metasploit | 6031c3f6a51c3723e01d5d824e23f0e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6031c3f6a51c3723e01d5d824e23f0e2_JaffaCakes118
Size

12KB
MD5

6031c3f6a51c3723e01d5d824e23f0e2
SHA1

2fc705236f5736a8db0a574f19988525a73d0930
SHA256

7125ca5c435e0acdb19e9d378e98932ca9e5e756b1b4cc78d96c83d64a76aadc
SHA512

53077817bb48c3f494d73659229079e5b869765add94b88057319c25e1bf72b69b7126d9f58c24cf58dde79e4502fe688760c36dfb51afbdf85047a121965eff
SSDEEP

192:xJjgxMAHPPay9I6iim4FLrXtOU6EE490TZv1CM0n:zkDHay9Ixr6XtmBvwF

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6031c3f6a51c3723e01d5d824e23f0e2_JaffaCakes118

Files

6031c3f6a51c3723e01d5d824e23f0e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b58a51c1fff9c4a944265c1fe0fab74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
atexit
signal

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 68B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE