General

Malware Config

Signatures

Files

• 2a5c65f4e2a78a196cf10693d76a627f_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  7ecf130919df64f8e5495d3ed698b2c7

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  C:\bjectTr\Release\hli.pdb

  Imports

  kernel32

  GetCommandLineA

  GetProcessHeap

  GetStartupInfoA

  RtlUnwind

  HeapSize

  Sleep

  HeapDestroy

  HeapCreate

  VirtualFree

  GetStdHandle

  GetACP

  IsValidCodePage

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  TerminateProcess

  GetSystemTimeAsFileTime

  GetStringTypeA

  GetStringTypeW

  ExitProcess

  GetConsoleCP

  GetConsoleMode

  LCMapStringA

  LCMapStringW

  SetStdHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetEnvironmentVariableA

  VirtualQuery

  GetSystemInfo

  VirtualProtect

  HeapReAlloc

  HeapFree

  GetFileTime

  GetFileAttributesA

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  GetTimeZoneInformation

  UnhandledExceptionFilter

  FileTimeToLocalFileTime

  SetErrorMode

  FileTimeToSystemTime

  GetOEMCP

  InterlockedExchange

  GetCPInfo

  CreateFileA

  GetFullPathNameA

  GetVolumeInformationA

  FindFirstFileA

  FindClose

  GetCurrentProcess

  DuplicateHandle

  GetFileSize

  SetEndOfFile

  UnlockFile

  LockFile

  FlushFileBuffers

  SetFilePointer

  WriteFile

  ReadFile

  GetThreadLocale

  InterlockedIncrement

  WritePrivateProfileStringA

  TlsFree

  DeleteCriticalSection

  LocalReAlloc

  TlsSetValue

  TlsAlloc

  InitializeCriticalSection

  GlobalHandle

  GlobalReAlloc

  EnterCriticalSection

  TlsGetValue

  LeaveCriticalSection

  LocalAlloc

  GlobalFlags

  FormatMessageA

  LocalFree

  InterlockedDecrement

  GetModuleFileNameW

  GlobalGetAtomNameA

  GlobalFindAtomA

  lstrcmpW

  GetVersionExA

  MulDiv

  GetCurrentProcessId

  SuspendThread

  ResumeThread

  SetThreadPriority

  CloseHandle

  GetCurrentThreadId

  ConvertDefaultLocale

  EnumResourceLanguagesA

  GetLocaleInfoA

  LoadLibraryA

  lstrcmpA

  FreeLibrary

  GetModuleHandleA

  GetProcAddress

  SetLastError

  FreeResource

  DeleteFileA

  GetTickCount

  GetModuleFileNameA

  CreateEventA

  GlobalLock

  VirtualAlloc

  GetProcessWorkingSetSize

  lstrcpyA

  GlobalUnlock

  GlobalAlloc

  WaitForSingleObject

  GlobalFree

  GlobalAddAtomA

  HeapAlloc

  GetCurrentThread

  lstrcatA

  LocalLock

  GlobalDeleteAtom

  SetEvent

  WaitForMultipleObjectsEx

  LoadResource

  ExitThread

  LockResource

  SizeofResource

  CreateThread

  FindResourceA

  CompareStringA

  lstrlenA

  lstrlenW

  GetLastError

  WideCharToMultiByte

  MultiByteToWideChar

  RaiseException

  CompareStringW

  GetVersion

  QueryPerformanceCounter

  user32

  PostThreadMessageA

  UnregisterClassA

  MessageBeep

  GetNextDlgGroupItem

  ReleaseCapture

  SetCapture

  InvalidateRgn

  SetRect

  IsRectEmpty

  CopyAcceleratorTableA

  CharNextA

  GetSysColorBrush

  ShowWindow

  MoveWindow

  IsDialogMessageA

  DestroyMenu

  RegisterWindowMessageA

  SendDlgItemMessageA

  IsChild

  GetCapture

  GetClassLongA

  GetClassNameA

  SetPropA

  GetPropA

  RemovePropA

  GetForegroundWindow

  UnhookWindowsHookEx

  GetMessageTime

  GetMessagePos

  MapWindowPoints

  UpdateWindow

  GetClassInfoExA

  GetClassInfoA

  RegisterClassA

  AdjustWindowRectEx

  EqualRect

  CopyRect

  PtInRect

  GetDlgCtrlID

  CallWindowProcA

  IntersectRect

  GetWindowRect

  CharUpperA

  EnableWindow

  IsIconic

  AppendMenuA

  GetSysColor

  GetWindowDC

  ReleaseDC

  GrayStringA

  DrawTextExA

  TabbedTextOutA

  GetWindowThreadProcessId

  GetLastActivePopup

  SetWindowsHookExA

  CallNextHookEx

  GetMessageA

  TranslateMessage

  DispatchMessageA

  IsWindowVisible

  GetKeyState

  PeekMessageA

  ValidateRect

  GetWindow

  SetWindowContextHelpId

  MapDialogRect

  SetMenuItemBitmaps

  GetMenuCheckMarkDimensions

  GetFocus

  ModifyMenuA

  GetMenuState

  EnableMenuItem

  CheckMenuItem

  GetActiveWindow

  SetActiveWindow

  CreateDialogIndirectParamA

  DestroyWindow

  GetWindowLongA

  GetDlgItem

  IsWindowEnabled

  GetNextDlgTabItem

  GetSubMenu

  LoadBitmapA

  SetCursor

  EndPaint

  SendMessageA

  GetSystemMetrics

  GetSystemMenu

  DrawIcon

  GetClientRect

  LoadIconA

  GetWindowTextA

  HideCaret

  LoadCursorA

  KillTimer

  SetMenuItemInfoA

  GetWindowPlacement

  DrawFrameControl

  MessageBoxA

  GetMenu

  ScreenToClient

  ClientToScreen

  GetMenuItemID

  IsWindow

  SetWindowPos

  SetTimer

  LoadImageA

  GetCursorPos

  wsprintfA

  SystemParametersInfoA

  CheckDlgButton

  GetMenuItemCount

  EndDialog

  SetDlgItemInt

  GetMenuStringA

  RegisterClipboardFormatA

  InSendMessage

  InsertMenuItemA

  PackDDElParam

  GetDC

  GetMenuItemInfoA

  GetKeyboardLayout

  GetWindowWord

  SetDlgItemTextA

  OffsetRect

  CheckMenuRadioItem

  FreeDDElParam

  SetWindowTextA

  SetWindowPlacement

  InvalidateRect

  DefMDIChildProcA

  SetWindowLongA

  GetClipboardData

  MsgWaitForMultipleObjectsEx

  CloseClipboard

  GetParent

  SetFocus

  PostMessageA

  OpenClipboard

  GetTopWindow

  DefWindowProcA

  BeginPaint

  GetDesktopWindow

  GetDlgItemTextA

  DrawTextA

  SetForegroundWindow

  CreateWindowExA

  PostQuitMessage

  WinHelpA

  gdi32

  GetMapMode

  GetRgnBox

  CreateRectRgnIndirect

  GetTextColor

  GetDeviceCaps

  GetBkColor

  ExtSelectClipRgn

  ScaleWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  Escape

  ExtTextOutA

  RectVisible

  PtVisible

  GetWindowExtEx

  GetViewportExtEx

  GetClipBox

  SetTextColor

  SetBkColor

  RestoreDC

  SaveDC

  CreateBitmap

  SelectObject

  SetPixelFormat

  SetStretchBltMode

  GetObjectA

  DeleteObject

  GetTextExtentPointA

  GetTextExtentPointW

  DeleteDC

  PatBlt

  SetWindowExtEx

  GetStockObject

  CreateICA

  ChoosePixelFormat

  TextOutA

  SetBkMode

  SetMapMode

  BitBlt

  CreateCompatibleDC

  StretchBlt

  SelectPalette

  comdlg32

  PrintDlgExA

  GetFileTitleA

  winspool.drv

  ClosePrinter

  DocumentPropertiesA

  OpenPrinterA

  advapi32

  RegOpenKeyExA

  ImpersonateSelf

  MapGenericMask

  RegSetValueExA

  RegCreateKeyExA

  RegQueryValueA

  RegEnumKeyA

  RegDeleteKeyA

  AccessCheck

  GetFileSecurityA

  RegQueryValueExA

  GetAce

  OpenThreadToken

  RegOpenKeyA

  GetAclInformation

  EqualSid

  RegCloseKey

  shell32

  ord17

  SHGetFileInfoW

  SHBrowseForFolderA

  ShellExecuteA

  ord16

  SHGetPathFromIDListA

  comctl32

  ord17

  shlwapi

  ord14

  PathFindExtensionA

  PathFindFileNameA

  PathStripToRootA

  PathIsUNCA

  oledlg

  ord8

  ord3

  ole32

  CoTaskMemAlloc

  CoGetClassObject

  CLSIDFromString

  CoDisconnectObject

  StgCreatePropStg

  CoUninitialize

  CoInitialize

  CreateStreamOnHGlobal

  CLSIDFromProgID

  ReleaseStgMedium

  CoRevokeClassObject

  StgOpenStorageOnILockBytes

  OleIsCurrentClipboard

  OleFlushClipboard

  StgCreateDocfileOnILockBytes

  CreateILockBytesOnHGlobal

  CoFreeUnusedLibraries

  OleInitialize

  CoTaskMemFree

  OleUninitialize

  CoRegisterMessageFilter

  oleaut32

  VariantCopy

  GetActiveObject

  SysFreeString

  SysAllocStringLen

  VariantClear

  VariantChangeType

  VariantInit

  SysStringLen

  SysAllocStringByteLen

  OleCreateFontIndirect

  VariantTimeToSystemTime

  SystemTimeToVariantTime

  SafeArrayDestroy

  SysAllocString

  urlmon

  WriteHitLogging

  opengl32

  glShadeModel

  wglCreateContext

  glClearColor

  glEnable

  glHint

  glClearDepth

  glDepthFunc

  netapi32

  NetShareGetInfo

  avifil32

  AVIStreamWrite

  AVIStreamStart

  odbc32

  ord75

  winmm

  SendDriverMessage

  pdh

  PdhCollectQueryData

  PdhAddCounterW

  gdiplus

  GdipSaveImageToFile

  GdipDisposeImage

  GdipFree

  GdipAlloc

  GdipCreateBitmapFromHBITMAP

  GdipCloneImage

  imm32

  ImmAssociateContext

  ImmGetProperty

  ImmCreateContext

  setupapi

  CM_Get_Device_Interface_AliasA

  CM_Get_Device_Interface_ListA

  CM_Get_DevNode_Registry_PropertyA

  CM_Get_Device_IDW

  CM_Get_Device_ID_ListW

  CM_Get_Device_ID_Size

  tapi32

  phoneGetMessage

  phoneGetRing

  Sections

  .text

  Size: 352KB - Virtual size: 349KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 72KB - Virtual size: 68KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 26KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 140KB - Virtual size: 248KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ