metasploit | 753b9d4712d98058e076ea88406a92c9_JaffaCakes118

General

Target

753b9d4712d98058e076ea88406a92c9_JaffaCakes118
Size

16KB
MD5

753b9d4712d98058e076ea88406a92c9
SHA1

cefc562848b61211a7324e3294317eac1a9e5684
SHA256

c9d8111dcfebe942de601e5473cd3a5a45bc2ce91be5af3437597a0c4dbc17a5
SHA512

2b1fdf2ced4239737c56f7802c92aa78f950b373ee9dc0fe10aae0f547e0b9b7702023f9bd43bec5609304623ec9d9e94d7602b6ba5ae28302e6581becee2469
SSDEEP

192:xzH6KUzFjvs914Y0Zr3yqMvJ5iTPf+qOkjyFoqcCDq:mFjvs9WxZrCqMPirxeaqrW

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.0.28:4444

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
753b9d4712d98058e076ea88406a92c9_JaffaCakes118

Files

753b9d4712d98058e076ea88406a92c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

757d118639785a88cd772d5f709d2401

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
ExitProcess
FindAtomA
GetAtomNameA
SetUnhandledExceptionFilter

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
fflush
fprintf
free
malloc
printf
signal

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 176B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Extracted

Extracted

Signatures

Files

757d118639785a88cd772d5f709d2401

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 496B

.bss Size: - Virtual size: 176B

.idata Size: 1024B - Virtual size: 660B

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 496B

.bss
Size: - Virtual size: 176B

.idata
Size: 1024B - Virtual size: 660B