154aa933148b76cf72cf554e28c1afa1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

154aa933148b76cf72cf554e28c1afa1_JaffaCakes118
Size

31KB
MD5

154aa933148b76cf72cf554e28c1afa1
SHA1

330922052b7e06b6939bd14bac366075403e73c9
SHA256

1e0f5bfe1bfde349755a62f05b3b7fff4354d1e3e18a5a9fe4a44d24147e074f
SHA512

7312756877a1b6519927b7bed56d6a9737445e6c9db27934b6544a755e7e85b14c86d1b55370e576d06719d0fe8ec2d1e3e182152200458c3b52fd6dfa59c527
SSDEEP

384:uHojyqNquAsaoOudnWEjC8ccoMcQ5L7ZZuI97kbOUcU2VmQXPMXOFOwhEuTAY133:+o2qNqzFCW4/cQ5LeQ70xyOXOxAAx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
154aa933148b76cf72cf554e28c1afa1_JaffaCakes118

Files

154aa933148b76cf72cf554e28c1afa1_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a6c6b95200de41876d4cf2b6daf10587

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\AOO\sources\builds\main\fpicker\wntmsci12.pro\bin\fop.pdb

Imports

cppu3

typelib_static_type_getByTypeClass
uno_any_destruct
typelib_static_type_init
uno_type_sequence_reference2One
typelib_static_sequence_type_init
uno_type_sequence_construct
uno_type_destructData

cppuhelper3msc

?queryAdapter@OWeakObject@cppu@@UAA?AV?$Reference@VXAdapter@uno@star@sun@com@@@uno@star@sun@com@@XZ
?ImplHelper_getImplementationId@cppu@@YA?AV?$Sequence@C@uno@star@sun@com@@PAUclass_data@1@@Z
?WeakImplHelper_getTypes@cppu@@YA?AV?$Sequence@VType@uno@star@sun@com@@@uno@star@sun@com@@PAUclass_data@1@@Z
?WeakImplHelper_query@cppu@@YA?AVAny@uno@star@sun@com@@ABVType@3456@PAUclass_data@1@PAXPAVOWeakObject@1@@Z
?createSingleFactory@cppu@@YA?AV?$Reference@VXSingleServiceFactory@lang@star@sun@com@@@uno@star@sun@com@@ABV?$Reference@VXMultiServiceFactory@lang@star@sun@com@@@3456@ABVOUString@rtl@@P6A?AV?$Reference@VXInterface@uno@star@sun@com@@@3456@0@ZABV?$Sequence@VOUString@rtl@@@3456@PAU_rtl_ModuleCount@@@Z
??1OWeakObject@cppu@@MAE@XZ
??0OWeakObject@cppu@@QAE@XZ
?acquire@OWeakObject@cppu@@UAAXXZ
?release@OWeakObject@cppu@@UAAXXZ

sal3

rtl_uString_newFromStr
osl_getFileURLFromSystemPath
osl_getSystemPathFromFileURL
rtl_ustr_lastIndexOfStr_WithLength
rtl_uString_newConcat
rtl_uString_acquire
rtl_uString_new
rtl_string2UString
osl_incrementInterlockedCount
osl_releaseMutex
osl_acquireMutex
osl_destroyMutex
osl_createMutex
rtl_ustr_compare_WithLength
rtl_str_compare
rtl_freeMemory
rtl_allocateMemory
rtl_uString_newFromAscii
rtl_uString_assign
rtl_uString_release
osl_getGlobalMutex

vcl

?GetSolarMutex@Application@@SAAAVIMutex@vos@@XZ
?GetSettings@Application@@SAABVAllSettings@@XZ
?GetUILocale@AllSettings@@QBEABULocale@lang@star@sun@com@@XZ

tl

??1SimpleResMgr@@UAE@XZ
??0SimpleResMgr@@QAE@PBDABULocale@lang@star@sun@com@@@Z
??1String@@QAE@XZ
??BString@@QBE?AVOUString@rtl@@XZ
?ReadString@SimpleResMgr@@QAE?AVString@@K@Z

uwinapi

SHBrowseForFolderW
GetPropA
RemovePropA
SHGetPathFromIDListW
SendMessageW
SetWindowTextW
SetPropA

ole32

OleUninitialize
CoInitialize
CoUninitialize
OleInitialize

shell32

SHGetDesktopFolder
SHGetMalloc

msvcr90

free
_malloc_crt
_encode_pointer
_beginthreadex
memset
_purecall
??_V@YAXPAX@Z
??_U@YAPAXI@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBDH@Z
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
_encoded_null
__CxxFrameHandler3
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
??2@YAPAXI@Z

kernel32

CreateEventA
TerminateThread
WaitForSingleObject
ResetEvent
SetEvent
GetModuleHandleA
InterlockedExchange
Sleep
InterlockedCompareExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
CloseHandle

user32

SendMessageA
PostQuitMessage
DestroyWindow
DefWindowProcA
RegisterClassExA
UnregisterClassA
IsWindow
GetDlgItem
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
CreateWindowExA
GetMessageA
GetForegroundWindow
PostMessageA

Exports

Exports

GetVersionInfo
component_getFactory
component_getImplementationEnvironment

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6c6b95200de41876d4cf2b6daf10587

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cppu3

cppuhelper3msc

sal3

vcl

tl

uwinapi

ole32

shell32

msvcr90

kernel32

user32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB