metasploit | fb15f8575b7123c3de70f8cb94a87ec2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fb15f8575b7123c3de70f8cb94a87ec2_JaffaCakes118
Size

7.9MB
MD5

fb15f8575b7123c3de70f8cb94a87ec2
SHA1

0dc638cefe035a8be5688a7ea0eef2c2a1472687
SHA256

1ee5f148e0f4374e040bace8e339f5dfc970549a86b84893c8c736fb4f80c02a
SHA512

9014066379534f05fefbaa26e7f87e024dfca9f05ca91647b877516ef6f945e4a12b31ee2dc442aed96c821cd14cc19cab8259c48d9f4bf091cf66ee6cbd13c3
SSDEEP

98304:gVdyCVnP6oDlexqwl7ze9OREe9HW1X2ffO4:mnIoDlW19q9OREeRW1X2ffO4

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
fb15f8575b7123c3de70f8cb94a87ec2_JaffaCakes118

Files

fb15f8575b7123c3de70f8cb94a87ec2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1720bf764274b7a4052bbef0a71adc0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_iob
_lock
_onexit
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strlen
strncmp
_unlock
abort
vfprintf

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7.8MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 754B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

1720bf764274b7a4052bbef0a71adc0d

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 7.8MB - Virtual size: 7.8MB

.rdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

/4 Size: 1024B - Virtual size: 672B

/19 Size: 40KB - Virtual size: 39KB

/31 Size: 6KB - Virtual size: 6KB

/45 Size: 5KB - Virtual size: 5KB

/57 Size: 2KB - Virtual size: 1KB

/70 Size: 1024B - Virtual size: 754B

/81 Size: 4KB - Virtual size: 3KB

/92 Size: 1024B - Virtual size: 608B

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 7.8MB - Virtual size: 7.8MB

.rdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

/4
Size: 1024B - Virtual size: 672B

/19
Size: 40KB - Virtual size: 39KB

/31
Size: 6KB - Virtual size: 6KB

/45
Size: 5KB - Virtual size: 5KB

/57
Size: 2KB - Virtual size: 1KB

/70
Size: 1024B - Virtual size: 754B

/81
Size: 4KB - Virtual size: 3KB

/92
Size: 1024B - Virtual size: 608B