metasploit | aeeb4ffd2daeead3968c64a6fd7f9071_JaffaCakes118

General

Target

aeeb4ffd2daeead3968c64a6fd7f9071_JaffaCakes118
Size

192KB
MD5

aeeb4ffd2daeead3968c64a6fd7f9071
SHA1

63651fb2bc2aad4cc8e57eb24e9b4fbd27619632
SHA256

3d4b357481c8e8308988955e31def8145ec0b1734b1352f09a469dd052fe9448
SHA512

8edb521d3cc8206c97ed6ff78e8c3a447a2115ef5a3b8a7378cf1bf039ce2df386693e9c3badfd49e73b17be20296bd0e88e3854d76347e9ac9cb04d07bc56bc
SSDEEP

3072:IOrerAgXWMI6vKoTN6p0frxJLgf7nDVF6PUp1Yo3ICgx:IWDcRgNpex5gfzDVlVXg

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.0.10:5555

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aeeb4ffd2daeead3968c64a6fd7f9071_JaffaCakes118

Files

aeeb4ffd2daeead3968c64a6fd7f9071_JaffaCakes118
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

��
Size: - Virtual size:

�2��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA

Size: 4KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

����� Size: - Virtual size:

�2���� Size: - Virtual size:

����� Size: - Virtual size:

����� Size: - Virtual size:

����� Size: - Virtual size:

����� Size: - Virtual size:

Size: 4KB - Virtual size:

��
Size: - Virtual size:

�2��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size: