General

Malware Config

Signatures

Files

• 009d9a1d33294da362f3e8a58c321fa4_JaffaCakes118

  .rar
• MyLink/MyLink.dll

  .dll windows:4 windows x86 arch:x86

  70f7b0655c9b05b2694c729e099c0332

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  e:\Work\SQLite3\SQLite3\release\sqlite3.pdb

  Imports

  kernel32

  MultiByteToWideChar

  CreateFileA

  WideCharToMultiByte

  GetFileSize

  FlushFileBuffers

  LoadLibraryW

  GetTempPathW

  Sleep

  GetLastError

  GetProcAddress

  UnlockFile

  GetCurrentThreadId

  LockFile

  TlsAlloc

  SetFilePointer

  LockFileEx

  GetVersionExW

  CloseHandle

  EnterCriticalSection

  GetSystemTimeAsFileTime

  TlsGetValue

  LeaveCriticalSection

  GetFileAttributesA

  DeleteFileW

  LoadLibraryA

  WriteFile

  GetFileAttributesW

  GetFullPathNameW

  SetEndOfFile

  GetTempPathA

  GetSystemTime

  GetFullPathNameA

  AreFileApisANSI

  ReadFile

  DeleteFileA

  FreeLibrary

  InitializeCriticalSection

  CreateFileW

  TlsSetValue

  InterlockedIncrement

  HeapFree

  HeapAlloc

  HeapReAlloc

  GetCommandLineA

  GetVersionExA

  GetProcessHeap

  HeapDestroy

  HeapCreate

  VirtualFree

  DeleteCriticalSection

  VirtualAlloc

  GetCPInfo

  InterlockedDecrement

  GetACP

  GetOEMCP

  IsValidCodePage

  GetModuleHandleA

  TlsFree

  SetLastError

  LCMapStringA

  LCMapStringW

  ExitProcess

  GetStdHandle

  GetModuleFileNameA

  HeapSize

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetTimeZoneInformation

  SetHandleCount

  GetFileType

  GetStartupInfoA

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  RtlUnwind

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  GetConsoleCP

  GetConsoleMode

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetStdHandle

  CompareStringA

  CompareStringW

  SetEnvironmentVariableA

  Exports

  Exports

  sqlite3_aggregate_context

  sqlite3_aggregate_count

  sqlite3_auto_extension

  sqlite3_bind_blob

  sqlite3_bind_double

  sqlite3_bind_int

  sqlite3_bind_int64

  sqlite3_bind_null

  sqlite3_bind_parameter_count

  sqlite3_bind_parameter_index

  sqlite3_bind_parameter_name

  sqlite3_bind_text

  sqlite3_bind_text16

  sqlite3_bind_value

  sqlite3_busy_handler

  sqlite3_busy_timeout

  sqlite3_changes

  sqlite3_clear_bindings

  sqlite3_close

  sqlite3_collation_needed

  sqlite3_collation_needed16

  sqlite3_column_blob

  sqlite3_column_bytes

  sqlite3_column_bytes16

  sqlite3_column_count

  sqlite3_column_database_name

  sqlite3_column_database_name16

  sqlite3_column_decltype

  sqlite3_column_decltype16

  sqlite3_column_double

  sqlite3_column_int

  sqlite3_column_int64

  sqlite3_column_name

  sqlite3_column_name16

  sqlite3_column_origin_name

  sqlite3_column_origin_name16

  sqlite3_column_table_name

  sqlite3_column_table_name16

  sqlite3_column_text

  sqlite3_column_text16

  sqlite3_column_type

  sqlite3_column_value

  sqlite3_commit_hook

  sqlite3_complete

  sqlite3_complete16

  sqlite3_create_collation

  sqlite3_create_collation16

  sqlite3_create_function

  sqlite3_create_function16

  sqlite3_create_module

  sqlite3_data_count

  sqlite3_db_handle

  sqlite3_declare_vtab

  sqlite3_enable_load_extension

  sqlite3_enable_shared_cache

  sqlite3_errcode

  sqlite3_errmsg

  sqlite3_errmsg16

  sqlite3_exec

  sqlite3_expired

  sqlite3_extended_result_codes

  sqlite3_finalize

  sqlite3_free

  sqlite3_free_table

  sqlite3_get_autocommit

  sqlite3_get_auxdata

  sqlite3_get_table

  sqlite3_global_recover

  sqlite3_interrupt

  sqlite3_key

  sqlite3_last_insert_rowid

  sqlite3_libversion

  sqlite3_libversion_number

  sqlite3_load_extension

  sqlite3_malloc

  sqlite3_mprintf

  sqlite3_open

  sqlite3_open16

  sqlite3_overload_function

  sqlite3_prepare

  sqlite3_prepare16

  sqlite3_prepare16_v2

  sqlite3_prepare_v2

  sqlite3_profile

  sqlite3_progress_handler

  sqlite3_realloc

  sqlite3_rekey

  sqlite3_reset

  sqlite3_reset_auto_extension

  sqlite3_result_blob

  sqlite3_result_double

  sqlite3_result_error

  sqlite3_result_error16

  sqlite3_result_int

  sqlite3_result_int64

  sqlite3_result_null

  sqlite3_result_text

  sqlite3_result_text16

  sqlite3_result_text16be

  sqlite3_result_text16le

  sqlite3_result_value

  sqlite3_rollback_hook

  sqlite3_set_authorizer

  sqlite3_set_auxdata

  sqlite3_sleep

  sqlite3_snprintf

  sqlite3_step

  sqlite3_table_column_metadata

  sqlite3_thread_cleanup

  sqlite3_total_changes

  sqlite3_trace

  sqlite3_transfer_bindings

  sqlite3_update_hook

  sqlite3_user_data

  sqlite3_value_blob

  sqlite3_value_bytes

  sqlite3_value_bytes16

  sqlite3_value_double

  sqlite3_value_int

  sqlite3_value_int64

  sqlite3_value_numeric_type

  sqlite3_value_text

  sqlite3_value_text16

  sqlite3_value_text16be

  sqlite3_value_text16le

  sqlite3_value_type

  sqlite3_vmprintf

  Sections

  .text

  Size: 332KB - Virtual size: 329KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 40KB - Virtual size: 38KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 8KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 4KB - Virtual size: 176B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 16KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• MyLink/MyLink.exe

  .exe windows:4 windows x86 arch:x86

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_BYTES_REVERSED_LO

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_BYTES_REVERSED_HI

  Sections

  CODE

  Size: 198KB - Virtual size: 504KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  DATA

  Size: 2KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  BSS

  Size: - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 4KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: - Virtual size: 40KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 14KB - Virtual size: 48KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .aspack

  Size: 11KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .adata

  Size: - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

• MyLink/readme.txt