metasploit | 27b0083398239df723a609c159261b92_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27b0083398239df723a609c159261b92_JaffaCakes118
Size

844KB
MD5

27b0083398239df723a609c159261b92
SHA1

eab5f182cfe2b5761a0a14f382fe121496972adf
SHA256

1a51926d2f20c26a143bbaa458e04b6958593ef8b9b11c716b2aa79c7b4ff97c
SHA512

417f4ae2652415be556b7eee9ffee8fd405441c80f16482744a9f4192f0be6b0308239df15fa0ed7cf7947dd9255145d2f4df2a9cf7e0e7240b2c0c2367580dc
SSDEEP

12288:9JVcQtwYEmOc3rggWVbkq28za/imKb/QLVKBNivyEa0rnqYEF:lrgmOt3tkugq/1NiNr

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27b0083398239df723a609c159261b92_JaffaCakes118

Files

27b0083398239df723a609c159261b92_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ