General

Malware Config

Signatures

Files

• baa772483d520692faf5ac0bf05f7cfb_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  70a942ec0be84f9bc9246ff56cc3fc63

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_NO_BIND

  IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_AGGRESIVE_WS_TRIM

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_NET_RUN_FROM_SWAP

  PDB Paths

  K:\front\username\abstract\databas.pdb

  Imports

  kernel32

  HeapReAlloc

  HeapSize

  GetTimeZoneInformation

  GetStringTypeW

  LCMapStringW

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  QueryPerformanceCounter

  GetFileType

  SetHandleCount

  WideCharToMultiByte

  FreeEnvironmentStringsW

  GetModuleFileNameA

  GetModuleFileNameW

  GetStdHandle

  WriteFile

  LoadLibraryW

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  GetCurrentProcess

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  GetCurrentThreadId

  SetLastError

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  EncodePointer

  IsValidCodePage

  GetOEMCP

  GetACP

  InterlockedDecrement

  InterlockedIncrement

  GetCPInfo

  IsProcessorFeaturePresent

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineA

  DecodePointer

  ExitProcess

  GetModuleHandleW

  GetProcAddress

  RtlUnwind

  RaiseException

  CompareStringW

  lstrlenA

  FindResourceA

  LoadResource

  LockResource

  UnhandledExceptionFilter

  FreeResource

  SizeofResource

  lstrcmpiW

  GetProcessHeap

  HeapAlloc

  HeapFree

  GetUserDefaultLangID

  FindResourceExW

  lstrcmpiA

  GetLastError

  GetSystemTime

  HeapCreate

  CreateFileA

  GetFileInformationByHandle

  CloseHandle

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetEnvironmentStringsW

  GetStartupInfoA

  MultiByteToWideChar

  InitializeCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  Sleep

  GlobalLock

  GetModuleHandleA

  TerminateProcess

  SetEnvironmentVariableA

  user32

  LoadIconA

  LoadCursorA

  GetSysColorBrush

  CreateWindowExW

  UpdateWindow

  GetMessageA

  IsWindow

  DispatchMessageA

  DialogBoxParamA

  GetClassInfoExA

  AppendMenuA

  ShowWindow

  ReleaseDC

  GetMenu

  CreateMenu

  RegisterClassExA

  ShowCursor

  TranslateMessage

  GetDC

  SystemParametersInfoA

  SetScrollInfo

  BeginPaint

  GetScrollInfo

  EndPaint

  PostQuitMessage

  ScrollWindow

  DefWindowProcA

  SendMessageA

  GetClientRect

  InvalidateRect

  UnregisterHotKey

  GetParent

  MapVirtualKeyA

  GetKeyNameTextA

  DrawTextA

  LookupIconIdFromDirectory

  CreateIconFromResource

  GetWindow

  GetClassNameW

  SetMenu

  SendMessageW

  GetClassNameA

  DestroyMenu

  CreateWindowExA

  LoadBitmapA

  GetWindowRect

  BeginDeferWindowPos

  DeferWindowPos

  EndDeferWindowPos

  MessageBoxA

  GetMenuItemCount

  GetMenuStringA

  GetMenuItemID

  PostMessageA

  CopyRect

  GetWindowLongA

  GetGuiResources

  GetWindowDC

  IsWindowEnabled

  GetFocus

  ClientToScreen

  OffsetRect

  DestroyAcceleratorTable

  GetDlgItemTextW

  wsprintfA

  CreateDialogParamA

  SetRect

  GetDlgItem

  gdi32

  SetTextAlign

  TextOutA

  GetObjectA

  CreateFontIndirectA

  SetTextColor

  CreateRectRgn

  CombineRgn

  ExcludeClipRect

  CreateSolidBrush

  Ellipse

  EnumFontsA

  GetTextMetricsA

  Chord

  DeleteObject

  Pie

  SelectObject

  GetCurrentObject

  CreatePen

  advapi32

  GetOldestEventLogRecord

  OpenEventLogW

  ReadEventLogA

  shell32

  SHGetSpecialFolderLocation

  SHGetMalloc

  SHGetFileInfoA

  ole32

  CoInitialize

  CreateStreamOnHGlobal

  ReleaseStgMedium

  odbc32

  ord75

  ord24

  ord39

  ord12

  ord19

  ord7

  ord72

  ws2_32

  inet_addr

  avifil32

  AVIFileInit

  AVIFileOpenA

  avicap32

  capGetDriverDescriptionA

  msvfw32

  ICSendMessage

  ICClose

  ICCompressorChoose

  ICCompressorFree

  ICOpen

  ICGetInfo

  iphlpapi

  SendARP

  comctl32

  InitCommonControlsEx

  ord13

  ord17

  ImageList_LoadImageA

  ImageList_SetOverlayImage

  ImageList_GetIcon

  gdiplus

  GdiplusShutdown

  GdiplusStartup

  opengl32

  glClear

  glClearColor

  uxtheme

  DrawThemeBackground

  powrprof

  GetPwrCapabilities

  Sections

  .text

  Size: 70KB - Virtual size: 70KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 33KB - Virtual size: 32KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .basa

  Size: 163KB - Virtual size: 163KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .odata

  Size: 53KB - Virtual size: 52KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 9B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 101KB - Virtual size: 100KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ