General

Malware Config

Signatures

Files

• 01918229fcc186a1f44341d644f2c307_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  c06450480ddd58a6fecea32c379062bd

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  rasapi32

  RasSetEapUserDataA

  gdi32

  EndPath

  Polygon

  advapi32

  AddUsersToEncryptedFile

  winscard

  SCardListCardsA

  user32

  RemovePropA

  IsClipboardFormatAvailable

  GetInputState

  IntersectRect

  GetAsyncKeyState

  GetThreadDesktop

  msvcrt

  memset

  oleaut32

  VarCyFromUI4

  VARIANT_UserSize

  VarCyFromR8

  setupapi

  SetupQueryInfVersionInformationW

  mprapi

  MprConfigInterfaceGetHandle

  clusapi

  ClusterResourceCloseEnum

  pdh

  PdhGetFormattedCounterValue

  kernel32

  GetConsoleCP

  GetVersion

  GetConsoleOutputCP

  GlobalMemoryStatusEx

  FreeConsole

  GetCurrentActCtx

  UnhandledExceptionFilter

  EnumSystemLocalesW

  HeapCreate

  GetThreadId

  Sections

  .text

  Size: 92KB - Virtual size: 91KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  CODE

  Size: 32KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ