General

Malware Config

Signatures

Files

• 9cb6c3818e22be770c5e598198ef9bd2_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  da904ab7f2dd569a5b457fb9ee2d5190

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_AGGRESIVE_WS_TRIM

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  IMAGE_FILE_SYSTEM

  PDB Paths

  H:\Browse\although\Good\practices1.pdb

  Imports

  kernel32

  ExpandEnvironmentStringsA

  GlobalAlloc

  OutputDebugStringA

  CancelIo

  DeviceIoControl

  WaitForSingleObject

  WriteFile

  GetLastError

  GetStringTypeW

  LCMapStringW

  HeapReAlloc

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  HeapSize

  Sleep

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  QueryPerformanceCounter

  GetFileType

  SetHandleCount

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  LoadLibraryW

  ExitProcess

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  GetStdHandle

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  GetCurrentThreadId

  SetLastError

  InterlockedIncrement

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  EncodePointer

  IsProcessorFeaturePresent

  HeapFree

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineA

  DecodePointer

  GetModuleHandleW

  GetProcAddress

  RtlUnwind

  RaiseException

  HeapCreate

  HeapAlloc

  LocalFree

  GetModuleFileNameA

  CloseHandle

  lstrcpyA

  CreateProcessA

  CreatePipe

  WaitForMultipleObjects

  GetModuleFileNameW

  lstrcpyW

  GetPrivateProfileSectionW

  GetPrivateProfileIntW

  lstrcmpiA

  SetProcessAffinityMask

  CreateFileA

  CreateIoCompletionPort

  ReadDirectoryChangesW

  GetQueuedCompletionStatus

  GetProcessHeap

  lstrcatA

  CreateDirectoryA

  MultiByteToWideChar

  InterlockedDecrement

  user32

  GetMenu

  GetMenuItemInfoA

  CheckMenuRadioItem

  GetDlgItem

  DrawMenuBar

  IsClipboardFormatAvailable

  EnumDisplayDevicesA

  DestroyWindow

  GetWindowTextA

  SetWindowTextA

  DefWindowProcA

  RegisterClassExA

  LoadIconA

  DefFrameProcA

  GetWindow

  GetDialogBaseUnits

  LoadCursorA

  CreateWindowExA

  IsWindow

  LoadStringA

  SetFocus

  SendMessageA

  GetClientRect

  ClientToScreen

  GetWindowRect

  PostQuitMessage

  GetLayeredWindowAttributes

  ScreenToClient

  FillRect

  SetRect

  ShowScrollBar

  MessageBoxA

  OemToCharA

  RegisterClassA

  CreateMenu

  InsertMenuA

  GetDlgCtrlID

  MsgWaitForMultipleObjects

  PeekMessageA

  GetMessageA

  GetFocus

  IsDialogMessageA

  TranslateMessage

  DispatchMessageA

  GetDC

  GetSystemMetrics

  SetWindowPos

  ReleaseDC

  InvalidateRect

  ShowWindow

  SetMenuItemInfoA

  BeginPaint

  EndPaint

  GetParent

  SetWindowLongA

  DefMDIChildProcA

  GetWindowLongA

  gdi32

  SelectPalette

  ExcludeClipRect

  CreateSolidBrush

  SelectClipRgn

  DeleteObject

  StartDocA

  StartPage

  TextOutA

  EndPage

  EndDoc

  DeleteDC

  CreateDCA

  GetTextExtentPoint32A

  StretchDIBits

  GetDeviceCaps

  EnumFontFamiliesA

  GetStockObject

  SelectObject

  Ellipse

  comdlg32

  PrintDlgA

  advapi32

  CryptAcquireContextA

  RegCreateKeyExW

  RegSetValueExW

  RegCloseKey

  shell32

  DragAcceptFiles

  DragQueryFileA

  DragFinish

  SHGetFolderPathW

  ole32

  CoSetProxyBlanket

  CoInitialize

  CoInitializeEx

  CoInitializeSecurity

  CoUninitialize

  CoCreateInstance

  CreateBindCtx

  oleaut32

  SysStringLen

  SysAllocString

  VariantInit

  VariantChangeType

  VariantClear

  GetErrorInfo

  SysFreeString

  shlwapi

  StrChrA

  wvnsprintfA

  wnsprintfA

  StrDupA

  AssocCreate

  PathFindExtensionW

  PathFindExtensionA

  PathFindFileNameA

  gdiplus

  GdipAlloc

  GdipDeletePen

  GdiplusStartup

  GdiplusShutdown

  GdipCreateFromHDC

  GdipDeleteGraphics

  GdipCreatePen1

  GdipFree

  wtsapi32

  WTSEnumerateProcessesA

  WTSFreeMemory

  sensapi

  IsNetworkAlive

  Sections

  .text

  Size: 60KB - Virtual size: 59KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 45KB - Virtual size: 44KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 212KB - Virtual size: 215KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .CTR

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .wdata

  Size: 6KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .flat

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .relou

  Size: 1024B - Virtual size: 515B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 87KB - Virtual size: 86KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ