4a9cf6b60a842e30452a587134cf7838_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a9cf6b60a842e30452a587134cf7838_JaffaCakes118
Size

1.3MB
MD5

4a9cf6b60a842e30452a587134cf7838
SHA1

ecfc39cf65e6dc5b6b5402abe1078efae8a446a1
SHA256

25064c891a6c5176a72a8cbfc635a2553127502f23106005405e40e3be9ea8ac
SHA512

26bd4982c59bc0407a5350ed2947468f306a6732e4326a1dc236dd70889b1b72908d3ae0ec132ab9a14b48666a42285ae4827d725beee433b29debc456a58811
SSDEEP

24576:wghW4y2KARSweY1XWvX22xm7ZYfHi6VVFUuBCk/UrVIJy:0gSweY1+m7irBsrVX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a9cf6b60a842e30452a587134cf7838_JaffaCakes118

Files

4a9cf6b60a842e30452a587134cf7838_JaffaCakes118
.dll windows:4 windows x86 arch:x86

70caefa1b51d88099230c92e3efbe688

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\bslave-products\enc_avc_ds_mc_win32_ia32\build\enc_avc\src\api\obj_ia32_win32_msvc_release_shared_mc_\enc_avc.pdb

Imports

kernel32

OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
lstrcpyA
GetProfileIntA
QueryPerformanceFrequency
QueryPerformanceCounter
CreateEventA
CloseHandle
LeaveCriticalSection
EnterCriticalSection
SetEvent
GetProcessAffinityMask
GetCurrentProcess
GetSystemInfo
InitializeCriticalSection
DeleteCriticalSection
SetThreadPriority
WaitForSingleObject
GetCurrentThreadId
ResetEvent
CreateThread
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetStdHandle
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
RtlUnwind
ExitProcess
RaiseException
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
MultiByteToWideChar
ReadFile
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
CreateFileA
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile

Exports

Exports

h264OutVideoChkSettings
h264OutVideoDefaults
h264OutVideoDefaultsExt
h264OutVideoDone
h264OutVideoFlush
h264OutVideoFree
h264OutVideoGetAPIExt
h264OutVideoGetMaxBitrate
h264OutVideoGetParSets
h264OutVideoGetVBVState
h264OutVideoInit
h264OutVideoNew
h264OutVideoPerformance
h264OutVideoPutFrame
h264OutVideoPutFrameV
h264OutVideoUpdateSettings

Sections

.text
Size: 944KB - Virtual size: 943KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

70caefa1b51d88099230c92e3efbe688

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 944KB - Virtual size: 943KB

.rdata Size: 152KB - Virtual size: 150KB

.data Size: 108KB - Virtual size: 163KB

.rodata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 40KB - Virtual size: 37KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 944KB - Virtual size: 943KB

.rdata
Size: 152KB - Virtual size: 150KB

.data
Size: 108KB - Virtual size: 163KB

.rodata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 40KB - Virtual size: 37KB

.text
Size: 64KB - Virtual size: 64KB