General

Malware Config

Signatures

Files

• 5aa733e108f0fa41df88cea0a309affe_JaffaCakes118

  .dll windows:6 windows x86 arch:x86

  b5c6badd398e2e3aa283a40a40432c6c

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  c:\wheel\receive\Many-rise\score.pdb

  Imports

  kernel32

  LockResource

  FreeLibrary

  GetProcAddress

  VirtualProtect

  OpenProcess

  GetCurrentThreadId

  Sleep

  GetSystemTime

  CreateSemaphoreW

  LoadLibraryW

  GetModuleFileNameW

  GetModuleHandleW

  GetTempPathW

  CreateFileW

  GetVolumeInformationW

  QueryPerformanceCounter

  GetVersionExW

  GetDateFormatW

  OutputDebugStringW

  CloseHandle

  ReadConsoleW

  ReadFile

  GetConsoleMode

  GetConsoleCP

  WriteFile

  FlushFileBuffers

  HeapSize

  SetStdHandle

  SetFilePointerEx

  GetFileSizeEx

  GetProcessHeap

  SetEnvironmentVariableW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  GetCommandLineA

  GetOEMCP

  GetACP

  IsValidCodePage

  FindNextFileW

  FindFirstFileExW

  FindClose

  SetConsoleCtrlHandler

  GetFileType

  GetStdHandle

  HeapReAlloc

  HeapFree

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  EncodePointer

  DecodePointer

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  WideCharToMultiByte

  SetLastError

  InitializeCriticalSectionAndSpinCount

  CreateEventW

  SwitchToThread

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  GetSystemTimeAsFileTime

  GetTickCount

  MultiByteToWideChar

  GetStringTypeW

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  GetCPInfo

  IsProcessorFeaturePresent

  IsDebuggerPresent

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetStartupInfoW

  GetCurrentProcess

  TerminateProcess

  GetCurrentProcessId

  InitializeSListHead

  RaiseException

  RtlUnwind

  InterlockedPushEntrySList

  InterlockedFlushSList

  GetLastError

  LoadLibraryExW

  QueryPerformanceFrequency

  ExitProcess

  GetModuleHandleExW

  GetCurrentThread

  HeapAlloc

  GetTimeZoneInformation

  GetTimeFormatW

  WriteConsoleW

  user32

  CreateMenu

  DeferWindowPos

  BeginDeferWindowPos

  UnregisterHotKey

  TranslateMessage

  RegisterWindowMessageW

  GetPropW

  msacm32

  acmDriverClose

  acmFormatChooseW

  acmFilterDetailsW

  acmFilterEnumW

  acmDriverEnum

  acmDriverPriority

  acmFormatEnumW

  acmFilterTagEnumW

  acmFormatTagDetailsW

  acmDriverMessage

  acmFormatSuggest

  acmFilterTagDetailsW

  acmFormatTagEnumW

  acmFilterChooseW

  acmDriverOpen

  acmDriverDetailsW

  acmFormatDetailsW

  acmMetrics

  acmDriverAddW

  acmDriverRemove

  acmDriverID

  acmGetVersion

  Exports

  Exports

  BeGrass

  Fieldeight

  Often

  Townenter

  Sections

  .text

  Size: 488KB - Virtual size: 487KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 185KB - Virtual size: 185KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 620KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 21KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ