General

Malware Config

Signatures

Files

• 442add686cd63f2657bbb8baae88330b_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  056654ee3e8bffa55768279e78438857

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  QueryPerformanceCounter

  LoadLibraryExW

  GetModuleFileNameW

  GetCPInfo

  GetOEMCP

  GetACP

  IsValidCodePage

  GetFileType

  GetStdHandle

  GetCurrentThreadId

  HeapSize

  IsProcessorFeaturePresent

  IsDebuggerPresent

  GetModuleHandleW

  GetStartupInfoW

  TlsFree

  TlsSetValue

  TlsGetValue

  HeapAlloc

  TerminateProcess

  SetLastError

  SetUnhandledExceptionFilter

  GetStringTypeW

  InitializeCriticalSectionAndSpinCount

  GetCommandLineW

  MultiByteToWideChar

  AreFileApisANSI

  GetProcAddress

  GetModuleHandleExW

  RaiseException

  RtlUnwind

  DecodePointer

  EncodePointer

  GetEnvironmentStringsW

  GetThreadLocale

  LoadLibraryA

  LCMapStringW

  SetStdHandle

  FlushFileBuffers

  OutputDebugStringW

  LoadLibraryW

  WriteConsoleW

  CreateFileW

  InitializeCriticalSection

  GetLastError

  GetCurrentThread

  LocalAlloc

  GetCurrentProcess

  GetModuleHandleA

  Sleep

  GetWindowsDirectoryA

  GlobalLock

  HeapFree

  DeleteFileA

  VirtualAlloc

  CreateEventA

  WaitForSingleObject

  CreateFileA

  WriteFile

  GlobalUnlock

  GetFileSize

  CloseHandle

  InterlockedDecrement

  InterlockedIncrement

  FreeEnvironmentStringsW

  HeapReAlloc

  WideCharToMultiByte

  GetConsoleCP

  GetConsoleMode

  SetFilePointerEx

  FormatMessageA

  ReadConsoleW

  UnhandledExceptionFilter

  GetProcessHeap

  ReadFile

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  ExitProcess

  CreateThread

  TlsAlloc

  SetEndOfFile

  user32

  TranslateMessage

  DispatchMessageA

  CreateWindowExW

  LoadIconA

  TranslateAcceleratorA

  ReleaseDC

  PostQuitMessage

  DefWindowProcA

  DestroyWindow

  LoadStringW

  LoadAcceleratorsA

  LoadCursorA

  RegisterClassExW

  ShowWindow

  UpdateWindow

  GetMessageA

  DialogBoxParamA

  EndPaint

  MessageBoxA

  WinHelpA

  GetDC

  GetForegroundWindow

  SendMessageA

  GetDlgItem

  SetFocus

  OpenClipboard

  GetClipboardData

  SetClipboardViewer

  GetSysColor

  GetWindowDC

  GetWindowRect

  GetCursorPos

  GetSystemMetrics

  InflateRect

  GetWindowTextLengthA

  LoadMenuA

  GetSubMenu

  TrackPopupMenu

  DestroyMenu

  GetWindowTextA

  IsWindowEnabled

  EnableScrollBar

  GetScrollInfo

  SetScrollInfo

  GetWindowLongA

  SetScrollPos

  SetWindowTextW

  InvalidateRect

  SetRect

  MoveWindow

  GetDialogBaseUnits

  SystemParametersInfoA

  SetWindowPos

  GetClientRect

  DrawTextA

  RegisterClassExA

  CreateWindowExA

  SetForegroundWindow

  GetMessageW

  DispatchMessageW

  EndDialog

  SetTimer

  KillTimer

  BeginPaint

  gdi32

  GetMetaFileA

  CreateDIBSection

  ChoosePixelFormat

  SetTextColor

  GetPixel

  CreateCompatibleDC

  CreateCompatibleBitmap

  GetEnhMetaFileA

  GetEnhMetaFileHeader

  DeleteDC

  GetMetaFileBitsEx

  DeleteMetaFile

  SetWinMetaFileBits

  CreateSolidBrush

  GetTextExtentPoint32A

  TextOutA

  SetPixelFormat

  BitBlt

  SelectObject

  DeleteObject

  winspool.drv

  ConnectToPrinterDlg

  comdlg32

  GetOpenFileNameA

  advapi32

  LookupPrivilegeValueA

  OpenProcessToken

  AllocateAndInitializeSid

  GetTokenInformation

  RevertToSelf

  OpenThreadToken

  LogonUserA

  ImpersonateAnonymousToken

  AdjustTokenPrivileges

  shell32

  Shell_NotifyIconA

  ole32

  GetHGlobalFromStream

  CreateStreamOnHGlobal

  CoInitialize

  oleaut32

  OleTranslateColor

  OleCreatePictureIndirect

  ws2_32

  WSAStartup

  WSAGetLastError

  socket

  userenv

  LoadUserProfileA

  avifil32

  AVIMakeCompressedStream

  AVIFileOpenA

  AVIFileCreateStreamA

  AVIStreamSetFormat

  AVISaveOptionsFree

  AVISaveOptions

  winmm

  mmioSeek

  shlwapi

  PathStripToRootA

  pdh

  PdhOpenQueryA

  rpcrt4

  UuidCreateSequential

  opengl32

  wglMakeCurrent

  glLoadIdentity

  glOrtho

  wglCreateContext

  glViewport

  glMatrixMode

  glu32

  gluLookAt

  imm32

  ImmGetContext

  ImmCreateContext

  ImmAssociateContext

  ImmDestroyContext

  ImmGetOpenStatus

  ImmReleaseContext

  ImmGetConversionStatus

  wsnmp32

  ord202

  ord203

  rasapi32

  RasDeleteEntryW

  rasdlg

  RasPhonebookDlgA

  RasEntryDlgW

  Sections

  .text

  Size: 267KB - Virtual size: 267KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 100KB - Virtual size: 99KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data1

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .trace

  Size: 12KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 266KB - Virtual size: 265KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 17KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ