metasploit | 2f8082afa07c3c881e2b1bf41ecbdaff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f8082afa07c3c881e2b1bf41ecbdaff_JaffaCakes118
Size

24KB
MD5

2f8082afa07c3c881e2b1bf41ecbdaff
SHA1

910b3b129593c2f8972a995d068bbec21869152c
SHA256

0902582842724eb23e9a5d9b6082f605f4b072036d38689c37095c69f36a76b1
SHA512

6a2d787c339702a88bc8ee9c4857be69a508c9313e3ba66112453fa4447ccfac65bebc184c3a45d65f3ddab29f127d6ee8d6ca8eba53f0b63d96ac007e19e1fe
SSDEEP

384:7hzakcFd3l+c7RK2pgalAhfuzo47E9xgYUSsnoArsAaptbBvwF:lzaka39OT3PRBk

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f8082afa07c3c881e2b1bf41ecbdaff_JaffaCakes118

Files

2f8082afa07c3c881e2b1bf41ecbdaff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b58a51c1fff9c4a944265c1fe0fab74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
atexit
signal

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 68B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE