General

Malware Config

Signatures

Files

• 470711a8c1e49ad4e6202e21ebce34a7_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  1b444fe65947029a0ab286441263bb0e

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  C:\visuals\s\Release\thought.pdb

  Imports

  kernel32

  OutputDebugStringW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  QueryPerformanceCounter

  GetFileType

  HeapReAlloc

  HeapSize

  GetCPInfo

  GetOEMCP

  GetACP

  IsValidCodePage

  LoadLibraryExW

  Sleep

  GetModuleFileNameW

  WriteFile

  GetStdHandle

  GetModuleHandleW

  GetStartupInfoW

  TlsSetValue

  TlsAlloc

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  IsDebuggerPresent

  GetCommandLineA

  VirtualQuery

  VirtualProtect

  GetSystemInfo

  GetModuleHandleExW

  ExitProcess

  EncodePointer

  DecodePointer

  VirtualFree

  IsProcessorFeaturePresent

  InterlockedPushEntrySList

  InterlockedPopEntrySList

  InitializeSListHead

  InterlockedCompareExchange

  GetProcessHeap

  HeapFree

  HeapAlloc

  RtlUnwind

  TlsGetValue

  LCMapStringW

  GetStringTypeW

  GetConsoleCP

  GetConsoleMode

  SetFilePointerEx

  FlushFileBuffers

  SetStdHandle

  WriteConsoleW

  CreateFileW

  CloseHandle

  lstrcpyA

  CreateThread

  GetVersionExA

  GetCurrentThreadId

  DeleteCriticalSection

  LoadLibraryExA

  GetModuleHandleA

  InitializeCriticalSectionAndSpinCount

  GetModuleFileNameA

  LockResource

  LoadLibraryA

  EnterCriticalSection

  VirtualAlloc

  GetProcAddress

  lstrcmpiA

  SetLastError

  GetLastError

  RaiseException

  FlushInstructionCache

  MultiByteToWideChar

  IsDBCSLeadByte

  MulDiv

  LeaveCriticalSection

  SizeofResource

  LoadLibraryW

  WideCharToMultiByte

  GetCurrentProcess

  InterlockedDecrement

  InterlockedIncrement

  LoadResource

  FreeLibrary

  FindResourceA

  TlsFree

  user32

  DestroyMenu

  CallWindowProcA

  GetMessagePos

  RegisterClassA

  GetWindow

  LoadCursorA

  GetDlgItemTextA

  DialogBoxParamA

  DestroyIcon

  FillRect

  GetWindowDC

  PostQuitMessage

  MonitorFromPoint

  RegisterClassExA

  InsertMenuItemA

  GetWindowRect

  SetDlgItemTextA

  GetDialogBaseUnits

  GetClassInfoExA

  SetCapture

  DrawTextA

  GetPropA

  ScreenToClient

  SetWindowRgn

  GetMessageA

  SetCursor

  UpdateWindow

  MapWindowPoints

  LoadImageA

  SetWindowTextA

  SetCaretPos

  IsWindowVisible

  GetSystemMetrics

  ReleaseCapture

  SystemParametersInfoA

  DefMDIChildProcA

  DispatchMessageA

  RemoveMenu

  PostMessageA

  IsWindow

  GetMenuItemCount

  AppendMenuA

  GetActiveWindow

  DrawMenuBar

  GetSubMenu

  LoadStringA

  DestroyWindow

  EndPaint

  UnregisterClassA

  CreatePopupMenu

  GetParent

  LoadMenuA

  LoadIconA

  DlgDirSelectExA

  RemovePropA

  MessageBeep

  CharNextA

  GetClientRect

  SetFocus

  SendMessageA

  DrawEdge

  SetRectEmpty

  ShowCaret

  BeginPaint

  PtInRect

  GetMonitorInfoA

  DlgDirListA

  GetIconInfo

  GetDC

  GetCapture

  TranslateMessage

  OffsetRect

  SetPropA

  TrackPopupMenuEx

  SetRect

  SetWindowLongA

  MessageBoxA

  InvalidateRect

  SetCursorPos

  GetWindowLongA

  CreateWindowExA

  PeekMessageA

  ReleaseDC

  MonitorFromWindow

  EndDialog

  DefWindowProcA

  GetSysColor

  SetWindowPos

  GetCursorPos

  GetMenuItemInfoA

  LoadStringW

  LoadAcceleratorsA

  ShowWindow

  gdi32

  GetObjectA

  GetStockObject

  SwapBuffers

  CreatePen

  EnumFontsA

  TextOutA

  CreateEllipticRgn

  CreatePatternBrush

  CreateRectRgn

  Rectangle

  CombineRgn

  SelectObject

  DeleteObject

  SetBkMode

  CreateBitmap

  SetBkColor

  SetBrushOrgEx

  CreateFontIndirectA

  CreateFontA

  DeleteDC

  SetTextColor

  LineTo

  GetTextExtentPoint32A

  PatBlt

  CreateSolidBrush

  MoveToEx

  BitBlt

  comdlg32

  GetOpenFileNameA

  advapi32

  RegDeleteValueA

  RegDeleteKeyA

  RegSetValueExA

  RegEnumKeyExA

  RegCreateKeyExA

  RegOpenKeyExA

  RegCloseKey

  RegQueryInfoKeyW

  shell32

  SHGetDesktopFolder

  SHGetFolderLocation

  ord155

  ole32

  RevokeDragDrop

  RegisterDragDrop

  CoTaskMemAlloc

  CoTaskMemFree

  CoInitialize

  CreateStreamOnHGlobal

  CoTaskMemRealloc

  CoUninitialize

  CoLockObjectExternal

  CoCreateInstance

  oleaut32

  RevokeActiveObject

  VariantTimeToSystemTime

  VariantClear

  SysAllocString

  SafeArrayUnaccessData

  VarUI8FromUI1

  SafeArrayPutElement

  VarUI4FromStr

  SafeArrayAccessData

  VariantInit

  SafeArrayCreate

  SafeArrayDestroy

  shlwapi

  StrRetToBufA

  comctl32

  ImageList_LoadImageA

  ImageList_Create

  ord6

  msimg32

  GradientFill

  opengl32

  wglGetCurrentDC

  ws2_32

  getsockopt

  ioctlsocket

  WSAStartup

  select

  WSAGetLastError

  htons

  WSACleanup

  recv

  bind

  socket

  __WSAFDIsSet

  closesocket

  listen

  WSASocketA

  accept

  winmm

  mmioAscend

  iphlpapi

  GetIpNetTable

  rpcrt4

  RpcBindingFromStringBindingA

  RpcStringBindingComposeA

  urlmon

  CreateAsyncBindCtx

  dciman32

  DCICreateOverlay

  DCIBeginAccess

  DCICreateOffscreen

  Sections

  .text

  Size: 235KB - Virtual size: 234KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 60KB - Virtual size: 60KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 7KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 142KB - Virtual size: 142KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 25KB - Virtual size: 185KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ