Extracted

Extracted

• 98e86e243648eeeeaeed827a2bf25076_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  d1c393fa6d32059b12042942bba53193

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  advapi32

  RegCreateKeyExA

  RegQueryValueExA

  RegOpenKeyExA

  RegDeleteKeyA

  RegSetValueExA

  kernel32

  CreateFileA

  GetLastError

  lstrcpynA

  lstrcmpA

  lstrcpyA

  Sleep

  GetCurrentDirectoryA

  GetCurrentThreadId

  SetEvent

  WaitForSingleObject

  LocalFree

  FormatMessageA

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  GetTickCount

  GetSystemTime

  SetFilePointer

  lstrcmpiA

  ReadFile

  WriteFile

  SetThreadPriority

  ReleaseSemaphore

  CreateSemaphoreA

  CreateEventA

  TerminateThread

  DeleteFileA

  FindClose

  FindNextFileA

  GetDateFormatA

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  FindFirstFileA

  GetLocalTime

  SetCurrentDirectoryA

  ReleaseMutex

  GetModuleFileNameA

  GetModuleHandleA

  CreateMutexA

  SetLastError

  GetDriveTypeA

  LoadLibraryA

  GetProcAddress

  GetFileSize

  SetEnvironmentVariableA

  GetOEMCP

  GetACP

  CompareStringW

  CompareStringA

  GetCPInfo

  GetFileType

  GetStdHandle

  SetHandleCount

  GetEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  FreeEnvironmentStringsA

  LCMapStringW

  LCMapStringA

  WideCharToMultiByte

  GetStringTypeW

  GetStringTypeA

  MultiByteToWideChar

  RtlUnwind

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  TlsGetValue

  TlsAlloc

  VirtualAlloc

  VirtualFree

  HeapCreate

  HeapDestroy

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  ExitProcess

  GetVersion

  GetCommandLineA

  GetStartupInfoA

  InterlockedIncrement

  GetFullPathNameA

  InterlockedDecrement

  ExitThread

  TlsSetValue

  CreateThread

  ResumeThread

  HeapFree

  GetTimeZoneInformation

  HeapAlloc

  HeapReAlloc

  lstrlenA

  CloseHandle

  user32

  wsprintfA

  GetDlgItemTextA

  MessageBoxA

  PostMessageA

  GetDlgItemInt

  GetParent

  SetDlgItemInt

  SetDlgItemTextA

  DefWindowProcA

  SetTimer

  KillTimer

  SendMessageA

  SetWindowPos

  SystemParametersInfoA

  GetWindowRect

  IsWindowVisible

  UnhookWindowsHookEx

  SetWindowsHookExA

  GetWindowLongA

  wvsprintfA

  CloseClipboard

  SetClipboardData

  EmptyClipboard

  OpenClipboard

  GetDlgItem

  MessageBeep

  GetDialogBaseUnits

  SetWindowTextA

  GetDC

  ReleaseDC

  GetClassInfoA

  RegisterClassA

  CreateWindowExA

  DialogBoxParamA

  GetClientRect

  GetTopWindow

  MapDialogRect

  MoveWindow

  FindWindowA

  UnregisterClassA

  GetWindow

  DestroyIcon

  LoadIconA

  SetClassLongA

  GetSystemMenu

  AppendMenuA

  CheckMenuItem

  WinHelpA

  SetWindowLongA

  GetSystemMetrics

  GetCursorPos

  TrackPopupMenu

  SetForegroundWindow

  CreateDialogParamA

  EnableWindow

  SendDlgItemMessageA

  EndDialog

  DestroyWindow

  GetWindowTextA

  ShowWindow

  InvalidateRect

  gdi32

  GetTextExtentPoint32A

  LPtoDP

  shell32

  SHBrowseForFolderA

  Shell_NotifyIconA

  SHGetPathFromIDListA

  wsock32

  WSACleanup

  WSAStartup

  WSAAsyncGetHostByName

  WSAIsBlocking

  WSACancelBlockingCall

  connect

  send

  ntohs

  recv

  WSAAsyncSelect

  getservbyname

  WSAGetLastError

  WSASetLastError

  select

  closesocket

  recvfrom

  sendto

  socket

  setsockopt

  bind

  htons

  htonl

  ntohl

  gethostname

  gethostbyname

  inet_addr

  ioctlsocket

  Sections

  .text

  Size: 60KB - Virtual size: 58KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 8KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 8KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ