metasploit | fd900b7b446035b58b8f8cb480e24acd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd900b7b446035b58b8f8cb480e24acd_JaffaCakes118
Size

492KB
MD5

fd900b7b446035b58b8f8cb480e24acd
SHA1

0118592c26f10b39736dcf8e9b57ab43be19bb49
SHA256

1a117143c23dd8966e8bf9852e63cfd43334f1e913dc4fd74ab57d7f54715e67
SHA512

673e8734730328d5dd33a33a7260fcfbd6cb195a8ff224be315df9bc638eb4083ebb7cacf8b5e4165ad6d97bdb3b00e6cbaa0144ae1dc260f0d64f8e03140c4d
SSDEEP

12288:PiAZod5AIF0XJNRx5MZLl6gMK+cnS7kjh2H0:V80fRx5MZlMK+Wskj

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd900b7b446035b58b8f8cb480e24acd_JaffaCakes118

Files

fd900b7b446035b58b8f8cb480e24acd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6qspeel7
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

abgefard
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bmqo9qma
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE