General

Malware Config

Signatures

Files

• 6f96cdd054b91e7baf9d05427c334f69_JaffaCakes118

  .dll windows:6 windows x86 arch:x86

  d4ea5d9749973381c881ca5fb6d34398

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  c:\Track\Teeth_Low\climb\790\Chair.pdb

  Imports

  kernel32

  GetCurrentDirectoryA

  CopyFileA

  CreateFileA

  GetSystemDirectoryA

  ResetEvent

  GetWindowsDirectoryA

  GetLocalTime

  VirtualProtectEx

  LocalFree

  FindFirstChangeNotificationA

  GetSystemTimeAsFileTime

  CreateDirectoryA

  DecodePointer

  EncodePointer

  WriteConsoleW

  OutputDebugStringW

  SetEndOfFile

  LocalAlloc

  GetFileSizeEx

  HeapReAlloc

  HeapSize

  GetStringTypeW

  ReadConsoleW

  ReadFile

  GetConsoleMode

  GetConsoleCP

  WriteFile

  FlushFileBuffers

  SetStdHandle

  CreateFileW

  SetConsoleCtrlHandler

  GetProcessHeap

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetLocaleInfoW

  GetEnvironmentVariableA

  VirtualAlloc

  VirtualFree

  SetFilePointerEx

  MoveFileA

  LCMapStringW

  CompareStringW

  GetTimeFormatW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  GetModuleHandleW

  InterlockedPushEntrySList

  InterlockedFlushSList

  RtlUnwind

  GetLastError

  SetLastError

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  GetProcAddress

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  GetModuleFileNameW

  HeapFree

  HeapAlloc

  CloseHandle

  GetStdHandle

  GetFileType

  GetCurrentThread

  FindClose

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCPInfo

  GetCommandLineA

  GetCommandLineW

  MultiByteToWideChar

  WideCharToMultiByte

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  SetEnvironmentVariableW

  GetDateFormatW

  RaiseException

  user32

  DrawFrameControl

  RegisterClassExA

  GetWindowRect

  PostMessageA

  FillRect

  CreatePopupMenu

  TrackPopupMenu

  GetActiveWindow

  DialogBoxIndirectParamA

  IsDialogMessageA

  SetWindowLongA

  ClientToScreen

  SetWindowsHookExA

  FrameRect

  GetForegroundWindow

  DefWindowProcA

  SystemParametersInfoA

  CreateDialogIndirectParamA

  AppendMenuA

  GetClientRect

  GetDesktopWindow

  GetSysColorBrush

  GetWindowTextLengthA

  gdi32

  SetBkMode

  MoveToEx

  ExcludeClipRect

  LineTo

  uxtheme

  DrawThemeText

  GetThemeBackgroundRegion

  Exports

  Exports

  Stream

  Totaltwo

  Wereran

  Wireiron

  YetOne

  Sections

  .text

  Size: 512KB - Virtual size: 511KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1008KB - Virtual size: 1008KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 56KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .gfids

  Size: 512B - Virtual size: 352B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ