General

Malware Config

Signatures

Files

• 57fd66671e3f9c3ed96e268bba6524be_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  6e30afafd9b81893b951e2b7cb8c5952

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetOEMCP

  GetOverlappedResult

  GetPrivateProfileStringW

  GetProcAddress

  GetProcessHeap

  GetProcessId

  GetShortPathNameW

  GetStartupInfoA

  GetStartupInfoW

  GetStdHandle

  GetStringTypeA

  GetStringTypeExA

  GetStringTypeExW

  GetStringTypeW

  GetSystemDefaultLangID

  GetSystemDefaultUILanguage

  GetSystemDirectoryW

  GetSystemInfo

  GetSystemTime

  GetSystemTimeAsFileTime

  GetSystemTimes

  GetTempFileNameA

  GetTempFileNameW

  GetTempPathW

  GetThreadContext

  GetThreadLocale

  GetThreadPriority

  GetThreadTimes

  GetTickCount

  GetTimeFormatA

  GetTimeFormatW

  GetTimeZoneInformation

  GetUserDefaultLCID

  GetUserDefaultLangID

  GetUserDefaultUILanguage

  GetVersion

  GetVersionExA

  GetVersionExW

  GetVolumeInformationW

  GetWindowsDirectoryW

  GlobalAddAtomW

  GlobalAlloc

  GlobalDeleteAtom

  GlobalFindAtomW

  GlobalFree

  GlobalHandle

  GlobalLock

  GlobalMemoryStatus

  GlobalReAlloc

  GlobalSize

  GlobalUnlock

  HeapAlloc

  HeapCreate

  HeapDestroy

  HeapFree

  HeapReAlloc

  HeapSetInformation

  HeapSize

  InitializeCriticalSection

  InitializeCriticalSectionAndSpinCount

  InterlockedCompareExchange

  InterlockedDecrement

  InterlockedExchange

  InterlockedExchangeAdd

  InterlockedIncrement

  IsBadReadPtr

  IsBadStringPtrW

  IsBadWritePtr

  IsDBCSLeadByte

  IsDBCSLeadByteEx

  IsDebuggerPresent

  IsValidCodePage

  IsValidLocale

  LCMapStringA

  LCMapStringW

  LeaveCriticalSection

  LoadLibraryA

  LoadLibraryExW

  LoadLibraryW

  LoadResource

  LocalAlloc

  LocalFileTimeToFileTime

  LocalFree

  LocalSize

  LockFile

  LockResource

  MapViewOfFile

  MoveFileExA

  MoveFileW

  MulDiv

  MultiByteToWideChar

  OpenEventW

  GetModuleHandleW

  OpenProcess

  OpenThread

  OutputDebugStringW

  ProcessIdToSessionId

  QueryDosDeviceW

  QueryPerformanceCounter

  QueryPerformanceFrequency

  RaiseException

  ReadFile

  ReadProcessMemory

  ReleaseMutex

  RemoveDirectoryW

  ResetEvent

  ResumeThread

  RtlCaptureContext

  RtlUnwind

  SearchPathW

  SetCommConfig

  SetCommState

  SetCommTimeouts

  SetConsoleCtrlHandler

  SetCurrentDirectoryW

  SetEndOfFile

  SetEnvironmentVariableA

  SetEvent

  SetFileAttributesW

  SetFilePointer

  SetFilePointerEx

  SetFileTime

  SetHandleCount

  SetLastError

  SetProcessWorkingSetSize

  SetStdHandle

  SetThreadLocale

  SetThreadPriority

  SetUnhandledExceptionFilter

  SetupComm

  SizeofResource

  Sleep

  SuspendThread

  SwitchToFiber

  SwitchToThread

  SystemTimeToFileTime

  SystemTimeToTzSpecificLocalTime

  TerminateProcess

  TerminateThread

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  Toolhelp32ReadProcessMemory

  TryEnterCriticalSection

  UnhandledExceptionFilter

  UnlockFile

  UnmapViewOfFile

  UnregisterWait

  VerSetConditionMask

  VerifyVersionInfoW

  VirtualFree

  VirtualProtect

  VirtualQuery

  VirtualQueryEx

  WaitForMultipleObjects

  WaitForMultipleObjectsEx

  WaitForSingleObject

  WaitNamedPipeW

  WideCharToMultiByte

  WinExec

  WriteConsoleA

  WriteConsoleW

  WriteFile

  WritePrivateProfileStringW

  WriteProcessMemory

  _lclose

  _lcreat

  _llseek

  _lopen

  _lread

  _lwrite

  lstrcatA

  lstrcatW

  lstrcmpA

  lstrcmpW

  lstrcmpiA

  lstrcmpiW

  lstrcpyA

  lstrcpyW

  lstrcpynA

  lstrcpynW

  lstrlenA

  lstrlenW

  FreeEnvironmentStringsA

  GetModuleFileNameW

  GetModuleFileNameA

  GetLongPathNameW

  GetLogicalDriveStringsW

  GetLocaleInfoW

  GetLocaleInfoA

  GetLocalTime

  GetLastError

  GetFullPathNameW

  GetFullPathNameA

  GetFileType

  GetFileTime

  GetFileSizeEx

  GetFileSize

  GetFileInformationByHandle

  GetFileAttributesW

  GetFileAttributesExW

  GetFileAttributesA

  GetExitCodeThread

  GetExitCodeProcess

  GetEnvironmentVariableW

  GetEnvironmentStringsW

  GetDriveTypeW

  GetDiskFreeSpaceW

  GetDateFormatW

  GetDateFormatA

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetCurrentDirectoryW

  GetConsoleOutputCP

  GetConsoleMode

  GetConsoleCP

  GetComputerNameW

  GetComputerNameExW

  GetComputerNameA

  GetCommandLineW

  GetCommandLineA

  GetCommState

  GetCommProperties

  GetCPInfoExW

  GetCPInfo

  GetAtomNameW

  GetACP

  FreeResource

  FreeLibrary

  FreeEnvironmentStringsW

  FormatMessageW

  FlushInstructionCache

  FlushFileBuffers

  FlsAlloc

  FindResourceW

  FindNextFileW

  FindFirstFileW

  FindClose

  FindAtomW

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  FatalAppExitA

  ExpandEnvironmentStringsW

  ExpandEnvironmentStringsA

  ExitThread

  ExitProcess

  EnumSystemLocalesW

  EnumSystemLocalesA

  EnumResourceNamesW

  EnumResourceLanguagesW

  EnumDateFormatsW

  EnumCalendarInfoW

  EnterCriticalSection

  EncodePointer

  DuplicateHandle

  DosDateTimeToFileTime

  DisconnectNamedPipe

  DeviceIoControl

  DeleteFileW

  DeleteFileA

  DeleteCriticalSection

  DeleteAtom

  DecodePointer

  CreateThread

  CreateSemaphoreW

  CreateProcessW

  CreatePipe

  CreateNamedPipeW

  CreateMutexW

  CreateFileW

  CreateFileMappingW

  CreateFileA

  CreateEventW

  CreateEventA

  CreateDirectoryW

  CopyFileW

  ConnectNamedPipe

  CompareStringW

  CompareStringA

  CompareFileTime

  CloseHandle

  ClearCommError

  CallNamedPipeW

  Beep

  AddAtomW

  AddAtomA

  GetModuleHandleA

  SetErrorMode

  OpenFileMappingW

  VirtualAlloc

  GetEnvironmentStrings

  user32

  MessageBoxIndirectW

  MessageBoxIndirectA

  MapWindowPoints

  MapVirtualKeyExW

  MapVirtualKeyA

  LookupIconIdFromDirectory

  LockWorkStation

  LoadImageW

  LoadCursorW

  LoadCursorFromFileA

  LoadBitmapA

  KillTimer

  IsWindowVisible

  IsIconic

  InvalidateRect

  InflateRect

  IMPSetIMEA

  GetWindowRect

  GetWindowPlacement

  GetWindowLongW

  GetWindowDC

  GetScrollRange

  GetScrollPos

  GetScrollInfo

  GetKeyboardType

  GetIconInfo

  GetCursorPos

  GetComboBoxInfo

  GetClientRect

  GetClassNameW

  GetCapture

  FrameRect

  FillRect

  EnumWindowStationsW

  EnumDisplayMonitors

  EnumDesktopsA

  EndPaint

  DrawTextW

  DrawFrameControl

  DefWindowProcW

  DefWindowProcA

  DefMDIChildProcW

  DdeQueryStringW

  DdeQueryNextServer

  CreateMDIWindowW

  CreateAcceleratorTableW

  MessageBoxW

  CharPrevA

  CharNextExA

  CallWindowProcW

  BeginPaint

  ArrangeIconicWindows

  AdjustWindowRect

  LoadIconA

  IsGUIThread

  IsMenu

  GetMenuCheckMarkDimensions

  GetDlgCtrlID

  IsCharAlphaNumericW

  GetAsyncKeyState

  IsWindowEnabled

  DrawMenuBar

  GetOpenClipboardWindow

  CopyIcon

  GetActiveWindow

  GetParent

  GetSystemMetrics

  CharNextA

  GetMenuItemCount

  GetTopWindow

  GetDialogBaseUnits

  InSendMessage

  GetKBCodePage

  ShowCaret

  GetClipboardViewer

  GetClipboardData

  GetDC

  CreatePopupMenu

  GetListBoxInfo

  WindowFromDC

  GetDesktopWindow

  GetMessageTime

  GetKeyboardLayout

  GetShellWindow

  DestroyCursor

  CharLowerA

  LoadCursorFromFileW

  CloseClipboard

  GetForegroundWindow

  GetDoubleClickTime

  DestroyIcon

  MonitorFromWindow

  OpenDesktopW

  PeekMessageW

  PostMessageA

  PostMessageW

  RedrawWindow

  RegisterClassA

  RegisterClassExW

  RegisterClipboardFormatW

  ReleaseCapture

  ReleaseDC

  RemovePropW

  ScreenToClient

  SendInput

  SendMessageW

  UpdateWindow

  TranslateAccelerator

  SystemParametersInfoW

  ShowWindow

  SetWindowRgn

  SetWindowPos

  GetMessagePos

  GetCursor

  SetWindowLongW

  SetUserObjectInformationA

  SetTimer

  SetScrollInfo

  SetPropW

  SetMenuItemBitmaps

  CheckMenuRadioItem

  IsWindowUnicode

  SetMenuInfo

  gdi32

  RealizePalette

  DeleteColorSpace

  WidenPath

  EndPath

  FillPath

  FlattenPath

  GetTextAlign

  AbortDoc

  AddFontResourceW

  EndPage

  BitBlt

  CheckColorsInGamut

  CombineRgn

  CreateBrushIndirect

  CreateColorSpaceW

  CreateCompatibleBitmap

  CreateCompatibleDC

  CreateDIBSection

  CreatePalette

  CreateRectRgn

  CreateSolidBrush

  DeleteObject

  EnableEUDC

  EngCreateSemaphore

  EngQueryLocalTime

  EnumFontsW

  ExcludeClipRect

  FONTOBJ_pifi

  FONTOBJ_vGetInfo

  FrameRgn

  GdiAddGlsRecord

  GdiAlphaBlend

  GdiComment

  GdiConvertDC

  GdiConvertRegion

  GdiGetLocalBrush

  GdiGetPageCount

  GdiGetSpoolMessage

  GetBrushOrgEx

  GetCharWidthI

  GetClipBox

  GetCurrentObject

  CreateHalftonePalette

  GetDeviceCaps

  GetEnhMetaFileA

  GetFontUnicodeRanges

  GetGlyphOutlineA

  GetHFONT

  GetICMProfileW

  GetLogColorSpaceW

  GetNearestPaletteIndex

  GetObjectW

  GetPaletteEntries

  GetPath

  GetStockObject

  GetTextMetricsW

  GetViewportOrgEx

  GetWindowExtEx

  IntersectClipRect

  PolyBezierTo

  PolyDraw

  PolyPolyline

  PolyTextOutW

  RectVisible

  RemoveFontMemResourceEx

  ResizePalette

  RestoreDC

  STROBJ_dwGetCodePage

  SaveDC

  SelectClipRgn

  SelectObject

  SelectPalette

  SetBkColor

  SetBkMode

  SetDeviceGammaRamp

  SetICMProfileW

  SetMiterLimit

  SetPaletteEntries

  SetROP2

  SetStretchBltMode

  SetTextColor

  SetViewportOrgEx

  StretchBlt

  StretchDIBits

  TextOutW

  GetColorSpace

  GetFontLanguageInfo

  GetROP2

  GetPolyFillMode

  GetBkColor

  StrokePath

  DeleteDC

  GetObjectType

  UnrealizeObject

  GetDIBits

  CreatePatternBrush

  GetTextColor

  advapi32

  OpenProcessToken

  RevertToSelf

  RegQueryValueExW

  RegOpenKeyExW

  RegQueryValueExA

  ImpersonateLoggedOnUser

  GetUserNameW

  RegOpenKeyW

  shell32

  Shell_NotifyIconA

  ShellExecuteW

  ShellAboutA

  SHLoadInProc

  SHIsFileAvailableOffline

  SHGetSpecialFolderPathW

  DragAcceptFiles

  DragQueryFileA

  DragQueryPoint

  ExtractIconExA

  ord680

  SHCreateDirectoryExW

  SHEmptyRecycleBinA

  SHFreeNameMappings

  SHGetDiskFreeSpaceA

  SHGetFolderLocation

  SHGetIconOverlayIndexA

  SHGetMalloc

  SHGetPathFromIDList

  SHGetSpecialFolderPathA

  WOWShellExecute

  ole32

  CoCreateInstance

  shlwapi

  StrRChrIA

  StrRStrIA

  StrRStrIW

  StrStrW

  StrCmpNIW

  StrChrIW

  comctl32

  _TrackMouseEvent

  wininet

  InternetCloseHandle

  InternetConnectW

  InternetOpenW

  FtpPutFileW

  Sections

  .text

  Size: 1.7MB - Virtual size: 1.7MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 21KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 81KB - Virtual size: 81KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ