e0f830054e0f70f76cb

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetACP

  GetCPInfo

  GetCurrentProcess

  TerminateProcess

  IsDebuggerPresent

  UnhandledExceptionFilter

  GetOEMCP

  HeapFree

  Sleep

  LoadLibraryW

  RtlUnwind

  HeapSize

  LCMapStringW

  MultiByteToWideChar

  GetStringTypeW

  HeapAlloc

  EnterCriticalSection

  LeaveCriticalSection

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  IsValidCodePage

  VirtualProtect

  QueryPerformanceCounter

  HeapCreate

  InterlockedDecrement

  GetLastError

  GetCurrentThreadId

  SetLastError

  InterlockedIncrement

  TlsFree

  TlsSetValue

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  IsProcessorFeaturePresent

  SetUnhandledExceptionFilter

  GetProcAddress

  GetModuleHandleW

  ExitProcess

  DecodePointer

  WriteFile

  GetStdHandle

  GetModuleFileNameW

  GetModuleFileNameA

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  SetHandleCount

  InitializeCriticalSectionAndSpinCount

  GetFileType

  DeleteCriticalSection

  EncodePointer

  TlsAlloc

  TlsGetValue

  HeapReAlloc

  mpr

  WNetCancelConnectionA

  WNetCancelConnectionW

  WNetGetUniversalNameW

  WNetGetProviderNameW

  WNetGetProviderNameA

  WNetGetNetworkInformationA

  WNetGetResourceParentA

  ole32

  CreateDataCache

  CreateILockBytesOnHGlobal

  StringFromIID

  HBITMAP_UserFree

  OleInitializeWOW

  OleQueryLinkFromData

  avifil32

  AVIFileOpen

  AVIFileCreateStreamA

  AVISaveW

  AVIStreamGetFrameOpen

  AVIFileWriteData

  avicap32

  capGetDriverDescriptionW

  msvfw32

  ICClose

  ICInfo

  setupapi

  SetupDiGetHwProfileListExA

  SetupGetInfInformationA

  SetupDiDrawMiniIcon

  loadperf

  LoadPerfCounterTextStringsA

  UnloadPerfCounterTextStringsW

  UnloadPerfCounterTextStringsA

  gdi32

  GetFontUnicodeRanges

  GetDeviceCaps

  GetEnhMetaFileDescriptionW

  shlwapi

  ord29

  PathGetArgsW

  ord432

  ord158

  rpcrt4

  RpcNsBindingInqEntryNameW

  I_RpcMapWin32Status

  winmm

  waveOutSetVolume

  mmioWrite

  Sections

  .text

  Size: 19KB - Virtual size: 19KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 9KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 714KB - Virtual size: 714KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .l2

  Size: 714KB - Virtual size: 714KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .l2

  Size: 714KB - Virtual size: 714KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .l2

  Size: 714KB - Virtual size: 714KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ