2e5568d103392a94083e0a3a33162c5d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e5568d103392a94083e0a3a33162c5d_JaffaCakes118
Size

1.6MB
MD5

2e5568d103392a94083e0a3a33162c5d
SHA1

3c4e1ceeb15ba430b4252461e5cb1e14266b1b9d
SHA256

04f8f6c9c5f6ce83a841871b16d3f8480dc96585e23720fc26ce58a958af341c
SHA512

29903a26f211248bc1dd705d18ac85700cb02ed0d8a36cb916159d50ec05b34355f9dcc8a2e1b75b09a3e2b59e07fc0bd2700b0f69574d919dddbada10cda991
SSDEEP

24576:h+rWddTux4os8z4sq+kq2fcTMLjEafvQ2FRlJm4ENQegrpd6xIvrysGsjaiu+09B:h+udTuxehFLjE4YMvm6f6xeyIjBu+UB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tgs_pub_2.0.4/ca_dll_public.flt

Files

2e5568d103392a94083e0a3a33162c5d_JaffaCakes118
.rar
tgs_pub_2.0.4/ca_dll_public.flt
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tgs
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE