metasploit | ac19b57725aaa480dcb5225dadf560e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac19b57725aaa480dcb5225dadf560e2_JaffaCakes118
Size

108KB
MD5

ac19b57725aaa480dcb5225dadf560e2
SHA1

94992ecb5ce78e7525c9062332723e33c4e611a6
SHA256

df4d0855ee176ab0e41acd20b2ee1914ccdd37772fe744e11901e52dd815177b
SHA512

432c7afb58373da16cc2fb20e717b4bb6cf91312b4b994b44fd8cff3285ecb2f11cbe69a5f9591bc84981ba33654537614727c355d260ea989be1242ac3b716b
SSDEEP

1536:+qJs7NcRTlhSpkyp10cGauJzxV2rb7MFRRlyi1P22qVVo:pshcRTlm10ci2H7Mb+i1P22qVq

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac19b57725aaa480dcb5225dadf560e2_JaffaCakes118

Files

ac19b57725aaa480dcb5225dadf560e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 43KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ