1036d0d3af87929808d9a700fc16a6b5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1036d0d3af87929808d9a700fc16a6b5_JaffaCakes118
Size

175KB
MD5

1036d0d3af87929808d9a700fc16a6b5
SHA1

e6ca8df28fa920f0ac75b9e90bd94d261733b775
SHA256

6a738c2317dc3641f42f43234066debea0f85c23e9692563b1b08f76208a60a2
SHA512

2bf6b8824a101370e01bb0b8fdadc87d6ce6d9d0457b8272931bc23f7f8fcb3e708ada3c1f9ba31d618c9cfba293afa091e5063563f2afba8f72e3c105311a24
SSDEEP

3072:szrqNy84kH+tNYPTyj/OJ/HgKZwNA48BlfzXOWdq5qL4rN7:sRvDwT8p65bXOWVC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1036d0d3af87929808d9a700fc16a6b5_JaffaCakes118

Files

1036d0d3af87929808d9a700fc16a6b5_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a962ca872b020499e735d949e3e2f68f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

O:\OOO330\ooo\fpicker\wntmsci12.pro\bin\fps.pdb

Imports

cppu3

cppu_unsatisfied_iquery_msg
uno_type_sequence_assign
uno_type_assignData
uno_type_any_construct
uno_type_sequence_realloc
typelib_static_type_init
uno_type_any_assign
uno_any_destruct
uno_any_construct
typelib_typedescriptionreference_equals
uno_type_sequence_reference2One
uno_type_destructData
uno_type_sequence_construct
typelib_static_sequence_type_init
typelib_static_type_getByTypeClass

cppuhelper3msc

?disposing@WeakComponentImplHelperBase@cppu@@MAAXXZ
?acquire@WeakComponentImplHelperBase@cppu@@UAAXXZ
?release@WeakComponentImplHelperBase@cppu@@UAAXXZ
?dispose@WeakComponentImplHelperBase@cppu@@UAAXXZ
?addEventListener@WeakComponentImplHelperBase@cppu@@UAAXABV?$Reference@VXEventListener@lang@star@sun@com@@@uno@star@sun@com@@@Z
?removeEventListener@WeakComponentImplHelperBase@cppu@@UAAXABV?$Reference@VXEventListener@lang@star@sun@com@@@uno@star@sun@com@@@Z
??1OInterfaceIteratorHelper@cppu@@QAE@XZ
??0WeakComponentImplHelperBase@cppu@@IAE@AAVMutex@osl@@@Z
?removeInterface@OMultiTypeInterfaceContainerHelper@cppu@@QAAJABVType@uno@star@sun@com@@ABV?$Reference@VXInterface@uno@star@sun@com@@@4567@@Z
?addInterface@OMultiTypeInterfaceContainerHelper@cppu@@QAAJABVType@uno@star@sun@com@@ABV?$Reference@VXInterface@uno@star@sun@com@@@4567@@Z
?getContainer@OMultiTypeInterfaceContainerHelper@cppu@@QBAPAVOInterfaceContainerHelper@2@ABVType@uno@star@sun@com@@@Z
??1WeakComponentImplHelperBase@cppu@@UAE@XZ
?createSingleFactory@cppu@@YA?AV?$Reference@VXSingleServiceFactory@lang@star@sun@com@@@uno@star@sun@com@@ABV?$Reference@VXMultiServiceFactory@lang@star@sun@com@@@3456@ABVOUString@rtl@@P6A?AV?$Reference@VXInterface@uno@star@sun@com@@@3456@0@ZABV?$Sequence@VOUString@rtl@@@3456@PAU_rtl_ModuleCount@@@Z
?queryAdapter@OWeakObject@cppu@@UAA?AV?$Reference@VXAdapter@uno@star@sun@com@@@uno@star@sun@com@@XZ
?next@OInterfaceIteratorHelper@cppu@@QAAPAVXInterface@uno@star@sun@com@@XZ
??0OInterfaceIteratorHelper@cppu@@QAE@AAVOInterfaceContainerHelper@1@@Z
?WeakComponentImplHelper_query@cppu@@YA?AVAny@uno@star@sun@com@@ABVType@3456@PAUclass_data@1@PAXPAVWeakComponentImplHelperBase@1@@Z
?WeakComponentImplHelper_getTypes@cppu@@YA?AV?$Sequence@VType@uno@star@sun@com@@@uno@star@sun@com@@PAUclass_data@1@@Z
?ImplHelper_getImplementationId@cppu@@YA?AV?$Sequence@C@uno@star@sun@com@@PAUclass_data@1@@Z
??1OMultiTypeInterfaceContainerHelper@cppu@@QAE@XZ
??0OMultiTypeInterfaceContainerHelper@cppu@@QAE@AAVMutex@osl@@@Z
?remove@OInterfaceIteratorHelper@cppu@@QAAXXZ

comphelp4msc

?readDirectKey@ConfigurationHelper@comphelper@@SA?AVAny@uno@star@sun@com@@V?$Reference@VXMultiServiceFactory@lang@star@sun@com@@@4567@ABVOUString@rtl@@11J@Z
?getProcessServiceFactory@comphelper@@YA?AV?$Reference@VXMultiServiceFactory@lang@star@sun@com@@@uno@star@sun@com@@XZ
?GetStorageFromURL@OStorageHelper@comphelper@@SA?AV?$Reference@VXStorage@embed@star@sun@com@@@uno@star@sun@com@@ABVOUString@rtl@@JABV?$Reference@VXMultiServiceFactory@lang@star@sun@com@@@4567@@Z
??1SequenceAsHashMap@comphelper@@QAE@XZ
??0SequenceAsHashMap@comphelper@@QAE@XZ
?writeDirectKey@ConfigurationHelper@comphelper@@SAXV?$Reference@VXMultiServiceFactory@lang@star@sun@com@@@uno@star@sun@com@@ABVOUString@rtl@@11ABVAny@4567@J@Z

sal3

rtl_uString_acquire
rtl_ustr_compare_WithLength
rtl_ustr_indexOfChar_WithLength
osl_createMutex
osl_destroyMutex
osl_acquireMutex
rtl_uString_new
rtl_uString_new_WithLength
rtl_uStringbuffer_insert
rtl_uStringbuffer_insert_ascii
osl_incrementInterlockedCount
rtl_str_getLength
osl_getGlobalMutex
rtl_string2UString
rtl_str_compare
rtl_freeMemory
rtl_allocateMemory
rtl_uString_assign
rtl_uString_release
osl_releaseMutex
rtl_uString_newFromAscii
rtl_ustr_indexOfStr_WithLength
rtl_ustr_compareIgnoreAsciiCase_WithLength
osl_getFileURLFromSystemPath
rtl_ustr_lastIndexOfChar_WithLength
osl_scheduleThread
osl_getThreadIdentifier
osl_joinWithThread
osl_terminateThread
osl_suspendThread
osl_destroyThread
osl_checkCondition
osl_waitCondition
osl_setCondition
osl_getSystemPathFromFileURL
rtl_ustr_lastIndexOfStr_WithLength
rtl_uString_newConcat
rtl_ustr_getLength
rtl_uStringbuffer_ensureCapacity
rtl_ustr_hashCode_WithLength
rtl_uString_newFromStr
osl_createSuspendedThread
osl_resumeThread
osl_isThreadRunning
osl_resetCondition
osl_destroyCondition
osl_createCondition
rtl_uString_newFromStr_WithLength

vclmi

?Yield@Application@@SAX_N@Z
?GetSolarMutex@Application@@SAAAVIMutex@vos@@XZ
?GetUILocale@AllSettings@@QBEABULocale@lang@star@sun@com@@XZ
?GetSettings@Application@@SAABVAllSettings@@XZ
?ReleaseSolarMutex@Application@@SAKXZ
?AcquireSolarMutex@Application@@SAXK@Z

tlmi

??1String@@QAE@XZ
?ReadString@SimpleResMgr@@QAE?AVString@@K@Z
??0SimpleResMgr@@QAE@PBDABULocale@lang@star@sun@com@@@Z
??1SimpleResMgr@@UAE@XZ
??BString@@QBE?AVOUString@rtl@@XZ

uwinapi

GetWindowLongW
SHCreateItemFromParsingName
EnableWindow
GetWindowTextW
FindWindowExW
DrawTextW
GetTextMetricsW
UnregisterClassW
GetOpenFileNameW
SetWindowTextW
PostMessageW
SetPropW
RemovePropW
SetWindowLongW
CallWindowProcW
GetPropW
SendMessageW
CreateEventW
GetModuleHandleW
GetSaveFileNameW
SetCurrentDirectoryW
GetWindowsDirectoryW
GetCurrentDirectoryW
RegisterWindowMessageW
FindFirstFileW
GetClassNameW
LoadCursorW
RegisterClassExW
CreateWindowExW
DefWindowProcW
GetVersionExW

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoInitializeEx
OleUninitialize
OleInitialize
CoTaskMemFree

gdi32

GetStockObject
PatBlt
UnrealizeObject
SetTextColor
SetBkColor
DeleteObject
SelectObject
CreatePen
CreateSolidBrush
CreatePatternBrush
CreateBitmap
StretchDIBits
SetStretchBltMode
Rectangle
GetDeviceCaps

comdlg32

CommDlgExtendedError

kernel32

GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
SetEvent
CloseHandle
WaitForSingleObject
GetCurrentThreadId
WaitForMultipleObjects
GetCurrentProcessId
FindClose
GetVersion
IsBadReadPtr
IsDebuggerPresent

msvcr90

memcpy
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBDH@Z
__CxxFrameHandler3
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
_purecall
_beginthreadex
memset
__RTDynamicCast
memmove
wcsrchr
_snwprintf
_wcsicmp
_crt_debugger_hook
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_encode_pointer
_malloc_crt
free
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_encoded_null
_except_handler4_common
__clean_type_info_names_internal
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer

user32

ReleaseCapture
GetWindowThreadProcessId
GetDesktopWindow
GetForegroundWindow
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
IsWindow
GetParent
GetDlgItem
MoveWindow
ScreenToClient
GetDlgCtrlID
GetFocus
EnumChildWindows
GetMessagePos
SetRect
GetSysColor
FillRect
InvalidateRect
IsWindowVisible
UpdateWindow
ShowWindow
GetClientRect
DestroyWindow
BeginPaint
SetCapture
EndPaint

stlport_vc7145

??0__Named_exception@_STL@@QAE@ABV01@@Z
??0runtime_error@_STL@@QAE@ABV01@@Z
??1runtime_error@_STL@@UAE@XZ
??0?$basic_string@DV?$char_traits@D@_STL@@V?$allocator@D@2@@_STL@@QAE@PBDABV?$allocator@D@1@@Z
??0__Named_exception@_STL@@QAE@ABV?$basic_string@DV?$char_traits@D@_STL@@V?$allocator@D@2@@1@@Z
??_7runtime_error@_STL@@6B@
??1?$allocator@D@_STL@@QAE@XZ
??1?$basic_string@DV?$char_traits@D@_STL@@V?$allocator@D@2@@_STL@@QAE@XZ
??1__Named_exception@_STL@@UAE@XZ
?__stl_throw_out_of_range@_STL@@YAXPBD@Z
?get_allocator@?$vector@PAXV?$allocator@PAX@_STL@@@_STL@@QBE?AV?$allocator@PAX@2@XZ
??0?$vector@PAXV?$allocator@PAX@_STL@@@_STL@@QAE@IABQAXABV?$allocator@PAX@1@@Z
?swap@?$vector@PAXV?$allocator@PAX@_STL@@@_STL@@QAEXAAV12@@Z
??1?$vector@PAXV?$allocator@PAX@_STL@@@_STL@@QAE@XZ
??1?$allocator@PAX@_STL@@QAE@XZ
?deallocate@?$__node_alloc@$00$0A@@_STL@@SAXPAXI@Z
?allocate@?$__node_alloc@$00$0A@@_STL@@SAPAXI@Z

Exports

Exports

GetVersionInfo
component_getFactory
component_getImplementationEnvironment
component_writeInfo

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a962ca872b020499e735d949e3e2f68f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cppu3

cppuhelper3msc

comphelp4msc

sal3

vclmi

tlmi

uwinapi

ole32

gdi32

comdlg32

kernel32

msvcr90

user32

stlport_vc7145

Exports

Exports

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 53KB - Virtual size: 53KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 53KB - Virtual size: 53KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 11KB - Virtual size: 10KB