metasploit | be801e3ae601db440be97a697070f4aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be801e3ae601db440be97a697070f4aa_JaffaCakes118
Size

249KB
MD5

be801e3ae601db440be97a697070f4aa
SHA1

70a0cef7e3c1da809259219ed2c01d2e9950fff6
SHA256

f63c761f026937ce2cbf2a851691b7359e98f27916b57910f816986fda2f19c6
SHA512

45a6d489f22c696cc07a15f5fad6757d94a27a32a9c597694fd335aba243e9426a437dc2ed0fd8d11e561ab0f56dd9f236268b86aa796b9a58792c4b96ffefb4
SSDEEP

6144:8Ryrn0Nc8QsA05HnL8Ytk4UgGVlMA9zOwhyMVaa:U6n705rZk4Wf/O0Fh

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/exec

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be801e3ae601db440be97a697070f4aa_JaffaCakes118

Files

be801e3ae601db440be97a697070f4aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wtq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE