6875ff90c15932a5ad82074a27ed6916_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6875ff90c15932a5ad82074a27ed6916_JaffaCakes118
Size

21KB
MD5

6875ff90c15932a5ad82074a27ed6916
SHA1

571bc90ac7a5f48bff0bb61d17a5da9701190ef5
SHA256

9532674734ab497001362dc03d62da692e2e88d316b5189831c4545405cdffdb
SHA512

a9c38f5ca29af729f94bdafb7a2a5ad0fa01f141c9bcd9efcc9c0a092625603964669b8e14389ca54bb7743622b34d598142593470ac42a13e331f7d857eb317
SSDEEP

384:zwe+NNZ4PsDYq+Ef/hlGoO7tE7iwSXAla33xxOtDV5gS3m7UZr46:Me64qYqooAE+VZbOtB62m7UZr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6875ff90c15932a5ad82074a27ed6916_JaffaCakes118

Files

6875ff90c15932a5ad82074a27ed6916_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7bb38aa9fde3b70f8daca350b9782229

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\onegit\workdir\wntmsci12.pro\LinkTarget\Library\i18npaperlo.pdb

Imports

comphelpmsc

?getProcessServiceFactory@comphelper@@YA?AV?$Reference@VXMultiServiceFactory@lang@star@sun@com@@@uno@star@sun@com@@XZ

cppu3

typelib_static_type_getByTypeClass
uno_any_destruct
uno_type_any_assign
typelib_static_sequence_type_init
cppu_unsatisfied_iquery_msg
uno_type_sequence_construct
uno_type_destructData
uno_type_sequence_reference2One
typelib_static_type_init

sal3

rtl_string_newFromStr
rtl_string_new
rtl_string_release
rtl_uString_new
rtl_uString_acquire
rtl_uString_release
rtl_uString_assign
rtl_ustr_ascii_compare_WithLength
rtl_ustr_indexOfChar_WithLength
rtl_uString_newFromStr_WithLength
rtl_str_compareIgnoreAsciiCase
rtl_uString_internConvert
rtl_string_acquire

msvcr90

_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__CppXcptFilter
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBDH@Z
__CxxFrameHandler3
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

??0PaperInfo@@QAE@JJ@Z
??0PaperInfo@@QAE@W4Paper@@@Z
??4PaperInfo@@QAEAAV0@ABV0@@Z
?doSloppyFit@PaperInfo@@QAE_NXZ
?fromPSName@PaperInfo@@SA?AW4Paper@@ABVOString@rtl@@@Z
?getDefaultPaperForLocale@PaperInfo@@SA?AV1@ABULocale@lang@star@sun@com@@@Z
?getHeight@PaperInfo@@QBEJXZ
?getPaper@PaperInfo@@QBE?AW4Paper@@XZ
?getSystemDefaultPaper@PaperInfo@@SA?AV1@XZ
?getWidth@PaperInfo@@QBEJXZ
?sloppyEqual@PaperInfo@@QBE_NABV1@@Z
?sloppyFitPageDimension@PaperInfo@@SAJJ@Z
?toPSName@PaperInfo@@SA?AVOString@rtl@@W4Paper@@@Z

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bb38aa9fde3b70f8daca350b9782229

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comphelpmsc

cppu3

sal3

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB