Extracted

• JaffaCakes118_78b582e8e72d96f39143a06a67204105

  .exe windows:4 windows x86 arch:x86

  e5b4359a3773764a372173074ae9b6bd

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_BYTES_REVERSED_LO

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_BYTES_REVERSED_HI

  Imports

  oleaut32

  SysFreeString

  SysReAllocStringLen

  SysAllocStringLen

  GetErrorInfo

  GetActiveObject

  SysFreeString

  SafeArrayPtrOfIndex

  SafeArrayGetUBound

  SafeArrayGetLBound

  SafeArrayCreate

  VariantChangeType

  VariantCopy

  VariantClear

  VariantInit

  advapi32

  RegQueryValueExA

  RegOpenKeyExA

  RegCloseKey

  RegSetValueExA

  RegQueryValueExA

  RegQueryInfoKeyA

  RegOpenKeyExA

  RegOpenKeyA

  RegFlushKey

  RegEnumValueA

  RegEnumKeyExA

  RegDeleteValueA

  RegDeleteKeyA

  RegCreateKeyExA

  RegCreateKeyA

  RegCloseKey

  OpenThreadToken

  OpenProcessToken

  LookupPrivilegeValueA

  LookupPrivilegeNameA

  LookupPrivilegeDisplayNameA

  LookupAccountSidA

  IsValidSid

  GetUserNameA

  GetTokenInformation

  GetSidSubAuthorityCount

  GetSidSubAuthority

  GetSidIdentifierAuthority

  GetCurrentHwProfileA

  AdjustTokenPrivileges

  StartServiceA

  QueryServiceStatus

  OpenServiceA

  OpenSCManagerA

  EnumServicesStatusA

  DeleteService

  CreateServiceA

  ControlService

  CloseServiceHandle

  user32

  GetKeyboardType

  DestroyWindow

  LoadStringA

  MessageBoxA

  CharNextA

  CreateWindowExA

  mouse_event

  keybd_event

  WindowFromPoint

  WaitMessage

  VkKeyScanA

  UpdateWindow

  UnregisterClassA

  UnhookWindowsHookEx

  TranslateMessage

  TranslateMDISysAccel

  TrackPopupMenu

  ToAscii

  SystemParametersInfoA

  ShowWindow

  ShowScrollBar

  ShowOwnedPopups

  SetWindowsHookExA

  SetWindowTextA

  SetWindowPos

  SetWindowPlacement

  SetWindowLongW

  SetWindowLongA

  SetTimer

  SetScrollRange

  SetScrollPos

  SetScrollInfo

  SetRect

  SetPropA

  SetParent

  SetMenuItemInfoA

  SetMenu

  SetForegroundWindow

  SetFocus

  SetCursorPos

  SetCursor

  SetClipboardData

  SetClassLongA

  SetCapture

  SetActiveWindow

  SendMessageW

  SendMessageA

  ScrollWindow

  ScreenToClient

  RemovePropA

  RemoveMenu

  ReleaseDC

  ReleaseCapture

  RegisterWindowMessageA

  RegisterClipboardFormatA

  RegisterClassA

  RedrawWindow

  PtInRect

  PostQuitMessage

  PostMessageA

  PeekMessageW

  PeekMessageA

  OpenClipboard

  OffsetRect

  OemToCharA

  MsgWaitForMultipleObjectsEx

  MsgWaitForMultipleObjects

  MessageBoxA

  MapWindowPoints

  MapVirtualKeyA

  LockWorkStation

  LoadStringA

  LoadKeyboardLayoutA

  LoadIconA

  LoadCursorA

  LoadBitmapA

  KillTimer

  IsZoomed

  IsWindowVisible

  IsWindowUnicode

  IsWindowEnabled

  IsWindow

  IsRectEmpty

  IsIconic

  IsDialogMessageW

  IsDialogMessageA

  IsClipboardFormatAvailable

  IsChild

  InvalidateRect

  IntersectRect

  InsertMenuItemA

  InsertMenuA

  InflateRect

  GetWindowThreadProcessId

  GetWindowTextLengthA

  GetWindowTextA

  GetWindowRect

  GetWindowPlacement

  GetWindowLongW

  GetWindowLongA

  GetWindowDC

  GetTopWindow

  GetSystemMetrics

  GetSystemMenu

  GetSysColorBrush

  GetSysColor

  GetSubMenu

  GetScrollRange

  GetScrollPos

  GetScrollInfo

  GetPropA

  GetParent

  GetWindow

  GetMessagePos

  GetMessageA

  GetMenuStringA

  GetMenuState

  GetMenuItemInfoA

  GetMenuItemID

  GetMenuItemCount

  GetMenu

  GetLastInputInfo

  GetLastActivePopup

  GetKeyboardState

  GetKeyboardLayoutNameA

  GetKeyboardLayoutList

  GetKeyboardLayout

  GetKeyState

  GetKeyNameTextA

  GetIconInfo

  GetForegroundWindow

  GetFocus

  GetDesktopWindow

  GetDCEx

  GetDC

  GetCursorPos

  GetCursor

  GetClipboardData

  GetClientRect

  GetClassNameA

  GetClassLongA

  GetClassInfoA

  GetCapture

  GetActiveWindow

  FrameRect

  FindWindowExA

  FindWindowA

  FillRect

  ExitWindowsEx

  EqualRect

  EnumWindows

  EnumThreadWindows

  EnumDisplayDevicesA

  EnumClipboardFormats

  EnumChildWindows

  EndPaint

  EnableWindow

  EnableScrollBar

  EnableMenuItem

  EmptyClipboard

  DrawTextA

  DrawMenuBar

  DrawIconEx

  DrawIcon

  DrawFrameControl

  DrawEdge

  DispatchMessageW

  DispatchMessageA

  DestroyWindow

  DestroyMenu

  DestroyIcon

  DestroyCursor

  DeleteMenu

  DefWindowProcA

  DefMDIChildProcA

  DefFrameProcA

  CreatePopupMenu

  CreateMenu

  CreateIcon

  CloseClipboard

  ClientToScreen

  CheckMenuItem

  CallWindowProcA

  CallNextHookEx

  BeginPaint

  CharNextA

  CharLowerBuffA

  CharLowerA

  CharUpperBuffA

  CharToOemA

  AdjustWindowRectEx

  ActivateKeyboardLayout

  EnumDisplayMonitors

  GetMonitorInfoA

  kernel32

  GetACP

  Sleep

  VirtualFree

  VirtualAlloc

  GetTickCount

  QueryPerformanceCounter

  GetCurrentThreadId

  InterlockedDecrement

  InterlockedIncrement

  VirtualQuery

  WideCharToMultiByte

  MultiByteToWideChar

  lstrlenA

  lstrcpynA

  LoadLibraryExA

  GetThreadLocale

  GetStartupInfoA

  GetProcAddress

  GetModuleHandleA

  GetModuleFileNameA

  GetLocaleInfoA

  GetLastError

  GetCommandLineA

  FreeLibrary

  FindFirstFileA

  FindClose

  ExitProcess

  ExitThread

  CreateThread

  CompareStringA

  WriteFile

  UnhandledExceptionFilter

  SetFilePointer

  SetEndOfFile

  RtlUnwind

  ReadFile

  RaiseException

  GetStdHandle

  GetFileSize

  GetFileType

  CreateFileA

  CloseHandle

  TlsSetValue

  TlsGetValue

  LocalAlloc

  GetModuleHandleA

  lstrcpyA

  WriteProcessMemory

  WriteFile

  WinExec

  WaitForSingleObject

  WaitForMultipleObjectsEx

  VirtualQuery

  VirtualProtectEx

  VirtualProtect

  VirtualFreeEx

  VirtualFree

  VirtualAllocEx

  VirtualAlloc

  VerLanguageNameA

  UnmapViewOfFile

  TerminateProcess

  Sleep

  SizeofResource

  SetThreadPriority

  SetThreadLocale

  SetThreadContext

  SetLastError

  SetFileTime

  SetFilePointer

  SetFileAttributesA

  SetEvent

  SetErrorMode

  SetEndOfFile

  ResumeThread

  ResetEvent

  ReadProcessMemory

  ReadFile

  PeekNamedPipe

  OpenProcess

  MultiByteToWideChar

  MulDiv

  MoveFileA

  MapViewOfFile

  LockResource

  LocalFileTimeToFileTime

  LocalAlloc

  LoadResource

  LoadLibraryA

  LeaveCriticalSection

  IsBadReadPtr

  InitializeCriticalSection

  HeapFree

  HeapAlloc

  GlobalUnlock

  GlobalMemoryStatus

  GlobalLock

  GlobalFree

  GlobalFindAtomA

  GlobalDeleteAtom

  GlobalAlloc

  GlobalAddAtomA

  GetWindowsDirectoryA

  GetVolumeInformationA

  GetVersionExA

  GetVersion

  GetUserDefaultLangID

  GetTickCount

  GetThreadLocale

  GetThreadContext

  GetTempPathA

  GetSystemPowerStatus

  GetSystemDirectoryA

  GetStdHandle

  GetProcessHeap

  GetProcAddress

  GetModuleHandleA

  GetModuleFileNameA

  GetLocaleInfoA

  GetLocalTime

  GetLastError

  GetFullPathNameA

  GetFileTime

  GetFileSize

  GetFileAttributesA

  GetExitCodeThread

  GetExitCodeProcess

  GetEnvironmentVariableA

  GetDriveTypeA

  GetDiskFreeSpaceA

  GetDateFormatA

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetComputerNameA

  GetCPInfo

  FreeResource

  InterlockedIncrement

  InterlockedExchange

  InterlockedDecrement

  FreeLibrary

  FormatMessageA

  FindResourceA

  FindNextFileA

  FindFirstFileA

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExitThread

  ExitProcess

  EnumResourceNamesA

  EnumCalendarInfoA

  EnterCriticalSection

  DosDateTimeToFileTime

  DeleteFileA

  DeleteCriticalSection

  CreateThread

  CreateRemoteThread

  CreateProcessA

  CreatePipe

  CreateMutexA

  CreateFileMappingA

  CreateFileA

  CreateEventA

  CreateDirectoryA

  CopyFileA

  CompareStringA

  CloseHandle

  Beep

  Sleep

  gdi32

  UnrealizeObject

  StretchBlt

  SetWindowOrgEx

  SetWinMetaFileBits

  SetViewportOrgEx

  SetTextColor

  SetStretchBltMode

  SetROP2

  SetPixel

  SetEnhMetaFileBits

  SetDIBColorTable

  SetBrushOrgEx

  SetBkMode

  SetBkColor

  SelectPalette

  SelectObject

  SaveDC

  RestoreDC

  RectVisible

  RealizePalette

  PlayEnhMetaFile

  PatBlt

  MoveToEx

  MaskBlt

  LineTo

  IntersectClipRect

  GetWindowOrgEx

  GetWinMetaFileBits

  GetTextMetricsA

  GetTextExtentPoint32A

  GetSystemPaletteEntries

  GetStockObject

  GetRgnBox

  GetPixel

  GetPaletteEntries

  GetObjectA

  GetEnhMetaFilePaletteEntries

  GetEnhMetaFileHeader

  GetEnhMetaFileBits

  GetDeviceCaps

  GetDIBits

  GetDIBColorTable

  GetDCOrgEx

  GetCurrentPositionEx

  GetClipBox

  GetBrushOrgEx

  GetBitmapBits

  GdiFlush

  ExtTextOutA

  ExcludeClipRect

  DeleteObject

  DeleteEnhMetaFile

  DeleteDC

  CreateSolidBrush

  CreatePenIndirect

  CreatePalette

  CreateHalftonePalette

  CreateFontIndirectA

  CreateDIBitmap

  CreateDIBSection

  CreateDCA

  CreateCompatibleDC

  CreateCompatibleBitmap

  CreateBrushIndirect

  CreateBitmap

  CopyEnhMetaFileA

  BitBlt

  version

  VerQueryValueA

  GetFileVersionInfoSizeA

  GetFileVersionInfoA

  wsock32

  __WSAFDIsSet

  WSACleanup

  WSAStartup

  WSAGetLastError

  gethostname

  getservbyname

  gethostbyname

  gethostbyaddr

  socket

  shutdown

  sendto

  send

  select

  recv

  ntohs

  listen

  ioctlsocket

  inet_ntoa

  inet_addr

  htons

  getsockname

  connect

  closesocket

  bind

  accept

  ole32

  CoTaskMemFree

  StringFromCLSID

  CoTaskMemFree

  CLSIDFromProgID

  ProgIDFromCLSID

  StringFromCLSID

  CoCreateInstance

  CoUninitialize

  CoInitialize

  IsEqualGUID

  shell32

  ShellExecuteExA

  ShellExecuteA

  SHGetFileInfoA

  SHFileOperationA

  DragQueryFileA

  SHGetSpecialFolderLocation

  SHGetPathFromIDListA

  SHEmptyRecycleBinA

  urlmon

  URLDownloadToFileA

  comctl32

  _TrackMouseEvent

  ImageList_SetIconSize

  ImageList_GetIconSize

  ImageList_Write

  ImageList_Read

  ImageList_DragShowNolock

  ImageList_DragMove

  ImageList_DragLeave

  ImageList_DragEnter

  ImageList_EndDrag

  ImageList_BeginDrag

  ImageList_Remove

  ImageList_DrawEx

  ImageList_Draw

  ImageList_GetBkColor

  ImageList_SetBkColor

  ImageList_Add

  ImageList_GetImageCount

  ImageList_Destroy

  ImageList_Create

  wininet

  InternetReadFile

  InternetOpenUrlA

  InternetOpenA

  InternetConnectA

  InternetCloseHandle

  HttpQueryInfoA

  FtpPutFileA

  winmm

  waveInUnprepareHeader

  waveInStart

  waveInReset

  waveInPrepareHeader

  waveInOpen

  waveInClose

  waveInAddBuffer

  PlaySoundA

  mciSendStringA

  netapi32

  Netbios

  NetApiBufferFree

  NetShareGetInfo

  NetShareEnum

  gdiplus

  GdipGetImageEncoders

  GdipGetImageEncodersSize

  GdipDrawImageRectI

  GdipSetInterpolationMode

  GdipDeleteGraphics

  GdipCreateBitmapFromHBITMAP

  GdipCreateBitmapFromScan0

  GdipGetImagePixelFormat

  GdipGetImageGraphicsContext

  GdipSaveImageToStream

  GdipDisposeImage

  GdiplusShutdown

  GdiplusStartup

  GdipFree

  GdipAlloc

  msacm32

  acmStreamUnprepareHeader

  acmStreamPrepareHeader

  acmStreamConvert

  acmStreamReset

  acmStreamSize

  acmStreamClose

  acmStreamOpen

  ntdll

  NtQuerySystemInformation

  NtUnmapViewOfSection

  ws2_32

  WSAIoctl

  shfolder

  SHGetFolderPathA

  avicap32

  capGetDriverDescriptionA

  Sections

  .text

  Size: 566KB - Virtual size: 566KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .itext

  Size: 6KB - Virtual size: 6KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .bss

  Size: - Virtual size: 29KB

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 16KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: - Virtual size: 56B

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 512B - Virtual size: 24B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 35KB - Virtual size: 34KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 16KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ