General

Malware Config

Signatures

Files

• 039add69cbfa3c28a5ca55eef4e9abcb_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  bdd1d4b412b5ad96591c61e21b8109ca

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  d:\CCleaner\Piriform\CCleaner\Release\CCleaner.pdb

  Imports

  kernel32

  GetSystemDirectoryA

  GetWindowsDirectoryA

  GetModuleHandleA

  CompareStringA

  SetEnvironmentVariableA

  SetStdHandle

  GetConsoleOutputCP

  WriteConsoleA

  GetStringTypeA

  GetConsoleMode

  GetConsoleCP

  GetStartupInfoA

  GetFileType

  SetHandleCount

  GetCommandLineW

  GetCommandLineA

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetDateFormatA

  GetTimeFormatA

  GetTimeZoneInformation

  GetStdHandle

  HeapCreate

  FindClose

  LCMapStringA

  TlsFree

  TlsSetValue

  TlsAlloc

  TlsGetValue

  GetOEMCP

  GetLogicalDrives

  CreateThread

  ExitThread

  ExitProcess

  RtlUnwind

  IsDebuggerPresent

  UnhandledExceptionFilter

  TerminateProcess

  GetThreadLocale

  GetACP

  HeapSize

  HeapReAlloc

  HeapDestroy

  VirtualAlloc

  VirtualFree

  IsProcessorFeaturePresent

  InterlockedCompareExchange

  LocalAlloc

  GetSystemTime

  GetCurrentProcessId

  FormatMessageA

  GetFullPathNameA

  GetTempPathA

  DeleteFileA

  GetFileAttributesA

  CreateFileA

  UnlockFile

  LockFileEx

  SetErrorMode

  ResumeThread

  WaitForSingleObject

  GetUserDefaultLangID

  SetUnhandledExceptionFilter

  IsBadReadPtr

  VirtualProtect

  SetFilePointer

  GetFileSize

  ReadFile

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  GetLocaleInfoA

  LoadLibraryA

  GetModuleFileNameA

  GetExitCodeThread

  LocalFree

  MulDiv

  WriteFile

  RaiseException

  FlushFileBuffers

  QueryPerformanceFrequency

  QueryPerformanceCounter

  Sleep

  FreeLibrary

  InterlockedDecrement

  InterlockedIncrement

  DeleteCriticalSection

  InitializeCriticalSection

  SetLastError

  GetCurrentThreadId

  LockFile

  SetEndOfFile

  AreFileApisANSI

  GetProcessHeap

  HeapAlloc

  HeapFree

  OpenProcess

  MoveFileExW

  GetSystemTimeAsFileTime

  SetEvent

  GetTickCount

  GetCurrentThread

  GlobalMemoryStatus

  GetSystemInfo

  GetVersionExA

  GetLastError

  GetCurrentProcess

  FlushInstructionCache

  LeaveCriticalSection

  EnterCriticalSection

  InterlockedExchange

  CloseHandle

  LoadResource

  LockResource

  SizeofResource

  advapi32

  FreeSid

  GetSidSubAuthorityCount

  GetSidIdentifierAuthority

  IsValidSid

  AllocateAndInitializeSid

  RegCloseKey

  RegNotifyChangeKeyValue

  GetTokenInformation

  OpenProcessToken

  LookupPrivilegeValueW

  EqualSid

  OpenThreadToken

  CopySid

  GetLengthSid

  LookupAccountNameW

  LookupAccountSidW

  AdjustTokenPrivileges

  GetSidSubAuthority

  user32

  FillRect

  GetClientRect

  UnregisterClassA

  OpenClipboard

  EmptyClipboard

  CloseClipboard

  GetMenuItemID

  SystemParametersInfoA

  GetWindowPlacement

  GetSystemMetrics

  ShowWindow

  GetScrollPos

  DestroyCursor

  FrameRect

  MsgWaitForMultipleObjects

  GetMessageA

  DispatchMessageA

  MessageBoxA

  WindowFromPoint

  DrawEdge

  AdjustWindowRectEx

  GetMenu

  PostQuitMessage

  DrawFocusRect

  CopyRect

  SetMenuDefaultItem

  DestroyIcon

  LockWindowUpdate

  IsZoomed

  IsIconic

  SetRect

  GetCursorPos

  OffsetRect

  GetDesktopWindow

  GetWindow

  EndDialog

  GetActiveWindow

  GetFocus

  IsWindowEnabled

  GetCapture

  GetWindowDC

  PtInRect

  ReleaseCapture

  SetCapture

  GetKeyState

  SetCursor

  GetSysColorBrush

  GetParent

  ClientToScreen

  SetRectEmpty

  TrackPopupMenu

  ReleaseDC

  IsWindow

  DestroyMenu

  SetFocus

  KillTimer

  SetTimer

  RedrawWindow

  InvalidateRect

  UpdateWindow

  GetDC

  ScreenToClient

  GetWindowRect

  BringWindowToTop

  MoveWindow

  InflateRect

  CreatePopupMenu

  GetMessagePos

  MapWindowPoints

  TranslateMessage

  GetSysColor

  IsWindowVisible

  OpenIcon

  SetForegroundWindow

  EndPaint

  BeginPaint

  GetDlgCtrlID

  DestroyWindow

  SetWindowPos

  GetDlgItem

  gdi32

  CreateDIBSection

  BitBlt

  StretchBlt

  SetTextColor

  CreateSolidBrush

  DeleteObject

  CreateCompatibleBitmap

  SetViewportOrgEx

  SelectObject

  GetDIBColorTable

  CreateCompatibleDC

  DeleteDC

  SetBkColor

  CreateRectRgn

  GetDeviceCaps

  GetStockObject

  PatBlt

  CreatePatternBrush

  CreateBitmap

  SelectClipRgn

  ExcludeClipRect

  CreateRectRgnIndirect

  CombineRgn

  Ellipse

  CreatePen

  MoveToEx

  LineTo

  BeginPath

  EndPath

  StrokeAndFillPath

  GetClipRgn

  SetBkMode

  ole32

  CoTaskMemAlloc

  CoTaskMemRealloc

  CoCreateInstance

  CoTaskMemFree

  OleUninitialize

  OleInitialize

  RegisterDragDrop

  RevokeDragDrop

  DoDragDrop

  OleDuplicateData

  ReleaseStgMedium

  CoUninitialize

  CoInitialize

  oleaut32

  VarUI4FromStr

  VarBstrFromR8

  SysFreeString

  shlwapi

  PathRemoveFileSpecW

  PathCombineW

  PathIsDirectoryW

  PathAppendW

  PathRemoveFileSpecA

  PathCompactPathW

  PathFileExistsW

  PathStripPathA

  PathMatchSpecW

  comctl32

  ImageList_Remove

  ImageList_Create

  ImageList_Draw

  ImageList_GetIconSize

  _TrackMouseEvent

  ImageList_Destroy

  ImageList_ReplaceIcon

  ImageList_GetIcon

  ImageList_GetImageCount

  InitCommonControlsEx

  Sections

  .text

  Size: 780KB - Virtual size: 776KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 104KB - Virtual size: 101KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data

  Size: 56KB - Virtual size: 66KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 308KB - Virtual size: 308KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE