General

Malware Config

Signatures

Files

• 65850b1967d55b661db5a80112645363_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  2d2916be16a5d61eab67c95c6bc8187e

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetLastError

  SetLastError

  GetCurrentThreadId

  DecodePointer

  ExitProcess

  GetModuleHandleExW

  GetProcAddress

  MultiByteToWideChar

  WideCharToMultiByte

  GetProcessHeap

  GetStdHandle

  GetFileType

  DeleteCriticalSection

  GetStartupInfoW

  GetModuleFileNameW

  WriteFile

  QueryPerformanceCounter

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  GetEnvironmentStringsW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  InitializeCriticalSectionAndSpinCount

  Sleep

  GetCurrentProcess

  TerminateProcess

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  EncodePointer

  GetModuleHandleW

  IsDebuggerPresent

  IsValidCodePage

  GetACP

  GetOEMCP

  EnterCriticalSection

  LeaveCriticalSection

  HeapFree

  RtlUnwind

  GetStringTypeW

  HeapAlloc

  HeapReAlloc

  HeapSize

  LCMapStringW

  FlushFileBuffers

  GetConsoleCP

  GetConsoleMode

  SetStdHandle

  WriteConsoleW

  CloseHandle

  CreateFileW

  IsProcessorFeaturePresent

  RaiseException

  GetCommandLineW

  GetConsoleWindow

  GetCPInfo

  BuildCommDCBW

  FindNextFileW

  FindFirstFileW

  OutputDebugStringW

  LoadLibraryExW

  CreateEventW

  FormatMessageW

  FileTimeToSystemTime

  SystemTimeToTzSpecificLocalTime

  MulDiv

  SetFilePointerEx

  SetEndOfFile

  ReadFile

  WaitForMultipleObjects

  ReleaseSemaphore

  FreeEnvironmentStringsW

  VirtualAlloc

  LocalAlloc

  GlobalAlloc

  user32

  DdeCreateDataHandle

  ActivateKeyboardLayout

  DefWindowProcW

  GetWindowPlacement

  UnpackDDElParam

  GetMenuBarInfo

  GetCursorInfo

  GetScrollInfo

  CopyIcon

  CreateIcon

  FindWindowExW

  FillRect

  GetClipCursor

  GetWindowTextW

  ShowScrollBar

  DrawTextW

  EndMenu

  GetMenuItemID

  ToAsciiEx

  CharLowerW

  GetDialogBaseUnits

  CheckDlgButton

  GetDlgItemInt

  advapi32

  RegQueryInfoKeyW

  mprapi

  MprConfigServerDisconnect

  MprConfigTransportDelete

  MprConfigInterfaceDelete

  MprConfigInterfaceGetHandle

  winspool.drv

  EndPagePrinter

  AddFormW

  crypt32

  CryptEncodeObject

  CryptDecodeObject

  CryptMsgClose

  CryptMsgGetParam

  CertOpenStore

  CertEnumCertificatesInStore

  CertCreateCertificateContext

  CertSetCertificateContextProperty

  CertGetCertificateContextProperty

  CertAddEncodedCertificateToStore

  CertAddCertificateContextToStore

  CertFreeCTLContext

  CertControlStore

  CertGetPublicKeyLength

  CryptHashCertificate

  CertFindExtension

  CryptExportPublicKeyInfo

  CryptAcquireCertificatePrivateKey

  CryptHashPublicKeyInfo

  CryptProtectData

  CertFreeCertificateChain

  CertVerifyCertificateChainPolicy

  Sections

  .text

  Size: 104KB - Virtual size: 103KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 787KB - Virtual size: 7.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .xdata

  Size: 1024B - Virtual size: 724B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .16a4d3

  Size: 780KB - Virtual size: 780KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .7055

  Size: 682KB - Virtual size: 682KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .hl6yl

  Size: 387KB - Virtual size: 387KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .o79lo

  Size: 215KB - Virtual size: 214KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 362KB - Virtual size: 362KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ