General

Malware Config

Signatures

Files

• 7c4620b8f4d5bd8b8e73bb7a0f4307e4_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  7d9b1b19907cf4fdfc167c9f2eb4f4bb

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_AGGRESIVE_WS_TRIM

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_NET_RUN_FROM_SWAP

  PDB Paths

  R:\shared\conscious\reconfiguratio.pdb

  Imports

  kernel32

  GetCurrentThreadId

  GetCurrentProcessId

  lstrcpyA

  CloseHandle

  CreateFileW

  IsProcessorFeaturePresent

  HeapReAlloc

  WriteConsoleW

  SetStdHandle

  HeapSize

  LoadLibraryW

  RtlUnwind

  GetStringTypeW

  LCMapStringW

  Sleep

  HeapFree

  LeaveCriticalSection

  GetConsoleMode

  GetConsoleCP

  SetFilePointer

  RaiseException

  GetSystemTimeAsFileTime

  QueryPerformanceCounter

  HeapCreate

  DeleteCriticalSection

  GetFileType

  InitializeCriticalSectionAndSpinCount

  SetHandleCount

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetModuleFileNameA

  GetModuleFileNameW

  GetStdHandle

  WriteFile

  LoadLibraryA

  FindClose

  GetProcAddress

  GetLastError

  FindFirstFileA

  lstrlenW

  lstrcatA

  WideCharToMultiByte

  MultiByteToWideChar

  GlobalAlloc

  GetTickCount

  HeapAlloc

  lstrlenA

  SetLastError

  GetModuleHandleW

  TlsFree

  TlsSetValue

  FlushFileBuffers

  TlsGetValue

  TlsAlloc

  IsValidCodePage

  GetOEMCP

  GetACP

  EnterCriticalSection

  ExitProcess

  InterlockedDecrement

  InterlockedIncrement

  GetCPInfo

  EncodePointer

  DecodePointer

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineA

  user32

  CopyRect

  DrawFrameControl

  SetWindowTextA

  GetSystemMetrics

  DefMDIChildProcA

  ShowScrollBar

  IsDlgButtonChecked

  CreatePopupMenu

  ClientToScreen

  GetWindowRect

  GetWindowDC

  DrawTextA

  GetFocus

  IsWindowEnabled

  ShowWindow

  SendMessageA

  BeginPaint

  GetClientRect

  GetWindowTextA

  TrackPopupMenuEx

  CreateWindowExA

  ReleaseDC

  GetDlgItem

  EndDialog

  DefWindowProcA

  GetCursorPos

  gdi32

  DeleteDC

  DeleteObject

  SelectObject

  CreateCompatibleDC

  CreateCompatibleBitmap

  CreateRectRgn

  advapi32

  AddAccessAllowedAce

  shell32

  SHGetFolderPathW

  comctl32

  ord17

  gdiplus

  GdipCreateBitmapFromFile

  GdipDisposeImage

  GdipCreateHBITMAPFromBitmap

  uxtheme

  DrawThemeBackground

  powrprof

  GetPwrCapabilities

  Sections

  .text

  Size: 59KB - Virtual size: 59KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 18KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 211KB - Virtual size: 218KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .flat

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .edata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .ddata

  Size: 512B - Virtual size: 481B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 90KB - Virtual size: 90KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ