e1fbd11c46f168be07c8a67fb0f1c23a_JaffaCakes118

General

Target

e1fbd11c46f168be07c8a67fb0f1c23a_JaffaCakes118
Size

191KB
MD5

e1fbd11c46f168be07c8a67fb0f1c23a
SHA1

aace75671f7774974260926244b8447c5e36ab91
SHA256

4413ac305bb9117d03efea4109a55421d35c218be0fa991b1c6ff7842d94f522
SHA512

17f466c1916e4893b23afc07860fc13b2b45306296185b00ec103b8e3706d1782e6c073cdc95877907d74a92344b0db494ec0930d7336b07f03aa069e87f1654
SSDEEP

3072:yKEnBjTHkpvtaFR5yH86BTJ4WFFPplMvxZCMrw:yl9QoFRt4N4I7lMDC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1fbd11c46f168be07c8a67fb0f1c23a_JaffaCakes118

Files

e1fbd11c46f168be07c8a67fb0f1c23a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

fcfa08cd7d280946fd04c21cac485bac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\build\source\datatype_rn\rm\video\codec\rv1dec\rel32\drv1.pdb

Imports

msvcr90

_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_malloc_crt
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encode_pointer
putchar
memset
calloc
printf
__iob_func
fprintf
malloc
free
memcpy
__clean_type_info_names_internal
_CIlog

kernel32

LoadLibraryA
GetProcAddress
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

Exports

Exports

GetGUID
GetRV10DecParams
RV10toRGB3Alloc
RV10toRGB3Free
RV10toRGB3Init
RV10toRGB3Transform
RV10toYUVPostMove
RV10toYUVPostfilter
RV10toYUVTemporalInterp
RV10toYUVTemporalSetup
RV10toYUVTransform
SetRV10DecParams

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcfa08cd7d280946fd04c21cac485bac

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 11KB - Virtual size: 153KB

.rsrc Size: 101KB - Virtual size: 100KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 11KB - Virtual size: 153KB

.rsrc
Size: 101KB - Virtual size: 100KB

.reloc
Size: 2KB - Virtual size: 2KB