aab1d75d32b21ecee215059c1b0da99a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aab1d75d32b21ecee215059c1b0da99a_JaffaCakes118
Size

952KB
MD5

aab1d75d32b21ecee215059c1b0da99a
SHA1

767ce56c237e8d3cc2275c2932d3b36fbd588250
SHA256

fcdf6e096969f92bc553a6bc8ba1272ed8f4d236a9ff741debc0a37ff16c4ca0
SHA512

5463d6ec29decb1a1114711e25090b1a5d8e116fdbe6589c8878344c941583c5e589fbd01723bff152a33fefa37064b8b8b0dadee3dfa037a579bfd71c6cc330
SSDEEP

12288:PeCFE+dta35+7cPAUMT7RTxcjNSJFpfCtOBL3sJq3U/e0ZGm3f9BKrLRE0:WCFVta3ctRTxc4JFpfQOdeqoGclsvT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aab1d75d32b21ecee215059c1b0da99a_JaffaCakes118

Files

aab1d75d32b21ecee215059c1b0da99a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dev\metdev\workspace\metcli\Release\metcli.pdb

Exports

Exports

args_parse
buffer_from_file
buffer_to_file
channel_close
channel_create
channel_create_datagram
channel_create_pool
channel_create_stream
channel_default_io_handler
channel_destroy
channel_find_by_id
channel_get_buffered_io_context
channel_get_class
channel_get_flags
channel_get_id
channel_get_native_io_context
channel_get_type
channel_interact
channel_is_flag
channel_is_interactive
channel_open
channel_read
channel_read_from_buffered
channel_set_buffered_io_handler
channel_set_flags
channel_set_interactive
channel_set_native_io_context
channel_set_type
channel_write
channel_write_to_buffered
channel_write_to_remote
command_call_dispatch
command_deregister
command_process_remote
command_process_remote_loop
command_register
command_validate_arguments
console_check_escape_sent
console_deregister_command
console_generic_response_output
console_get_interactive_channel
console_get_interactive_channel_id
console_process_command
console_process_commands
console_read_buffer
console_register_command
console_set_interactive_channel
console_write_output
console_write_output_raw
console_write_prompt
packet_add_completion_handler
packet_add_exception
packet_add_tlv_bool
packet_add_tlv_group
packet_add_tlv_raw
packet_add_tlv_string
packet_add_tlv_uint
packet_add_tlvs
packet_call_completion_handlers
packet_create
packet_create_response
packet_destroy
packet_enum_tlv
packet_get_result
packet_get_tlv
packet_get_tlv_group_entry
packet_get_tlv_meta
packet_get_tlv_string
packet_get_tlv_value_bool
packet_get_tlv_value_string
packet_get_tlv_value_uint
packet_get_type
packet_is_tlv_null_terminated
packet_receive
packet_remove_completion_handler
packet_transmit
packet_transmit_empty_response
scheduler_insert_waitable
scheduler_remove_waitable
scheduler_run
send_core_console_write

Sections

.text
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oli
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 612KB - Virtual size: 612KB

.rdata Size: 115KB - Virtual size: 114KB

.data Size: 50KB - Virtual size: 59KB

.rsrc Size: 512B - Virtual size: 436B

.oli Size: 1KB - Virtual size: 4KB

.text
Size: 612KB - Virtual size: 612KB

.rdata
Size: 115KB - Virtual size: 114KB

.data
Size: 50KB - Virtual size: 59KB

.rsrc
Size: 512B - Virtual size: 436B

.oli
Size: 1KB - Virtual size: 4KB