42079468a62fe9f236e953e7131728ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42079468a62fe9f236e953e7131728ab_JaffaCakes118
Size

78KB
MD5

42079468a62fe9f236e953e7131728ab
SHA1

e7b2565e6f346462f05a5404edec6d84c7ccef17
SHA256

be7506d03c85af0ee88d2b1dc91169439b50a41eee898d21bb11bcd11221dd36
SHA512

4e4c23bdfce90f8ee5c4e991d5ac91f575207edb56ab99fead4a835ba73a1ac1fe664325d0bc0ec4a3f1445f9fc022d704e6eb7392969e613a3aabf316cdf128
SSDEEP

768:TG/H02z5HOKmQhfHc+A+Gcp1XZ4Lt4+Jel0T7J0An2i+4NU8Of1YSwBOVv3vimLq:i/UWv9cKXZ+zUK6AJ+sOfT8Ox3vifQI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42079468a62fe9f236e953e7131728ab_JaffaCakes118

Files

42079468a62fe9f236e953e7131728ab_JaffaCakes118
.dll windows:5 windows x86 arch:x86

c5b863e9c5ee1504f1f6262d3f1b6433

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

O:\OOO330\ooo\dbaccess\wntmsci12.pro\bin\sdbtmi.pdb

Imports

msvcr90

_except_handler4_common
_onexit
_crt_debugger_hook
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
?terminate@@YAXXZ
_purecall
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBDH@Z
??1exception@std@@UAE@XZ
__CxxFrameHandler3
?_type_info_dtor_internal_method@type_info@@QAEXXZ

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

cppu3

uno_any_construct
cppu_unsatisfied_iquery_msg
uno_type_assignData
uno_type_destructData
uno_type_sequence_reference2One
uno_type_sequence_construct
typelib_static_sequence_type_init
uno_type_any_construct
typelib_static_type_init
uno_any_destruct
typelib_static_type_getByTypeClass
uno_type_any_assign

cppuhelper3msc

?WeakImplHelper_query@cppu@@YA?AVAny@uno@star@sun@com@@ABVType@3456@PAUclass_data@1@PAXPAVOWeakObject@1@@Z
??1WeakReferenceHelper@uno@star@sun@com@@QAE@XZ
??1OWeakObject@cppu@@MAE@XZ
?queryAdapter@OWeakObject@cppu@@UAA?AV?$Reference@VXAdapter@uno@star@sun@com@@@uno@star@sun@com@@XZ
?acquire@OWeakObject@cppu@@UAAXXZ
?release@OWeakObject@cppu@@UAAXXZ
?ImplHelper_getImplementationId@cppu@@YA?AV?$Sequence@C@uno@star@sun@com@@PAUclass_data@1@@Z
??4WeakReferenceHelper@uno@star@sun@com@@QAAAAV01234@ABV?$Reference@VXInterface@uno@star@sun@com@@@1234@@Z
??0OWeakObject@cppu@@QAE@XZ
?createSingleComponentFactory@cppu@@YA?AV?$Reference@VXSingleComponentFactory@lang@star@sun@com@@@uno@star@sun@com@@P6A?AV?$Reference@VXInterface@uno@star@sun@com@@@3456@ABV?$Reference@VXComponentContext@uno@star@sun@com@@@3456@@ZABVOUString@rtl@@ABV?$Sequence@VOUString@rtl@@@3456@PAU_rtl_ModuleCount@@@Z
?get@WeakReferenceHelper@uno@star@sun@com@@QBA?AV?$Reference@VXInterface@uno@star@sun@com@@@2345@XZ
?WeakImplHelper_getTypes@cppu@@YA?AV?$Sequence@VType@uno@star@sun@com@@@uno@star@sun@com@@PAUclass_data@1@@Z

utlmi

??0OComponentResourceModule@utl@@QAE@ABVOString@rtl@@@Z
?onFirstClient@OComponentResourceModule@utl@@MAEXXZ
?onLastClient@OComponentResourceModule@utl@@MAEXXZ
??0ModuleRes@utl@@QAE@GAAVOComponentResourceModule@1@@Z
??1OComponentResourceModule@utl@@UAE@XZ

comphelp4msc

??0ComponentContext@comphelper@@QAE@ABV01@@Z
??1OModuleClient@comphelper@@QAE@XZ
?getComponentFactory@OModule@comphelper@@QAE?AV?$Reference@VXInterface@uno@star@sun@com@@@uno@star@sun@com@@ABVOUString@rtl@@ABV?$Reference@VXMultiServiceFactory@lang@star@sun@com@@@4567@@Z
?writeComponentInfos@OModule@comphelper@@QAEEPAX0@Z
??1ComponentContext@comphelper@@QAE@XZ
??0ComponentContext@comphelper@@QAE@ABV?$Reference@VXComponentContext@uno@star@sun@com@@@uno@star@sun@com@@@Z
?registerImplementation@OModule@comphelper@@QAEXABVOUString@rtl@@ABV?$Sequence@VOUString@rtl@@@uno@star@sun@com@@P6A?AV?$Reference@VXInterface@uno@star@sun@com@@@6789@ABV?$Reference@VXComponentContext@uno@star@sun@com@@@6789@@ZP6A?AV?$Reference@VXSingleComponentFactory@lang@star@sun@com@@@6789@301PAU_rtl_ModuleCount@@@Z@Z
??1NamedValueCollection@comphelper@@QAE@XZ
?get@NamedValueCollection@comphelper@@QBEABVAny@uno@star@sun@com@@PBD@Z
??0NamedValueCollection@comphelper@@QAE@ABV?$Sequence@VAny@uno@star@sun@com@@@uno@star@sun@com@@@Z
??0OModuleClient@comphelper@@QAE@AAVOModule@1@@Z

tlmi

??0String@@QAE@ABVOUString@rtl@@@Z
?Assign@String@@QAEAAV1@ABV1@@Z
??0String@@QAE@ABVResId@@@Z
??BString@@QBE?AVOUString@rtl@@XZ
??1String@@QAE@XZ

dbtoolsmi

?composeTableNameForSelect@dbtools@@YA?AVOUString@rtl@@ABV?$Reference@VXConnection@sdbc@star@sun@com@@@uno@star@sun@com@@ABV23@11@Z
??1SQLExceptionInfo@dbtools@@QAE@XZ
?doThrow@SQLExceptionInfo@dbtools@@QAEXXZ
?isValid@SQLExceptionInfo@dbtools@@QBEEXZ
?getFieldsByCommandDescriptor@dbtools@@YA?AV?$Reference@VXNameAccess@container@star@sun@com@@@uno@star@sun@com@@ABV?$Reference@VXConnection@sdbc@star@sun@com@@@3456@JABVOUString@rtl@@AAV?$Reference@VXComponent@lang@star@sun@com@@@3456@PAVSQLExceptionInfo@1@@Z
??0SQLExceptionInfo@dbtools@@QAE@XZ
??1StatementComposer@dbtools@@QAE@XZ
?getComposer@StatementComposer@dbtools@@QAE?AV?$Reference@VXSingleSelectQueryComposer@sdb@star@sun@com@@@uno@star@sun@com@@XZ
?setDisposeComposer@StatementComposer@dbtools@@QAEX_N@Z
??0StatementComposer@dbtools@@QAE@ABV?$Reference@VXConnection@sdbc@star@sun@com@@@uno@star@sun@com@@ABVOUString@rtl@@JE@Z
?composeTableName@dbtools@@YA?AVOUString@rtl@@ABV?$Reference@VXDatabaseMetaData@sdbc@star@sun@com@@@uno@star@sun@com@@ABV23@11EW4EComposeRule@1@@Z
?qualifiedNameComponents@dbtools@@YAXABV?$Reference@VXDatabaseMetaData@sdbc@star@sun@com@@@uno@star@sun@com@@ABVOUString@rtl@@AAV78@22W4EComposeRule@1@@Z
?isValidSQLName@dbtools@@YAEABVOUString@rtl@@0@Z
??1DatabaseMetaData@dbtools@@QAE@XZ
?restrictIdentifiersToSQL92@DatabaseMetaData@dbtools@@QBE_NXZ
??0DatabaseMetaData@dbtools@@QAE@ABV?$Reference@VXConnection@sdbc@star@sun@com@@@uno@star@sun@com@@@Z
??1SQLError@connectivity@@QAE@XZ
?supportsSubqueriesInFrom@DatabaseMetaData@dbtools@@QBE_NXZ
?getSQLException@SQLError@connectivity@@QBE?AVSQLException@sdbc@star@sun@com@@JABV?$Reference@VXInterface@uno@star@sun@com@@@uno@567@ABVParamValue@12@11@Z
??0SQLError@connectivity@@QAE@ABVComponentContext@comphelper@@@Z
?raiseException@SQLError@connectivity@@QBEXJABV?$Reference@VXInterface@uno@star@sun@com@@@uno@star@sun@com@@ABVParamValue@12@11@Z
?convertName2SQLName@dbtools@@YA?AVOUString@rtl@@ABV23@0@Z

sal3

rtl_uString_new_WithLength
rtl_uString_release
rtl_uString_newFromAscii
rtl_uString_new
rtl_string2UString
rtl_uString_assign
rtl_ustr_compare_WithLength
osl_createMutex
osl_destroyMutex
osl_acquireMutex
osl_releaseMutex
rtl_allocateMemory
rtl_freeMemory
osl_incrementInterlockedCount
osl_getGlobalMutex
rtl_uString_acquire
rtl_string_newFromStr
rtl_string_release
rtl_str_getLength
rtl_uStringbuffer_insert
rtl_uStringbuffer_insert_ascii
rtl_ustr_valueOfInt32
rtl_ustr_indexOfChar_WithLength

Exports

Exports

GetVersionInfo
component_getFactory
component_getImplementationEnvironment
component_writeInfo

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5b863e9c5ee1504f1f6262d3f1b6433

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr90

kernel32

cppu3

cppuhelper3msc

utlmi

comphelp4msc

tlmi

dbtoolsmi

sal3

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB