21818a713e217dc5f4bcd112b3688b98_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

21818a713e217dc5f4bcd112b3688b98_JaffaCakes118
Size

95KB
MD5

21818a713e217dc5f4bcd112b3688b98
SHA1

e458b738b3b2fcd63a03ff582a7da8c13a22676c
SHA256

6c02bc844054ba6c8c7d96cd03f79bd22057b9dd1029bc70e70dfd0192babbc4
SHA512

bbd89dda5d5cfcb8bf3b0065b4fb2ded58957eea5ff0fdd97d686e448085c05ed89c60c9d89c05dd287ac730796aef551eaa889ab066dda1c48bb664a05366e8
SSDEEP

1536:mHGhPYvwIlD14X7f4AOgcDnUiLkU2mCp6GdjteETZ3vgwWwIlK4ueX:zhPY40Dkf4AOgcDnNLamCYGjjZ3vJfIp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21818a713e217dc5f4bcd112b3688b98_JaffaCakes118

Files

21818a713e217dc5f4bcd112b3688b98_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

4baa243f30a2881b467d56dcd0bdd830

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Nero9\Curry\3rdparty\public\redist\BCG\x86\release multibyte\BCGPOleAcc.pdb

Imports

oleacc

CreateStdAccessibleObject
LresultFromObject

mfc80

ord3948
ord2248
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord6278
ord4014
ord4038
ord757
ord5383
ord1050
ord1049
ord6252
ord1147
ord1150
ord3609
ord3428
ord590
ord1144
ord3635
ord762
ord3244
ord4568
ord4100
ord1955
ord2250
ord2253
ord2252
ord2815
ord1971
ord5419
ord2938
ord1283
ord1230
ord1128
ord2141
ord331
ord476
ord701
ord1185
ord1187
ord1191
ord1209
ord1177
ord1175
ord1201
ord1120
ord1167
ord1917
ord371
ord1098
ord1208
ord1206
ord1092
ord1037
ord1084
ord315
ord765
ord372
ord5230
ord5213
ord5566
ord2537
ord2731
ord2835
ord4307
ord2714
ord2838
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord566
ord3683
ord314
ord1123
ord310
ord2322
ord876
ord578
ord6754
ord764
ord2094
ord581

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_except_handler4_common
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
wcslen
_resetstkoflw
_recalloc
calloc
wcscpy_s
free
malloc
_purecall
__CxxFrameHandler3
__clean_type_info_names_internal

kernel32

GetVersionExA
GetThreadLocale
GetLocaleInfoA
InterlockedCompareExchange
Sleep
LocalAlloc
LocalFree
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
TerminateProcess

user32

GetWindowRect
CharUpperW
CharUpperA
IsWindow
CharLowerA
RegisterWindowMessageA
CharLowerW
SendMessageA
GetMenuItemCount
IsMenu

ole32

CoInitialize
CoGetClassObject
CLSIDFromProgID

oleaut32

SysAllocString
SysFreeString

Exports

Exports

BCGPGetAccObjectLresult
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4baa243f30a2881b467d56dcd0bdd830

Headers

File Characteristics

PDB Paths

Imports

oleacc

mfc80

msvcr80

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 57KB - Virtual size: 57KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB