metasploit | f04963ed4a7510a7f114a8c7084b2667_JaffaCakes118

General

Target

f04963ed4a7510a7f114a8c7084b2667_JaffaCakes118
Size

16KB
MD5

f04963ed4a7510a7f114a8c7084b2667
SHA1

daafd028bc5fa4ada7f669b415dd7f28f4d90096
SHA256

d95c507589d4992e764c456c5c16f9d4ec11a8e30fbbcffcab2fce5c249ba711
SHA512

17b4b23f216d6152bb6f58adaaafa22c269e0ab3aa7c112859f4432fb7a3fde65ecab61eac501ba394a4208ebfe0ab4bbed855cbcf9e46273de4bab519659a58
SSDEEP

192:s4ma+kGrsFCIuCXCBZrnq7F3rKlCw8vpPOoeyFoBCC4x:soGrsFrryZGxraCw8RPtJaBZG

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

172.16.0.144:4444

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f04963ed4a7510a7f114a8c7084b2667_JaffaCakes118

Files

f04963ed4a7510a7f114a8c7084b2667_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5d57ba56be42f1e64ad543417e133bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
ExitProcess
FindAtomA
GetAtomNameA
SetUnhandledExceptionFilter

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
free
malloc
memset
signal

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 224B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Extracted

Extracted

Signatures

Files

e5d57ba56be42f1e64ad543417e133bd

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 192B

.bss Size: - Virtual size: 224B

.idata Size: 1024B - Virtual size: 616B

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 192B

.bss
Size: - Virtual size: 224B

.idata
Size: 1024B - Virtual size: 616B