Extracted

• 57287b0d09ec34cd9fa172544a60ac77_JaffaCakes118

  .exe windows:5 windows x86 arch:x86

  092ca20b4e2feda3e25dbe39504603ca

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  wininet

  InternetOpenUrlA

  InternetReadFile

  InternetOpenA

  InternetCloseHandle

  kernel32

  CloseHandle

  CreateFileA

  GetTickCount

  WriteFile

  CreateProcessA

  GetTempPathA

  CreateThread

  ExitProcess

  SetPriorityClass

  GetLocaleInfoA

  MoveFileExA

  GetCurrentProcess

  GetCurrentThread

  SetProcessPriorityBoost

  GetDriveTypeA

  GetFileAttributesA

  GetEnvironmentVariableA

  SetThreadPriority

  GetShortPathNameA

  GetProcAddress

  LoadLibraryA

  GetModuleHandleA

  GetVersionExA

  OpenMutexA

  CreateMutexA

  ReleaseMutex

  GetLastError

  GetCurrentProcessId

  DeleteFileA

  lstrlenA

  FreeLibrary

  CreateRemoteThread

  OpenProcess

  VirtualFreeEx

  VirtualAllocEx

  WriteProcessMemory

  TerminateProcess

  lstrcmpiA

  WinExec

  GetLogicalDriveStringsA

  CreateToolhelp32Snapshot

  SetEvent

  CreateEventA

  MultiByteToWideChar

  SetLastError

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  ExitThread

  EnterCriticalSection

  OpenEventA

  WaitForMultipleObjects

  DeleteCriticalSection

  WideCharToMultiByte

  LocalFree

  FlushFileBuffers

  ReadFile

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  SetStdHandle

  GetLocaleInfoW

  GetConsoleMode

  GetConsoleCP

  SetFilePointer

  SetEnvironmentVariableA

  CompareStringW

  CompareStringA

  IsValidLocale

  EnumSystemLocalesA

  GetUserDefaultLCID

  GetStringTypeW

  GetStringTypeA

  GetSystemTimeAsFileTime

  QueryPerformanceCounter

  GetFileType

  SetHandleCount

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  HeapSize

  GetModuleFileNameA

  Process32Next

  SetFileAttributesA

  CopyFileA

  CreateDirectoryA

  Sleep

  GetWindowsDirectoryA

  Process32First

  GetComputerNameA

  InterlockedIncrement

  InterlockedDecrement

  InterlockedExchange

  WaitForSingleObject

  VirtualQuery

  HeapFree

  UnhandledExceptionFilter

  GetStdHandle

  HeapReAlloc

  VirtualAlloc

  VirtualFree

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetModuleHandleW

  HeapAlloc

  HeapCreate

  GetCurrentThreadId

  TlsFree

  TlsSetValue

  TlsAlloc

  TlsGetValue

  IsValidCodePage

  GetOEMCP

  GetACP

  LCMapStringW

  LCMapStringA

  GetCPInfo

  RtlUnwind

  RaiseException

  GetStartupInfoA

  GetCommandLineA

  InitializeCriticalSection

  user32

  FindWindowA

  IsWindow

  GetWindowThreadProcessId

  SwitchToThisWindow

  IsCharAlphaNumericA

  IsCharAlphaA

  RegisterDeviceNotificationA

  UpdateWindow

  DispatchMessageA

  ShowWindow

  DefWindowProcA

  CreateWindowExA

  TranslateMessage

  PostQuitMessage

  RegisterClassExA

  GetMessageA

  DestroyWindow

  BlockInput

  GetWindowTextA

  GetForegroundWindow

  SendMessageA

  FindWindowExA

  keybd_event

  RealGetWindowClassA

  SetFocus

  SetForegroundWindow

  VkKeyScanW

  SendInput

  MapVirtualKeyA

  VkKeyScanA

  GetMenuItemID

  PostMessageA

  IsWindowVisible

  advapi32

  LookupPrivilegeValueA

  IsTextUnicode

  RegCloseKey

  RegCreateKeyExA

  RegSetValueExA

  AdjustTokenPrivileges

  RegQueryValueExA

  OpenProcessToken

  FreeSid

  AllocateAndInitializeSid

  GetUserNameA

  RegOpenKeyExA

  shell32

  ShellExecuteA

  SHChangeNotify

  ShellExecuteExA

  ole32

  CoInitialize

  CoUninitialize

  CoCreateInstance

  oleaut32

  SysAllocString

  VariantClear

  VariantInit

  ws2_32

  recv

  select

  send

  gethostbyname

  closesocket

  socket

  WSACleanup

  WSAGetLastError

  inet_addr

  WSAStartup

  connect

  htonl

  ntohl

  inet_ntoa

  gethostname

  ioctlsocket

  htons

  ntdll

  NtQuerySystemInformation

  ZwSystemDebugControl

  shlwapi

  SHDeleteKeyA

  mpr

  WNetCancelConnectionA

  WNetUseConnectionA

  WNetCancelConnection2A

  WNetGetLastErrorA

  rpcrt4

  RpcBindingFromStringBindingA

  RpcStringFreeA

  RpcMgmtIsServerListening

  RpcMgmtSetComTimeout

  NdrClientCall2

  RpcMgmtInqStats

  RpcBindingFree

  RpcStringBindingComposeA

  RpcMgmtStatsVectorFree

  comctl32

  ord17

  Sections

  .text

  Size: 364KB - Virtual size: 364KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  ufpp.dhv

  Size: 52KB - Virtual size: 52KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .gkan0ip

  Size: 72KB - Virtual size: 72KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  7yi2bbkf

  Size: 20KB - Virtual size: 20KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ