Extracted

• dcc5643cbf7c3af0eb57e2473eecbb68_JaffaCakes118

  .dll windows:4 windows x86 arch:x86

  fc34ded10b4ffe0c0a7a5c6c5f69b11a

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetACP

  OpenProcess

  GetCurrentThread

  DuplicateHandle

  FlushFileBuffers

  ReleaseMutex

  CreateMutexA

  CreateRemoteThread

  WriteProcessMemory

  VirtualAllocEx

  FormatMessageA

  WaitForMultipleObjects

  OpenEventA

  ResetEvent

  GetVolumeInformationA

  GetVersionExA

  RemoveDirectoryA

  DeviceIoControl

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  CreateDirectoryA

  GetWindowsDirectoryA

  GetProcessHeap

  GetFullPathNameA

  LocalFree

  GetShortPathNameA

  TerminateProcess

  CompareStringW

  CompareStringA

  WriteConsoleW

  GetComputerNameA

  WriteConsoleA

  SetStdHandle

  GetConsoleMode

  GetConsoleCP

  GetLocaleInfoA

  QueryPerformanceCounter

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetStartupInfoA

  GetFileType

  SetHandleCount

  GetStringTypeW

  GetStringTypeA

  HeapSize

  HeapReAlloc

  VirtualAlloc

  VirtualFree

  ExitProcess

  GetStdHandle

  LCMapStringW

  LCMapStringA

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetOEMCP

  GetCPInfo

  TlsFree

  TlsSetValue

  TlsAlloc

  TlsGetValue

  GetCommandLineA

  GetDateFormatA

  GetTimeFormatA

  RaiseException

  GetDriveTypeA

  CreateThread

  ExitThread

  GetSystemTimeAsFileTime

  RtlUnwind

  GetTimeZoneInformation

  GetLocalTime

  GetCurrentProcess

  SetEnvironmentVariableA

  HeapDestroy

  HeapCreate

  HeapFree

  HeapAlloc

  GetModuleFileNameA

  lstrlenA

  MultiByteToWideChar

  WideCharToMultiByte

  InterlockedDecrement

  GetCurrentProcessId

  DisableThreadLibraryCalls

  SetLastError

  SetThreadPriority

  TerminateThread

  GetFileTime

  SetFileTime

  OutputDebugStringA

  CreateFileMappingA

  MapViewOfFile

  UnmapViewOfFile

  SetEndOfFile

  GetFileSize

  GetCurrentDirectoryA

  SetCurrentDirectoryA

  FindFirstFileA

  GetFileAttributesA

  SetFileAttributesA

  FindNextFileA

  FindClose

  GetModuleHandleA

  GetLastError

  InitializeCriticalSection

  CreateEventA

  ResumeThread

  SetEvent

  InterlockedIncrement

  GetCurrentThreadId

  EnterCriticalSection

  LeaveCriticalSection

  WaitForSingleObject

  DeleteCriticalSection

  GetDiskFreeSpaceA

  Sleep

  LoadLibraryA

  GetProcAddress

  FreeLibrary

  MoveFileA

  DeleteFileA

  GetVersion

  GetSystemDirectoryA

  GetTickCount

  WriteFile

  CreateFileA

  ReadFile

  SetFilePointer

  CloseHandle

  GetConsoleOutputCP

  VirtualProtect

  user32

  ExitWindowsEx

  GetForegroundWindow

  EnumDisplaySettingsA

  PostQuitMessage

  UnregisterHotKey

  RegisterHotKey

  LoadCursorA

  ToAsciiEx

  GetKeyboardLayout

  PostMessageA

  wsprintfA

  GetCursorPos

  SetWindowLongA

  IsWindow

  DefWindowProcA

  GetWindowLongA

  CreateWindowExA

  GetSystemMetrics

  CreatePopupMenu

  AppendMenuA

  TrackPopupMenu

  DestroyMenu

  LoadImageA

  SetTimer

  EnumWindows

  GetKeyNameTextA

  GetKeyState

  GetAsyncKeyState

  FindWindowA

  GetWindowThreadProcessId

  OpenDesktopA

  OpenInputDesktop

  GetProcessWindowStation

  GetThreadDesktop

  OpenWindowStationA

  GetUserObjectInformationA

  SetThreadDesktop

  SetProcessWindowStation

  CloseDesktop

  CloseWindowStation

  MessageBoxA

  LoadStringA

  SendMessageA

  DialogBoxParamA

  SetDlgItemTextA

  SetPropA

  SetForegroundWindow

  EndDialog

  PostThreadMessageA

  GetClassNameA

  GetWindowRect

  GetDC

  ReleaseDC

  GetMessageA

  TranslateMessage

  DispatchMessageA

  KillTimer

  DestroyWindow

  UnregisterClassA

  RegisterClassA

  LoadIconA

  gdi32

  GdiFlush

  CreateCompatibleDC

  CreateDIBSection

  BitBlt

  DeleteObject

  GetDeviceCaps

  SelectObject

  CreateCompatibleBitmap

  CreateDCA

  GetStockObject

  DeleteDC

  advapi32

  InitiateSystemShutdownA

  OpenSCManagerA

  OpenServiceA

  CloseServiceHandle

  DeleteService

  LogonUserA

  RegEnumValueA

  RegOpenKeyExA

  RegEnumKeyExA

  RegDeleteKeyA

  RegDeleteValueA

  RevertToSelf

  GetSidLengthRequired

  GetTokenInformation

  LookupAccountSidA

  ImpersonateLoggedOnUser

  DuplicateToken

  OpenProcessToken

  LookupPrivilegeValueA

  AdjustTokenPrivileges

  GetUserNameA

  RegSetValueExA

  RegCreateKeyExA

  RegQueryValueExA

  RegCloseKey

  shell32

  SHGetMalloc

  SHGetSpecialFolderLocation

  SHGetPathFromIDListA

  ShellExecuteA

  Shell_NotifyIconA

  SHLoadInProc

  ole32

  CoTaskMemFree

  CoInitialize

  CoUninitialize

  StringFromCLSID

  CoCreateInstance

  oleaut32

  SysFreeString

  SysAllocStringLen

  Exports

  Exports

  DllCanUnloadNow

  DllGetClassObject

  IAlloc

  QueueMemory

  Sections

  .text

  Size: 492KB - Virtual size: 488KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 212KB - Virtual size: 210KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 56KB - Virtual size: 53KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .shared

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 8KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 32KB - Virtual size: 31KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ