4527f7d75b752d65212464850dae3e89_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4527f7d75b752d65212464850dae3e89_JaffaCakes118
Size

112KB
MD5

4527f7d75b752d65212464850dae3e89
SHA1

7ea3470d4e772b023979197d1be16ed90e4076bb
SHA256

658f04ad8df10a509c2a3338b42b3e9519b60484461826e1c1bbdedb76053541
SHA512

3b4558b99299a5aba7e5562992aa9fa5861f632413d80aa65dc86fe0b9aa6e780f3459fb29b21e80922ae6971314ac19f307e124a702a6d824bed323bdaaa29b
SSDEEP

3072:GZKttNttNNQ6E8d9owse1kI3u+2vcPv5W7zaaaaaaaaaaaaaaaaaaaa48i:GkttNttNNQ679owBe+2kPxW7t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4527f7d75b752d65212464850dae3e89_JaffaCakes118

Files

4527f7d75b752d65212464850dae3e89_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cf3717c179f6b4681ac89529da2dae7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

_amsg_exit
_initterm
_iob
_lock
_unlock
abort
calloc
free
fwrite
memcpy
memmove
realloc
strchr
strcmp
strlen
strncmp
strtol
vfprintf

avutil-56

av_free
av_get_cpu_flags
av_log
av_malloc
av_mallocz
av_rescale
av_strlcpy
av_strtok

Exports

Exports

postproc_configuration
postproc_ffversion
postproc_license
postproc_version
pp_free_context
pp_free_mode
pp_get_context
pp_get_mode_by_name_and_quality
pp_help
pp_postprocess

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 331B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf3717c179f6b4681ac89529da2dae7e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

avutil-56

Exports

Exports

Sections

.text Size: 99KB - Virtual size: 99KB

.data Size: 512B - Virtual size: 44B

.rdata Size: 6KB - Virtual size: 5KB

.bss Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 331B

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1024B - Virtual size: 896B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 99KB - Virtual size: 99KB

.data
Size: 512B - Virtual size: 44B

.rdata
Size: 6KB - Virtual size: 5KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 331B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 1KB - Virtual size: 1KB