eeae71e8648c33138e1d698c667137b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eeae71e8648c33138e1d698c667137b5_JaffaCakes118
Size

4.3MB
MD5

eeae71e8648c33138e1d698c667137b5
SHA1

f510edaaf578f4f51f9a2e77ad1193e2b108d926
SHA256

f5c9ba84ea4eb28a6398e54f13ccb33f3a074cf643d2559cf16d26b4ae709c41
SHA512

695d0830317e3af596df93da01b64d7a2d55e5a18af869c628571e0f50eee5605059ae56699341161e995a8df90f1e15181cd053c8ef03d45982280ff241b122
SSDEEP

98304:qlGGNjE25Y7SHuXswYMd7Vjf8bpXKHDbStqGgC9UwaAZ:qlGGZB52SHuXs1KBjUVID2tfHGV+

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tgxzs/FastSend.exe
unpack001/tgxzs/Tools/FixDB.exe
unpack001/tgxzs/Update.exe

Files

eeae71e8648c33138e1d698c667137b5_JaffaCakes118
.rar
logo.gif
.gif
tgxzs/AICode.dat
tgxzs/Config.in_
tgxzs/Config.ini
tgxzs/DBList/bbsdb.uls
tgxzs/FastSend.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 654KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FSD
Size: 940KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tgxzs/Login.ini
tgxzs/Logs/index.dat
tgxzs/Seek.ini
tgxzs/Skins/BlueDream.ask
tgxzs/Skins/BlueDream.map
tgxzs/Skins/FlySky.ask
tgxzs/Skins/FlySky.map
tgxzs/Skins/Matrix.ask
tgxzs/Skins/Matrix.map
tgxzs/Skins/RedRose.ask
tgxzs/Skins/RedRose.map
tgxzs/Tools/FixDB.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 66KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tgxzs/Update.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 329KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FSD
Size: 1.4MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tgxzs/sysdb.dat
下载使用说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 654KB - Virtual size: 1.5MB

.rsrc Size: 39KB - Virtual size: 126KB

.idata Size: 512B - Virtual size: 4KB

FSD Size: 940KB - Virtual size: 2.1MB

Headers

File Characteristics

Sections

Size: - Virtual size: 192KB

Size: 66KB - Virtual size: 71KB

Size: 3KB - Virtual size: 2KB

Headers

File Characteristics

Sections

Size: 329KB - Virtual size: 768KB

.rsrc Size: 108KB - Virtual size: 198KB

.idata Size: 512B - Virtual size: 4KB

FSD Size: 1.4MB - Virtual size: 3.0MB

.rsrc
Size: 39KB - Virtual size: 126KB

.idata
Size: 512B - Virtual size: 4KB

FSD
Size: 940KB - Virtual size: 2.1MB

.rsrc
Size: 108KB - Virtual size: 198KB

.idata
Size: 512B - Virtual size: 4KB

FSD
Size: 1.4MB - Virtual size: 3.0MB