General

Malware Config

Signatures

Files

• 7785760cf33381a6581c362b60420336_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  7083d7ccf2197a154396665584291397

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  TerminateProcess

  WaitForSingleObject

  CompareFileTime

  OpenProcess

  GetProcessTimes

  VirtualAlloc

  GetProcAddress

  GetTempPathW

  FlushFileBuffers

  GetModuleFileNameA

  LoadLibraryA

  GetTimeFormatA

  FileTimeToLocalFileTime

  GetLocalTime

  FileTimeToSystemTime

  WriteFile

  GetConsoleWindow

  GetDateFormatA

  UnmapViewOfFile

  CreateFileMappingW

  GlobalFree

  MapViewOfFile

  GetStdHandle

  OutputDebugStringA

  SetConsoleTitleA

  GetCurrentThreadId

  GetFileSize

  ExpandEnvironmentStringsW

  FindResourceA

  lstrcpyA

  EnumResourceLanguagesA

  FreeLibrary

  SizeofResource

  GetCurrentProcessId

  GetDateFormatW

  GetFileAttributesExW

  CloseHandle

  CreateFileW

  GlobalAlloc

  WriteConsoleW

  lstrcpynA

  DeleteFileW

  LoadResource

  InterlockedExchange

  CompareStringA

  lstrlenA

  GetLastError

  MultiByteToWideChar

  RaiseException

  GetVersion

  GetConsoleOutputCP

  WriteConsoleA

  SetStdHandle

  WideCharToMultiByte

  GetStringTypeW

  GetStringTypeA

  SetLastError

  GetModuleHandleA

  lstrcmpA

  GlobalLock

  LockResource

  GetLocaleInfoA

  ConvertDefaultLocale

  GetCurrentThread

  GlobalDeleteAtom

  FreeResource

  GlobalUnlock

  GetModuleFileNameW

  InterlockedDecrement

  GlobalAddAtomA

  GetVersionExA

  lstrcmpW

  GlobalFindAtomA

  GlobalGetAtomNameA

  MulDiv

  LocalAlloc

  LocalFree

  LeaveCriticalSection

  TlsGetValue

  EnterCriticalSection

  GlobalReAlloc

  GlobalHandle

  InitializeCriticalSection

  TlsAlloc

  TlsSetValue

  LocalReAlloc

  DeleteCriticalSection

  TlsFree

  WritePrivateProfileStringA

  GlobalFlags

  InterlockedIncrement

  GetThreadLocale

  ReadFile

  SetFilePointer

  SetEndOfFile

  GetCurrentProcess

  CreateFileA

  GetCPInfo

  GetOEMCP

  SetErrorMode

  HeapReAlloc

  HeapAlloc

  HeapFree

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetCommandLineA

  GetProcessHeap

  GetStartupInfoA

  RtlUnwind

  ExitProcess

  HeapSize

  HeapDestroy

  HeapCreate

  VirtualFree

  GetACP

  IsValidCodePage

  Sleep

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  QueryPerformanceCounter

  GetTickCount

  GetSystemTimeAsFileTime

  GetConsoleCP

  GetConsoleMode

  LCMapStringA

  LCMapStringW

  user32

  GetClassInfoExA

  GetSubMenu

  GetMenu

  UpdateWindow

  SetForegroundWindow

  MapWindowPoints

  GetMessagePos

  GetMessageTime

  GetTopWindow

  GetForegroundWindow

  GetPropA

  SetPropA

  GetClassNameA

  GetClassLongA

  GetCapture

  WinHelpA

  RegisterWindowMessageA

  TabbedTextOutA

  DrawTextA

  DrawTextExA

  GrayStringA

  ClientToScreen

  BeginPaint

  EndPaint

  GetClassInfoA

  GetSysColorBrush

  LoadCursorA

  UnregisterClassA

  DestroyMenu

  RegisterClassA

  GetSysColor

  CallWindowProcA

  CopyRect

  PtInRect

  SendDlgItemMessageA

  SystemParametersInfoA

  GetWindowPlacement

  ValidateRect

  GetWindowTextLengthA

  GetWindowTextA

  SetFocus

  GetDlgCtrlID

  IsIconic

  DrawIcon

  PostMessageA

  ReleaseDC

  GetWindowThreadProcessId

  LoadIconA

  EnableWindow

  SetClipboardData

  GetDC

  GetClientRect

  TranslateMessage

  GetWindowRect

  LookupIconIdFromDirectory

  GetMenuItemID

  SendInput

  GetSystemMetrics

  PostQuitMessage

  EnableMenuItem

  ModifyMenuA

  CreateWindowExA

  LoadBitmapA

  DispatchMessageA

  SendMessageA

  OpenClipboard

  DefWindowProcA

  FindWindowExA

  EmptyClipboard

  DeleteMenu

  RemovePropA

  SetRectEmpty

  EnumWindows

  IsClipboardFormatAvailable

  CopyImage

  MessageBoxA

  SetWindowLongA

  GetMessageA

  GetDlgItem

  AdjustWindowRectEx

  SetWindowPos

  CloseClipboard

  ShowWindow

  GetCursorPos

  PeekMessageA

  GetKeyState

  IsWindowVisible

  GetActiveWindow

  CallNextHookEx

  DialogBoxIndirectParamA

  wsprintfW

  GetMenuItemCount

  LoadImageA

  MoveWindow

  wsprintfA

  GetSystemMenu

  SetWindowTextA

  IsDialogMessageA

  SetWindowsHookExA

  CheckMenuItem

  GetMenuState

  GetParent

  GetFocus

  GetMenuCheckMarkDimensions

  SetMenuItemBitmaps

  EndDialog

  GetNextDlgTabItem

  IsWindowEnabled

  GetWindowLongA

  IsWindow

  DestroyWindow

  CreateDialogIndirectParamA

  SetActiveWindow

  GetDesktopWindow

  SetCursor

  GetWindow

  GetLastActivePopup

  UnhookWindowsHookEx

  gdi32

  SetMapMode

  GetTextExtentPoint32A

  GetTextMetricsA

  StretchBlt

  GetStockObject

  EndPage

  BitBlt

  GetPixel

  StartPage

  StartDocA

  TextOutA

  CreateBitmap

  GetObjectA

  SetTextColor

  SelectObject

  DeleteObject

  RestoreDC

  SaveDC

  SetBkColor

  GetClipBox

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  Escape

  ExtTextOutA

  RectVisible

  PtVisible

  SetBkMode

  GetDeviceCaps

  SetPixel

  DeleteDC

  CreateCompatibleDC

  FillRgn

  EndDoc

  CreateCompatibleBitmap

  advapi32

  RegOpenKeyExA

  RegDeleteKeyA

  RegEnumKeyA

  RegOpenKeyA

  RegQueryValueA

  RegCreateKeyExA

  RegSetValueExA

  RegOpenKeyExW

  RegCloseKey

  RegSetValueExW

  RegQueryValueExA

  shell32

  SHQueryRecycleBinA

  SHEmptyRecycleBinA

  SHParseDisplayName

  ShellExecuteA

  ole32

  CoGetClassObject

  CreateStreamOnHGlobal

  CoInitialize

  CoUninitialize

  oleaut32

  VariantChangeType

  VariantClear

  OleLoadPicture

  VariantInit

  comctl32

  ImageList_ReplaceIcon

  ImageList_Destroy

  ImageList_Create

  ImageList_Add

  InitCommonControlsEx

  shlwapi

  PathAppendA

  PathIsDirectoryW

  PathIsFileSpecW

  PathIsDirectoryEmptyW

  StrCmpNIA

  PathFindExtensionA

  PathFindFileNameA

  PathFileExistsW

  rstrtmgr

  RmRegisterResources

  RmGetList

  RmStartSession

  wininet

  FtpDeleteFileW

  netapi32

  NetServerGetInfo

  NetApiBufferFree

  avicap32

  capGetDriverDescriptionA

  msacm32

  acmDriverOpen

  activeds

  ord14

  winspool.drv

  ClosePrinter

  OpenPrinterA

  DocumentPropertiesA

  Sections

  .text

  Size: 216KB - Virtual size: 213KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 56KB - Virtual size: 54KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 23KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 164KB - Virtual size: 414KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ