metasploit | d60f28c5414bebaaa358d14dd79bf8b3_JaffaCakes118

General

Target

d60f28c5414bebaaa358d14dd79bf8b3_JaffaCakes118
Size

192KB
MD5

d60f28c5414bebaaa358d14dd79bf8b3
SHA1

a6abf0a769c0f74b487d26db7964e06dbe6a4280
SHA256

3d6ff7fa98a376f7674b9975daca012278683f6cecf22126ca9d7b75e862e4ba
SHA512

f469575e89b2b46937d37eb49c888e61494437020a62163c13e2c215773558d29f5d8bd7c757a32e2c6c24adb152665b037155d033eb0a4d2a40531e3183712a
SSDEEP

3072:JOrerAgXWMI6vKoTN6p0frxJLgf7nDVF6PUp1Yo3ICgx:JWDcRgNpex5gfzDVlVXg

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.0.10:5555

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d60f28c5414bebaaa358d14dd79bf8b3_JaffaCakes118

Files

d60f28c5414bebaaa358d14dd79bf8b3_JaffaCakes118
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

��
Size: - Virtual size:

�2��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA

Size: 4KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

����� Size: - Virtual size:

�2���� Size: - Virtual size:

����� Size: - Virtual size:

����� Size: - Virtual size:

����� Size: - Virtual size:

����� Size: - Virtual size:

Size: 4KB - Virtual size:

��
Size: - Virtual size:

�2��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size:

��
Size: - Virtual size: