Extracted

• 0c9bef0496980f1304a14e3fa7737146_JaffaCakes118

  .dll windows:5 windows x86 arch:x86

  c4b72340eb58a93ce30c6bb398fbcbce

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  iphlpapi

  GetBestRoute

  GetIpAddrTable

  ws2_32

  getnameinfo

  connect

  setsockopt

  ioctlsocket

  gethostbyaddr

  listen

  htons

  bind

  WSAGetLastError

  getaddrinfo

  sendto

  freeaddrinfo

  socket

  WSAIoctl

  accept

  htonl

  inet_addr

  WSAStartup

  WSACleanup

  inet_ntoa

  gethostbyname

  ntohs

  getsockname

  select

  __WSAFDIsSet

  closesocket

  send

  recv

  shlwapi

  PathCombineA

  StrCmpNA

  PathMatchSpecA

  StrStrIA

  wvnsprintfW

  wvnsprintfA

  ole32

  CoTaskMemFree

  CoCreateInstance

  CoInitialize

  CoInitializeSecurity

  CoInitializeEx

  CoUninitialize

  kernel32

  OpenEventA

  GetThreadContext

  GetTickCount

  GetWindowsDirectoryA

  SetEnvironmentVariableA

  GetModuleFileNameA

  GetSystemInfo

  VirtualAlloc

  WriteFile

  FlushFileBuffers

  LocalAlloc

  lstrcmpW

  GetFileAttributesW

  SetFileAttributesA

  CopyFileA

  ResumeThread

  GetExitCodeProcess

  lstrcpyW

  SetFilePointer

  lstrcpyA

  lstrlenA

  SetEvent

  CreateEventA

  lstrcmpA

  ResetEvent

  CreateMutexA

  SleepEx

  TerminateThread

  GetExitCodeThread

  DuplicateHandle

  GetCurrentThread

  GetCurrentProcess

  Sleep

  lstrcatA

  MoveFileA

  MoveFileExA

  GetLastError

  SetThreadPriority

  GetEnvironmentVariableA

  lstrcpynW

  lstrlenW

  lstrcatW

  lstrcmpiW

  DisconnectNamedPipe

  ReadFile

  ConnectNamedPipe

  CreateNamedPipeA

  ExitProcess

  CloseHandle

  WaitForSingleObject

  GetProcessId

  TerminateProcess

  GetCurrentProcessId

  CreateThread

  CreateEventW

  CreateFileA

  GetLocalTime

  LoadLibraryA

  GetComputerNameA

  DeleteFileA

  CreateDirectoryA

  DeleteFileW

  LeaveCriticalSection

  EnterCriticalSection

  WaitForMultipleObjects

  InitializeCriticalSection

  GetComputerNameW

  DeleteCriticalSection

  GetVersionExA

  lstrcmpiA

  HeapAlloc

  GetProcessHeap

  HeapReAlloc

  HeapFree

  QueryPerformanceCounter

  QueryPerformanceFrequency

  GetFileSize

  GetFileAttributesA

  HeapCreate

  GetProcAddress

  GetSystemTimeAsFileTime

  FreeLibrary

  SystemTimeToFileTime

  GetSystemTime

  MultiByteToWideChar

  GetModuleHandleA

  WideCharToMultiByte

  ReleaseMutex

  LoadResource

  SizeofResource

  FindResourceA

  lstrcpynA

  user32

  MessageBoxW

  CharUpperBuffA

  MessageBoxA

  DialogBoxParamA

  DialogBoxParamW

  GetWindowTextA

  GetWindowTextW

  GetWindowLongA

  FindWindowA

  PostMessageA

  advapi32

  GetTokenInformation

  RegCloseKey

  RegQueryInfoKeyA

  InitializeSecurityDescriptor

  SetSecurityDescriptorDacl

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  GetSecurityDescriptorSacl

  SetSecurityInfo

  GetSidSubAuthorityCount

  GetSidSubAuthority

  RegEnumKeyExA

  OpenThreadToken

  OpenProcessToken

  EqualSid

  CryptAcquireContextA

  GetUserNameW

  oleaut32

  SysFreeString

  VariantClear

  VariantInit

  Sections

  .text

  Size: 111KB - Virtual size: 110KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 30KB - Virtual size: 29KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 10KB - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 7KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ