metasploit | d522acef1c11bc2b5d00fcf7fee5609d_JaffaCakes118

General

Target

d522acef1c11bc2b5d00fcf7fee5609d_JaffaCakes118
Size

900KB
MD5

d522acef1c11bc2b5d00fcf7fee5609d
SHA1

0585f3af156b4706b8eb9e3223fa5f1d1dea5e2e
SHA256

6df712028446af021b9ca5090778b3cc0af63616691cdcd50ba94d97df021b60
SHA512

8f0ef5d342b8d9e6e5c71defdc3024b397e8a37ec5239e426ed4041f972d03ec950b1f014352391dbe34a88e8838068b166a6dc9f3388591a29cc8b2437fcddd
SSDEEP

12288:iK8SOR3VRbImnDKxohj+5Q/oln46ucaOfRr5AWHeGL7GOK:iKm3MgDKGhC5GYLuca6LDod

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.2.1:4444

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d522acef1c11bc2b5d00fcf7fee5609d_JaffaCakes118

Files

d522acef1c11bc2b5d00fcf7fee5609d_JaffaCakes118
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

��
Size: - Virtual size:

��
Size: - Virtual size:

�N��$
Size: - Virtual size:

�f��r
Size: - Virtual size:

�(��
Size: - Virtual size:

��
Size: - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA

Size: 4KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

��� Size: - Virtual size:

��� Size: - Virtual size:

�N���$ Size: - Virtual size:

�f���r Size: - Virtual size:

�(��� Size: - Virtual size:

����� Size: - Virtual size:

Size: 4KB - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

�N��$
Size: - Virtual size:

�f��r
Size: - Virtual size:

�(��
Size: - Virtual size:

��
Size: - Virtual size: