General

Malware Config

Signatures

Files

• 6bf45b695c31bf5dbc059dad692e6ad1_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  706ffed85e83ed5ae45f995e942bd0f8

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  her2$je.Pdb

  Imports

  urlmon

  GetClassFileOrMime

  kernel32

  VirtualFreeEx

  GetLastError

  GetCommState

  FreeConsole

  VirtualFree

  GetPrivateProfileStringA

  GetSystemWindowsDirectoryW

  GetComputerNameExW

  FormatMessageA

  lstrcmpiW

  GetComputerNameW

  GetStdHandle

  EnumSystemCodePagesW

  LocalFlags

  GetDynamicTimeZoneInformation

  GetSystemTimes

  SetConsoleHistoryInfo

  EnumSystemCodePagesA

  GetProfileIntA

  GetLogicalDrives

  DeleteAtom

  lstrcmpA

  GetPrivateProfileStructA

  EraseTape

  FindFirstChangeNotificationW

  FindNextVolumeMountPointW

  ExpandEnvironmentStringsA

  DefineDosDeviceW

  GetVolumeNameForVolumeMountPointW

  WriteProfileStringA

  DecodePointer

  WriteProfileStringW

  LoadResource

  GetCalendarInfoW

  GetProfileStringW

  WriteProcessMemory

  lstrcpyA

  GetProfileSectionW

  GetCurrentThread

  FlushConsoleInputBuffer

  GetCurrentProcess

  GetProcessTimes

  GetStringTypeW

  GetUserDefaultLCID

  GetTempPathA

  GetStringTypeExA

  GetOverlappedResult

  EscapeCommFunction

  GetFileType

  GetVolumeInformationA

  GetMailslotInfo

  GetDriveTypeW

  GetFileAttributesA

  FindCloseChangeNotification

  GetQueuedCompletionStatus

  GetProcessId

  DeleteFileW

  lz32

  LZSeek

  comdlg32

  GetOpenFileNameA

  gdi32

  DeleteDC

  GetSystemPaletteEntries

  GdiSetBatchLimit

  FillRgn

  DeleteObject

  EqualRgn

  LineDDA

  GetCharWidth32A

  GetCharWidthFloatA

  GetMetaFileA

  GetTextExtentPointW

  ExtCreatePen

  GetTextExtentPoint32W

  GdiFlush

  GetWorldTransform

  ExtCreateRegion

  GdiComment

  FillPath

  GetMiterLimit

  GetFontData

  GetRandomRgn

  GetDeviceCaps

  GetViewportExtEx

  GetTextColor

  mscms

  GetStandardColorSpaceProfileW

  oleaut32

  GetRecordInfoFromGuids

  GetRecordInfoFromTypeInfo

  winspool.drv

  FindClosePrinterChangeNotification

  GetPrinterW

  shell32

  ExtractIconW

  FindExecutableA

  clusapi

  GetClusterFromResource

  msvcrt

  strtol

  fwprintf

  tolower

  fwrite

  vfprintf

  memset

  strcmp

  strcspn

  secur32

  DecryptMessage

  EnumerateSecurityPackagesW

  advapi32

  GetFileSecurityA

  IsValidSid

  FreeEncryptionCertificateHashList

  InitiateSystemShutdownA

  GetSecurityDescriptorOwner

  GetWindowsAccountDomainSid

  InitializeSid

  InitiateSystemShutdownExW

  GetOldestEventLogRecord

  LogonUserExW

  GetSidSubAuthority

  GetEventLogInformation

  user32

  GetDlgItemTextA

  GetUserObjectSecurity

  DrawFocusRect

  LoadIconA

  DeferWindowPos

  DefDlgProcA

  GetMenuStringW

  GetCursorInfo

  GetWindowTextW

  DrawTextExW

  FindWindowExW

  GetDialogBaseUnits

  DestroyCaret

  GetWindowTextA

  GetTopWindow

  DrawIconEx

  GetRawInputDeviceList

  GetMessageW

  LoadImageW

  GetTitleBarInfo

  GetMenuBarInfo

  GetMessageExtraInfo

  GetSysColor

  GetClipboardSequenceNumber

  DestroyAcceleratorTable

  GetProcessDefaultLayout

  GetClassInfoExW

  GetClassNameW

  GetWindowLongW

  GetMenuItemID

  DrawMenuBar

  GetWindowTextLengthW

  GetScrollRange

  EnumWindows

  FindWindowA

  LoadImageA

  DefWindowProcA

  Sections

  .text

  Size: 508KB - Virtual size: 505KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 52KB - Virtual size: 57KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 8KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 4KB - Virtual size: 816B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ