Extracted

• a065132cce782676c62887f667f41786_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  ab37df7e306b0fc37913a9cdfbc4585c

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  rpcrt4

  NdrPointerBufferSize

  NdrPointerMarshall

  NdrConvert

  RpcRaiseException

  NdrClientInitializeNew

  NdrConformantStringBufferSize

  NdrGetBuffer

  NdrConformantStringMarshall

  NdrSendReceive

  NdrFreeBuffer

  RpcStringBindingComposeA

  RpcBindingFromStringBindingA

  RpcMgmtEpEltInqBegin

  RpcMgmtEpEltInqNextA

  UuidToStringA

  RpcBindingToStringBindingA

  RpcStringFreeA

  RpcBindingFree

  msvcrt

  _onexit

  __dllonexit

  _controlfp

  __set_app_type

  __p__fmode

  __p__commode

  _adjust_fdiv

  __setusermatherr

  _initterm

  __getmainargs

  __p___initenv

  _XcptFilter

  _exit

  _except_handler3

  atoi

  malloc

  free

  exit

  printf

  strlen

  strchr

  strcmp

  sprintf

  memcpy

  memset

  kernel32

  GetVersionExA

  GetModuleHandleA

  ws2_32

  send

  connect

  socket

  htons

  inet_addr

  WSAStartup

  recv

  Sections

  .text

  Size: 8KB - Virtual size: 6KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE