General

Malware Config

Signatures

Files

• 834300d014ae6e65201ce04d091219fc_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  f2b3f7ea5fbf388ca44de995fb744c92

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  CreateFileMappingA

  CreateNamedPipeA

  MapUserPhysicalPages

  GetConsoleTitleA

  ReadConsoleInputA

  SetEndOfFile

  SetEnvironmentVariableA

  ReadConsoleW

  WriteConsoleW

  SetStdHandle

  CreateProcessA

  GetExitCodeProcess

  HeapReAlloc

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetModuleFileNameA

  VirtualProtect

  VirtualFree

  GetVersionExW

  UnregisterWaitEx

  InitializeSListHead

  ReleaseSemaphore

  QueryDepthSList

  InterlockedFlushSList

  InterlockedPushEntrySList

  InterlockedPopEntrySList

  SetFilePointerEx

  GetFileType

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  GetTimeZoneInformation

  GetStdHandle

  GetOEMCP

  GetACP

  IsValidCodePage

  HeapSize

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  GetTimeFormatW

  GetDateFormatW

  CreateSemaphoreW

  GetStartupInfoW

  TerminateProcess

  CreateEventA

  CreateMutexA

  SetLastError

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  UnregisterWait

  RegisterWaitForSingleObject

  SetThreadAffinityMask

  GetProcessAffinityMask

  GetNumaHighestNodeNumber

  GetModuleHandleW

  DeleteTimerQueueTimer

  ChangeTimerQueueTimer

  CreateTimerQueueTimer

  GetLogicalProcessorInformation

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  GetThreadPriority

  SetThreadPriority

  SwitchToThread

  SignalObjectAndWait

  WaitForSingleObjectEx

  SetEvent

  CreateTimerQueue

  GetCommandLineA

  AreFileApisANSI

  GetModuleHandleExW

  ExitProcess

  IsProcessorFeaturePresent

  IsDebuggerPresent

  CreateThread

  LoadLibraryExW

  GetModuleFileNameW

  FreeLibraryAndExitThread

  GetThreadTimes

  OutputDebugStringW

  GetCPInfo

  RtlUnwind

  RaiseException

  GetCurrentThread

  GetCurrentProcess

  DuplicateHandle

  GetSystemTimeAsFileTime

  DecodePointer

  EncodePointer

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  GetStringTypeW

  CreateEventW

  OpenMutexA

  lstrcatW

  MapViewOfFile

  ConnectNamedPipe

  ReadFile

  VirtualAlloc

  LocalFree

  LocalAlloc

  WaitForSingleObject

  QueryPerformanceCounter

  GetTickCount

  Sleep

  WriteFile

  GlobalAlloc

  GetCurrentThreadId

  GetCurrentProcessId

  GetProcessHeap

  HeapFree

  HeapAlloc

  VirtualQuery

  DeleteFileW

  GetFileAttributesExW

  CreateFileW

  GetModuleHandleA

  CloseHandle

  GetLastError

  LoadLibraryW

  GetProcAddress

  FreeLibrary

  WideCharToMultiByte

  MultiByteToWideChar

  InitializeCriticalSectionAndSpinCount

  SetConsoleMode

  user32

  UnregisterClassW

  RegisterClassExW

  IsWindow

  SetWindowPos

  WaitMessage

  PostMessageW

  PeekMessageW

  SetFocus

  GetKeyState

  EnableWindow

  IsWindowEnabled

  DispatchMessageW

  PostQuitMessage

  TranslateAcceleratorW

  UpdateWindow

  SetActiveWindow

  BeginPaint

  TranslateMessage

  GetWindowTextA

  GetWindowTextLengthA

  EnumChildWindows

  FindWindowA

  LoadCursorA

  LoadIconA

  LoadImageA

  GetWindowDC

  InsertMenuItemA

  DefWindowProcW

  TrackPopupMenu

  AppendMenuW

  EndPaint

  SetWindowTextW

  MessageBoxA

  ShowCursor

  SetCursor

  DestroyCaret

  SetCaretPos

  ScreenToClient

  GetMessageW

  SystemParametersInfoW

  ReleaseDC

  GetDC

  GetSubMenu

  EnableMenuItem

  WindowFromPoint

  GetClassLongW

  SetClassLongW

  GetDesktopWindow

  DestroyMenu

  CreatePopupMenu

  LoadMenuA

  IsClipboardFormatAvailable

  GetDlgItemTextA

  GetDlgItem

  DialogBoxParamA

  UpdateLayeredWindow

  CreateWindowExA

  RegisterClassA

  DefWindowProcA

  PostMessageA

  SendMessageA

  DispatchMessageA

  GetMessageA

  GetIconInfo

  DrawIconEx

  LoadImageW

  CreateIconFromResourceEx

  DestroyIcon

  FrameRect

  FillRect

  MessageBoxW

  GetAncestor

  SetParent

  GetParent

  ClientToScreen

  CreateCaret

  GetCursorPos

  GetWindowRect

  GetClientRect

  GetWindowTextLengthW

  GetWindowTextW

  InvalidateRect

  SetForegroundWindow

  GetForegroundWindow

  GetSystemMetrics

  ReleaseCapture

  SetCapture

  GetFocus

  IsWindowVisible

  MoveWindow

  ShowWindowAsync

  ShowWindow

  DestroyWindow

  CreateWindowExW

  SendMessageW

  IsDialogMessageW

  LoadIconW

  LoadCursorW

  GetWindow

  GetWindowThreadProcessId

  gdi32

  SelectObject

  LineTo

  GetTextExtentExPointW

  CreateSolidBrush

  SetDIBitsToDevice

  CreateCompatibleDC

  TextOutW

  GetObjectW

  SetBkMode

  BitBlt

  SetTextColor

  DeleteDC

  RemoveFontResourceExW

  AddFontResourceExW

  GetDeviceCaps

  DeleteObject

  CreateFontIndirectW

  Ellipse

  GetStockObject

  GetObjectA

  SetPixel

  GetTextMetricsW

  CreateDIBSection

  MoveToEx

  GdiFlush

  GetTextExtentPoint32W

  GetDIBits

  CreatePen

  CreateCompatibleBitmap

  comdlg32

  CommDlgExtendedError

  GetOpenFileNameA

  advapi32

  GetTokenInformation

  SetSecurityDescriptorOwner

  ConvertStringSidToSidA

  ConvertSidToStringSidA

  SetNamedSecurityInfoA

  RegOpenKeyExA

  RegCloseKey

  InitializeSecurityDescriptor

  shell32

  ShellExecuteW

  DragQueryFileA

  SHGetFileInfoW

  SHBrowseForFolderA

  Shell_NotifyIconA

  SHGetFolderPathW

  DragQueryFileW

  DragQueryPoint

  DragFinish

  ole32

  ReleaseStgMedium

  OleUninitialize

  CoTaskMemFree

  OleInitialize

  OleGetClipboard

  CoGetMalloc

  CreateBindCtx

  MkParseDisplayName

  StringFromCLSID

  oleaut32

  UnRegisterTypeLi

  LoadTypeLi

  ws2_32

  bind

  closesocket

  ioctlsocket

  WSAStartup

  WSAGetLastError

  WSAHtonl

  WSAHtons

  WSARecvFrom

  WSASendTo

  WSASocketA

  netapi32

  NetAddAlternateComputerName

  NetApiBufferFree

  NetWkstaTransportEnum

  NetWkstaUserEnum

  NetWkstaUserGetInfo

  NetWkstaSetInfo

  NetWkstaGetInfo

  crypt32

  CertGetNameStringA

  shlwapi

  ord14

  comctl32

  ord328

  pdh

  PdhConnectMachineW

  PdhComputeCounterStatistics

  PdhGetFormattedCounterValue

  PdhCollectQueryData

  gdiplus

  GdipCreateFromHDC

  GdipAlloc

  opengl32

  glMatrixMode

  glOrtho

  glViewport

  glLoadIdentity

  glu32

  gluLookAt

  urlmon

  URLDownloadToCacheFileA

  snmpapi

  SnmpUtilOidToA

  Sections

  .text

  Size: 770KB - Virtual size: 769KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 131KB - Virtual size: 130KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 27KB - Virtual size: 47KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 383KB - Virtual size: 382KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 34KB - Virtual size: 34KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ