General

Malware Config

Signatures

Files

• 67b8633cc78a57f489c0c5c38ed92757_JaffaCakes118

  .zip

  Password: infected

• CSGO cheat Injector.exe

  .exe windows:5 windows x86 arch:x86

  0ebb3c09b06b1666d307952e824c8697

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  wextract.pdb

  Imports

  advapi32

  FreeSid

  AllocateAndInitializeSid

  EqualSid

  GetTokenInformation

  OpenProcessToken

  AdjustTokenPrivileges

  LookupPrivilegeValueA

  RegCloseKey

  RegDeleteValueA

  RegOpenKeyExA

  RegSetValueExA

  RegQueryValueExA

  RegCreateKeyExA

  RegQueryInfoKeyA

  kernel32

  LocalFree

  LocalAlloc

  GetLastError

  GetCurrentProcess

  lstrlenA

  GetModuleFileNameA

  GetSystemDirectoryA

  _lclose

  _llseek

  _lopen

  WritePrivateProfileStringA

  GetWindowsDirectoryA

  CreateDirectoryA

  GetFileAttributesA

  ExpandEnvironmentStringsA

  lstrcpyA

  GlobalFree

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  IsDBCSLeadByte

  GetShortPathNameA

  GetPrivateProfileStringA

  GetPrivateProfileIntA

  lstrcmpiA

  RemoveDirectoryA

  FindClose

  FindNextFileA

  DeleteFileA

  SetFileAttributesA

  lstrcmpA

  FindFirstFileA

  FreeResource

  GetProcAddress

  LoadResource

  SizeofResource

  FindResourceA

  lstrcatA

  CloseHandle

  WriteFile

  SetFilePointer

  SetFileTime

  LocalFileTimeToFileTime

  DosDateTimeToFileTime

  SetCurrentDirectoryA

  GetTempFileNameA

  ExitProcess

  CreateFileA

  LoadLibraryExA

  lstrcpynA

  GetVolumeInformationA

  FormatMessageA

  GetCurrentDirectoryA

  GetVersionExA

  GetExitCodeProcess

  WaitForSingleObject

  CreateProcessA

  GetTempPathA

  GetSystemInfo

  CreateMutexA

  SetEvent

  CreateEventA

  CreateThread

  ResetEvent

  TerminateThread

  GetDriveTypeA

  GetModuleHandleA

  GetStartupInfoA

  GetCommandLineA

  QueryPerformanceCounter

  GetTickCount

  GetCurrentThreadId

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  ReadFile

  LoadLibraryA

  GetDiskFreeSpaceA

  MulDiv

  EnumResourceLanguagesA

  FreeLibrary

  LockResource

  gdi32

  GetDeviceCaps

  user32

  ExitWindowsEx

  wsprintfA

  CharNextA

  CharUpperA

  CharPrevA

  SetWindowLongA

  GetWindowLongA

  CallWindowProcA

  DispatchMessageA

  MsgWaitForMultipleObjects

  PeekMessageA

  SendMessageA

  SetWindowPos

  ReleaseDC

  GetDC

  GetWindowRect

  SendDlgItemMessageA

  GetDlgItem

  SetForegroundWindow

  SetWindowTextA

  MessageBoxA

  DialogBoxIndirectParamA

  ShowWindow

  EnableWindow

  GetDlgItemTextA

  EndDialog

  GetDesktopWindow

  MessageBeep

  SetDlgItemTextA

  LoadStringA

  GetSystemMetrics

  comctl32

  ord17

  version

  GetFileVersionInfoA

  VerQueryValueA

  GetFileVersionInfoSizeA

  Sections

  .text

  Size: 38KB - Virtual size: 38KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 3.2MB - Virtual size: 3.2MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ