b7ed5523a94b7efb3fd9ab45c33ac332_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b7ed5523a94b7efb3fd9ab45c33ac332_JaffaCakes118
Size

876KB
MD5

b7ed5523a94b7efb3fd9ab45c33ac332
SHA1

90843ec2575766a5107bd3bfa5b098da68ca02e6
SHA256

b6e2f7bb29cc558196e98bcf6c31b5a4c961ea85e93c10a31c7a736e8354d27f
SHA512

7b072649895e33044bbee231654393cab3ee7ee77e4b59033322a388a292d5782f317af734515a078636e098d53da4f7d3474a466fdd29048edacd16a9e868e1
SSDEEP

24576:IA9PBtKiy3lJuBaB0Enmr8I8c/uRB76wD:195VOIU0EmP8N7r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7ed5523a94b7efb3fd9ab45c33ac332_JaffaCakes118

Files

b7ed5523a94b7efb3fd9ab45c33ac332_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8a145d612d8abab17cd54ff48e11e023

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\mcbuild\mcbuild-win\FL3.0_Authoring\0090\projects\reference\windows\desktop\vs8\release\flashlite_Pix565_16_Manual_Slicing.pdb

Imports

winmm

timeGetTime

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
FileTimeToSystemTime
SystemTimeToFileTime
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId

msvcr80

pow
fabs
sqrt
log
ceil
floor
fmod
memset
frexp
strcmp
strncmp
strlen
_time64
memcmp
memmove
strcat
strchr
strrchr
_strdup
_stricmp
_strnicmp
strstr
exp
strncpy
mbstowcs
wcstombs
wcslen
wcscpy
wcscmp
_wcsicmp
_vsnprintf
_encode_pointer
_malloc_crt
_encoded_null
free
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
atan2
atan
asin
acos
tan
sin
cos
sprintf
_purecall
strcpy

Exports

Exports

FI_CheckSWFDataBufferValidity
FI_CreatePlayer
FI_GetDisplayFormat
FI_GetMetaData
FI_GetSharedObjectGUID
FI_GetSwfInfo
FI_GetVersion
FI_SetMaxVideoFramesToProcess

Sections

.text
Size: 584KB - Virtual size: 581KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a145d612d8abab17cd54ff48e11e023

Headers

File Characteristics

PDB Paths

Imports

winmm

kernel32

msvcr80

Exports

Exports

Sections

.text Size: 584KB - Virtual size: 581KB

.rdata Size: 96KB - Virtual size: 92KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 428B

.reloc Size: 12KB - Virtual size: 10KB

.text Size: 168KB - Virtual size: 168KB

.text
Size: 584KB - Virtual size: 581KB

.rdata
Size: 96KB - Virtual size: 92KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 428B

.reloc
Size: 12KB - Virtual size: 10KB

.text
Size: 168KB - Virtual size: 168KB