Extracted

• d199468856457236221f132c8a222a1d_JaffaCakes118

  .exe windows:5 windows x64 arch:x64

  140da9497c64c97d807ac3f7eba8885c

  
  

  Code Sign

  38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5

  Certificate

  Issuer

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Not Before

  15/06/2007, 00:00

  Not After

  14/06/2012, 23:59

  Subject

  CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4

  Certificate

  Issuer

  CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

  Not Before

  04/12/2003, 00:00

  Not After

  03/12/2013, 23:59

  Subject

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  41:12:e6:32:c7:b1:8a:02:9a:3a:1f:ac:80:3a:b8:9f

  Certificate

  Issuer

  CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

  Not Before

  04/03/2010, 00:00

  Not After

  18/04/2013, 23:59

  Subject

  CN=Sysinternals,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Headquarters,O=Sysinternals,L=Austin,ST=Texas,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c

  Certificate

  Issuer

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Not Before

  21/05/2009, 00:00

  Not After

  20/05/2019, 23:59

  Subject

  CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  7f:62:99:20:4d:4e:06:93:b6:86:70:35:ab:c5:c1:89:9f:f6:2a:8d

  Signer

  Actual PE Digest

  7f:62:99:20:4d:4e:06:93:b6:86:70:35:ab:c5:c1:89:9f:f6:2a:8d

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  PDB Paths

  c:\src\ProcExp\exe\x64\Release\procexp.pdb

  Imports

  ws2_32

  getservbyport

  WSAStartup

  htons

  ntohs

  ntohl

  gethostbyaddr

  htonl

  mpr

  WNetGetConnectionA

  comctl32

  CreateToolbarEx

  CreatePropertySheetPageA

  ord6

  PropertySheetA

  ord17

  ImageList_Create

  ImageList_ReplaceIcon

  ImageList_DrawEx

  ImageList_Destroy

  InitCommonControlsEx

  version

  GetFileVersionInfoSizeA

  VerQueryValueA

  GetFileVersionInfoA

  credui

  CredUIPromptForCredentialsA

  kernel32

  LoadResource

  FindResourceA

  CreateFileA

  SetLastError

  GetCommandLineW

  CreateEventA

  OpenEventA

  GetTickCount

  lstrcatA

  HeapFree

  lstrcpyA

  HeapAlloc

  GetProcessHeap

  GetDateFormatA

  ReadProcessMemory

  lstrcmpA

  lstrcmpiA

  GetEnvironmentVariableA

  MulDiv

  CreateProcessA

  ExpandEnvironmentStringsA

  SearchPathA

  GetFileAttributesA

  GetNumberFormatA

  lstrcpynA

  GetSystemDirectoryA

  VirtualQueryEx

  OpenProcess

  SetFilePointer

  ReadFile

  QueryPerformanceFrequency

  QueryPerformanceCounter

  ResetEvent

  LoadLibraryW

  UnmapViewOfFile

  IsBadReadPtr

  MapViewOfFile

  CreateFileMappingA

  PulseEvent

  GlobalMemoryStatus

  WaitForMultipleObjects

  SetErrorMode

  GetCurrentProcessId

  TerminateProcess

  SetPriorityClass

  FindClose

  FindFirstFileA

  SetEnvironmentVariableA

  GlobalUnlock

  GlobalAlloc

  GlobalLock

  GlobalReAlloc

  DeleteFileA

  SetProcessWorkingSetSize

  GetLocaleInfoA

  GetComputerNameW

  SizeofResource

  IsWow64Process

  GetProcessId

  Sleep

  DeviceIoControl

  GetDriveTypeA

  GetCurrentDirectoryA

  GetFileTime

  GetExitCodeThread

  DuplicateHandle

  GetCurrentThread

  GetProcessAffinityMask

  VirtualFree

  VirtualAlloc

  GetThreadContext

  GetProcessWorkingSetSize

  MultiByteToWideChar

  GlobalAddAtomA

  GetSystemInfo

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetFileType

  SetHandleCount

  GetStringTypeW

  GetStringTypeA

  LCMapStringW

  LCMapStringA

  GetConsoleMode

  GetConsoleCP

  HeapSize

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  FlsAlloc

  FlsFree

  FlsSetValue

  FlsGetValue

  DecodePointer

  EncodePointer

  GetStdHandle

  WriteFile

  ExitProcess

  GetModuleHandleW

  HeapCreate

  HeapSetInformation

  GetStartupInfoA

  GetCommandLineA

  ResumeThread

  CreateThread

  GetCurrentThreadId

  ExitThread

  RtlUnwindEx

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlPcToFileHeader

  HeapReAlloc

  RaiseException

  LockResource

  GetCurrentProcess

  IsBadStringPtrA

  lstrlenA

  InitializeCriticalSection

  GetSystemTimeAsFileTime

  DeleteCriticalSection

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  GetTimeFormatA

  EnterCriticalSection

  LeaveCriticalSection

  SetEvent

  GetModuleHandleA

  WaitForSingleObject

  TerminateThread

  InitializeCriticalSectionAndSpinCount

  WideCharToMultiByte

  CreateToolhelp32Snapshot

  Module32First

  CloseHandle

  Module32Next

  GetVersion

  FreeLibrary

  LoadLibraryA

  GetProcAddress

  GetLastError

  LocalFree

  LocalAlloc

  GetModuleFileNameA

  SetStdHandle

  FlushFileBuffers

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetEndOfFile

  FormatMessageA

  GetEnvironmentStringsW

  user32

  CloseClipboard

  SetClipboardData

  EmptyClipboard

  OpenClipboard

  DrawMenuBar

  RemoveMenu

  CreateMenu

  RegisterWindowMessageA

  GetDesktopWindow

  GetDlgCtrlID

  SendMessageTimeoutA

  GetWindow

  GetUserObjectSecurity

  SetUserObjectSecurity

  GetKeyState

  CheckRadioButton

  MsgWaitForMultipleObjects

  PeekMessageA

  ScrollWindowEx

  SetScrollInfo

  GetScrollInfo

  IntersectRect

  GetClassLongPtrA

  GetUpdateRgn

  ReleaseCapture

  GetDlgItemTextA

  CheckMenuRadioItem

  CheckMenuItem

  PostQuitMessage

  DrawIconEx

  LoadMenuA

  InsertMenuA

  TrackPopupMenu

  GetCapture

  ExitWindowsEx

  DrawEdge

  wsprintfA

  ShowWindowAsync

  SetForegroundWindow

  FindWindowExA

  IsIconic

  GetWindowDC

  SetMenuItemInfoA

  SetClassLongA

  FillRect

  EnumWindows

  GetWindowThreadProcessId

  GetWindowTextA

  DeleteMenu

  EnableWindow

  CheckDlgButton

  IsDlgButtonChecked

  GetWindowPlacement

  ModifyMenuA

  CreatePopupMenu

  AppendMenuA

  TrackPopupMenuEx

  GetMenu

  GetSubMenu

  GetMenuItemCount

  GetMenuItemID

  EnableMenuItem

  DestroyIcon

  FrameRect

  GetDoubleClickTime

  InvalidateRgn

  MessageBoxA

  SetFocus

  WindowFromPoint

  RedrawWindow

  LoadAcceleratorsA

  GetMessageA

  TranslateAcceleratorA

  IsDialogMessageA

  TranslateMessage

  DispatchMessageA

  SetCapture

  CreateDialogParamA

  KillTimer

  LoadStringA

  LoadIconA

  LoadImageA

  RegisterClassExA

  RegisterClassA

  FindWindowA

  SetWindowPlacement

  UpdateWindow

  DialogBoxIndirectParamA

  SetWindowTextA

  InflateRect

  DefFrameProcA

  DefMDIChildProcA

  DefDlgProcA

  ClientToScreen

  SystemParametersInfoA

  CreateIconIndirect

  MapWindowPoints

  DestroyWindow

  CreateWindowExA

  IsWindowVisible

  GetFocus

  DrawTextA

  GetDC

  ReleaseDC

  PostMessageA

  SendMessageA

  ShowWindow

  GetCursorPos

  SetWindowPos

  SetWindowLongA

  IsZoomed

  PtInRect

  BeginPaint

  EndPaint

  DrawFrameControl

  CallWindowProcA

  CopyRect

  GetWindowLongPtrA

  SetWindowLongPtrA

  SetPropA

  GetPropA

  BeginDeferWindowPos

  EnumChildWindows

  EndDeferWindowPos

  GetClientRect

  GetSystemMetrics

  OffsetRect

  UnionRect

  GetParent

  GetClassNameA

  GetWindowLongA

  DeferWindowPos

  ScreenToClient

  DefWindowProcA

  DialogBoxParamA

  EndDialog

  ChildWindowFromPoint

  GetDlgItem

  InvalidateRect

  SetCursor

  GetSysColorBrush

  GetSysColor

  GetWindowRect

  MoveWindow

  SetDlgItemTextA

  LoadCursorA

  SetTimer

  gdi32

  SetTextColor

  SelectObject

  CreateCompatibleBitmap

  LineTo

  MoveToEx

  GetTextMetricsA

  Polyline

  GetBkColor

  SelectClipRgn

  CreateRectRgnIndirect

  RectInRegion

  CreateRectRgn

  SaveDC

  SetROP2

  CreatePen

  Rectangle

  GetStockObject

  GetObjectA

  SetTextAlign

  CreateFontIndirectA

  ExtTextOutA

  GetTextExtentPoint32A

  CreateSolidBrush

  GetDeviceCaps

  SetMapMode

  StartDocA

  StartPage

  EndPage

  EndDoc

  SetBkColor

  BitBlt

  CreateDIBSection

  CreateCompatibleDC

  DeleteDC

  DeleteObject

  SetBkMode

  RestoreDC

  comdlg32

  ChooseFontA

  GetOpenFileNameA

  ChooseColorA

  GetSaveFileNameA

  FindTextA

  PrintDlgA

  shell32

  SHGetMalloc

  SHGetSpecialFolderLocation

  SHBrowseForFolderA

  SHGetPathFromIDListA

  ShellExecuteExA

  Shell_NotifyIconA

  ShellExecuteA

  SHGetFileInfoA

  ole32

  CoCreateInstance

  CoInitialize

  CoUninitialize

  CoSetProxyBlanket

  oleaut32

  SysFreeString

  VariantClear

  VariantInit

  SafeArrayGetElement

  VariantChangeType

  SafeArrayDestroy

  SysStringLen

  SafeArrayAccessData

  SafeArrayGetUBound

  SafeArrayGetLBound

  SysAllocStringByteLen

  SysAllocStringLen

  SysAllocString

  SafeArrayUnaccessData

  Sections

  .text

  Size: 486KB - Virtual size: 485KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 110KB - Virtual size: 110KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 24KB - Virtual size: 149KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 22KB - Virtual size: 21KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 193KB - Virtual size: 193KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ