metasploit | ecb3fb6cabac7484f84184105ab4ad03_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ecb3fb6cabac7484f84184105ab4ad03_JaffaCakes118
Size

852KB
MD5

ecb3fb6cabac7484f84184105ab4ad03
SHA1

4e01872b5afdc16d1b18e1f650cbefa67d9ffbc5
SHA256

b0e184242cd2daafaf9f756b2140b0ea432ea733d66fdb03f1a0018ed28170e1
SHA512

4c46d96745e1a0e23ec3b6b8edc1c1808e5a8ca91de7e636d91bf11849dd74c862aad6e9dba1de031e3b4087cb007782accf781c6672d81bc3b5f8f232914d7b
SSDEEP

12288:HE+NLeE1PYEPZ0Vy3F4fjElBjIq2KKn/Hz6I:k+xPZ0VQoglFIlNV

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecb3fb6cabac7484f84184105ab4ad03_JaffaCakes118

Files

ecb3fb6cabac7484f84184105ab4ad03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2624bb403661830702ac777dd9ed308c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
WSAStartup
ioctlsocket
bind
listen
accept
inet_addr
htons
connect
setsockopt
recv
closesocket
socket
send
select
__WSAFDIsSet

kernel32

lstrcmpiA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetFileType
MultiByteToWideChar
Sleep
ReadFile
WriteFile
TransactNamedPipe
CloseHandle
CreateFileA
GetLastError
CreateThread
GetModuleFileNameA
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLocalTime
SetFilePointer
GetFileSize
GetSystemDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
ExitProcess
CreateProcessA
FindClose
FindNextFileA
FindFirstFileA
FreeLibrary
GetEnvironmentVariableW
GetProcAddress
LoadLibraryA
HeapFree
HeapAlloc
GetProcessHeap
FileTimeToSystemTime
FileTimeToLocalFileTime
VirtualQueryEx
ReadProcessMemory
GetSystemInfo
OpenProcess
GetTimeFormatA
GetDateFormatA
GetFileAttributesA
GetModuleHandleA
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
SetFileAttributesA
GetTempPathA
WideCharToMultiByte
GetComputerNameA
GetCurrentProcess
TerminateProcess
DeleteFileA
GetCurrentProcessId
CopyFileA
WaitForSingleObject
CreateMutexA
MoveFileA
TerminateThread
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
CreatePipe
SetConsoleCtrlHandler
GetLocaleInfoA
GetVersionExA
GetLogicalDrives
WaitForMultipleObjects
GenerateConsoleCtrlEvent
GlobalMemoryStatus
IsBadWritePtr
IsBadReadPtr
HeapValidate
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion
InitializeCriticalSection
FatalAppExitA
DebugBreak
GetStdHandle
OutputDebugStringA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
RaiseException
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount

Sections

.data
Size: 720KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Extracted

Signatures

Files

2624bb403661830702ac777dd9ed308c

Headers

File Characteristics

Imports

ws2_32

kernel32

Sections

.data Size: 720KB - Virtual size: 720KB

.pdata Size: 120KB - Virtual size: 120KB

.ex_cod Size: 8KB - Virtual size: 8KB

.data
Size: 720KB - Virtual size: 720KB

.pdata
Size: 120KB - Virtual size: 120KB

.ex_cod
Size: 8KB - Virtual size: 8KB