General

Malware Config

Signatures

Files

• b0589f223333abed87ffc746672a6595_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  6c3a2ba20248155bbbc368e1f038c10e

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  dbnmpntw

  ConnectionVer

  ConnectionClose

  ConnectionError

  kernel32

  MoveFileW

  InterlockedDecrement

  GetDiskFreeSpaceW

  OpenMutexA

  IsBadStringPtrW

  GetProcAddress

  GetCommandLineA

  SetThreadContext

  CreateHardLinkW

  SetComputerNameW

  lstrcat

  GetConsoleTitleA

  ReadConsoleW

  lstrcmpiA

  GetConsoleAliasW

  CopyFileA

  GetAtomNameA

  FindFirstFileA

  GetCommandLineW

  GetProfileIntW

  FormatMessageA

  WaitForSingleObject

  OpenFileMappingW

  GetGeoInfoW

  CreateThread

  AddAtomA

  LoadLibraryA

  GetStartupInfoA

  user32

  GetClassNameA

  InsertMenuA

  RegisterClassExA

  PostMessageA

  LoadAcceleratorsA

  FindWindowExW

  LoadCursorA

  IsCharUpperA

  MessageBoxA

  EndPaint

  OemToCharA

  clusapi

  CloseClusterGroup

  ClusterEnum

  ClusterControl

  cmpbk32

  PhoneBookCopyFilter

  PhoneBookFreeFilter

  Sections

  .text

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 281KB - Virtual size: 280KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ