751b7129b0f3b468b35f2f66af727de3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

751b7129b0f3b468b35f2f66af727de3_JaffaCakes118
Size

212KB
MD5

751b7129b0f3b468b35f2f66af727de3
SHA1

9f3f3cfc6c4026d5927e8635d995d1cdc67d4c09
SHA256

17b131c746e2f195cc08f148df748cd7bc853e8c45f3885ce7920b16883be5fb
SHA512

d0dfb9067506329fb2988161de3f0f94ccd85211cebba789bcf01bd57f71e88f787b8e1e5c6a17c030e52f5539a1a79022cc4e0d93d564bb140e94bed8d48de3
SSDEEP

6144:hUDWIbeWcS457+n0zAWx9NQWFQwIufrMD0oVsl/yY:hUbbefzA+9/RZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
751b7129b0f3b468b35f2f66af727de3_JaffaCakes118

Files

751b7129b0f3b468b35f2f66af727de3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4be084b7ebda69b1bd4a5fd1bf1b81ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\mg\Burst_web\NeroVision\NeroVisionSource\Amc\PDB_ReleaseW\DVDUI.PDB

Imports

kernel32

LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
WaitForSingleObject
CloseHandle
CreateEventW
SetEvent
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
QueryPerformanceCounter
ExitProcess
DisableThreadLibraryCalls
EnterCriticalSection

user32

PostMessageW
GetClientRect
DefWindowProcW

gccore

??0TryCatchEnabler@SEHException@@QAE@XZ
??1TryCatchEnabler@SEHException@@QAE@XZ
??0Thread@@QAE@XZ
?GetProcessInformation@ModuleBase@@SA?AVString@@XZ
?LoadStringW@String@@QAEXIPAVModuleBase@@@Z
?FromSystemMultibyte@String@@SA?AV1@PBDI@Z
?FromNum@String@@SA?AV1@HH@Z
??_DGDIBitmap@@QAEXXZ
??0Size@@QAE@HH@Z
?Multibyte@String@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IKPBD@Z
??1MemoryBlock@@QAE@XZ
??BMemoryBlock@@QAEPADXZ
??0MemoryBlock@@QAE@HD@Z
??6String@@QAEAAV0@ABV0@@Z
??6String@@QAEAAV0@PBG@Z
?LoadStringW@ModuleBase@@QBE?AVString@@I@Z
?GetMsg@SEHException@@QBE?AVString@@XZ
?Object@GCLogFile@@SAAAV1@XZ
?AddLine@GCLogFile@@QAGXABVString@@@Z
??0String@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??1NotCopyable@@IAE@XZ
??0NotCopyable@@IAE@XZ
??0RegistryKey@@QAE@PAUHKEY__@@@Z
?IsValid@RegistryKey@@QBE_NXZ
??0RegistryKey@@QAE@ABV0@@Z
??1RegistryKey@@UAE@XZ
?CreateSubkey@RegistryKey@@QAE?AV1@ABVString@@KKPAK@Z
??0ModuleBase@@QAE@XZ
??1ModuleBase@@UAE@XZ
?setPriority@Thread@@UAEXW4Priority@IGCThread@@@Z
?isRunning@Thread@@UBE_NXZ
?start@Thread@@UAE_NW4Priority@IGCThread@@@Z
??4String@@QAEABV0@PBG@Z
?waitForEnd@Thread@@UBE_NK@Z
?init@COMThread@@MAEX_N@Z
?MessageBoxW@ModuleBase@@SAHPAUHWND__@@PBG1I@Z
??0String@@QAE@PBG@Z
?GetDisplayName@ModuleBase@@QBE?AVString@@XZ
??4String@@QAEAAV0@ABV0@@Z
?_GetService@ObjectServices@@CAJABU_GUID@@0PAPAX@Z
??0GCUnknown@@QAE@XZ
??1GCUnknown@@UAE@XZ
?Release@GCUnknown@@UAGKXZ
?AddRef@GCUnknown@@UAGKXZ
?QueryInterface@GCUnknown@@UAGJABU_GUID@@PAPAX@Z
??1String@@QAE@XZ
??0String@@QAE@ABV0@@Z
??1Thread@@UAE@XZ
?Init@ModuleBase@@IAEXPAUHINSTANCE__@@@Z
?Free@ModuleBase@@IAEXXZ
??0String@@QAE@XZ

gclib

?MessageBoxW@Window@@QBAHHPAVModuleBase@@IPBGZZ
??0Module@@QAE@II@Z
?GetSectionKey@Module@@UBE?AVRegistryKey@@ABVString@@_N@Z
?CallDefault@Window@@IAEJIIJAAUMsgProcess@@@Z
??0Window@@QAE@PAUHWND__@@@Z
??1Window@@UAE@XZ
?IsTargetActive@CommandTargetWindow@@MBE_NXZ
?CanUpdate@CommandTargetWindow@@MBE_NXZ
?Enable@ShapeButtonContainer@@MAEXII_N@Z
?Check@ShapeButtonContainer@@MAEXII_N@Z
?IsSourceActive@ShapeButtonContainer@@MAE_NXZ
?IsButtonCaptured@ShapeButtonContainer@@UBE_NXZ
?DrawBackground@ShapeButtonContainer@@UAEXPAUHDC__@@PBUtagRECT@@PBUtagPOINT@@@Z
?Subclass@Window@@UAEX_N@Z
?ReplaceSibling@Window@@UAE_NAAV1@I@Z
?DisableToolTips@Window@@UAEXXZ
?EnableToolTips@Window@@UAEXIIPAVToolTipCtrl@@@Z
?NeedsUIUpdate@Window@@UAE_NPAUtagMSG@@@Z
?CWOEnumClipAreas@Window@@UBEXPAPAUIEnumClipAreas@@@Z

amcdocbase

GetDocBaseFactory

amcuibase

?GetDisplayWindow@AMCDocumentUI@@QBEPAVWindow@@PAVModuleBase@@@Z
?CreateBurner@VideoDocUI@@UBEPAVIUIBurner@@XZ
?GetVideoDoc@VideoDocUI@@IAEPAVIVideoDoc@@XZ
??1RemoteControl@@UAE@XZ
?SetModified@VideoDocUI@@UAEX_N@Z
??0AMCDocumentUI@@IAE@XZ
?DVDEngineError2String@UIBaseTextService@@YA?AVString@@H@Z
?MenuUsesAutoFit@VideoDocUI@@IBE_NXZ
?TitlesUseAutoFit@VideoDocUI@@IBE_NXZ
?SetDocument@AMCDocumentUI@@UAEXPAVIAMCDocument@@@Z
??1VideoDocUI@@UAE@XZ
?IsAtCheckPoint@VideoDocUI@@UBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetCheckPoint@VideoDocUI@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?CanInsertTitle@VideoDocUI@@UBE_NXZ
?IsModified@VideoDocUI@@UBE_NXZ
?GetDisplayName@VideoDocUI@@UBE?AVString@@ABVIAMCDocument@@@Z
?Create@RemoteControl@@QAE_NPAVWindow@@PAVISimulationEngine@@@Z
?GetDisplayName@VideoDocUI@@UBE?AVString@@ABVITitle@@@Z
?GetDisplayName@VideoDocUI@@UBE?AVString@@ABVIChapterContainer@@ABVIChapter@@_N2@Z
?GetVideoDoc@VideoDocUI@@UBEPBVIVideoDoc@@XZ
?GetTitleUI@VideoDocUI@@UBEPAVITitleUI@@PBVITitle@@@Z
?GetSummary@VideoDocUI@@UBE?AVString@@XZ
?SetSummary@VideoDocUI@@UAEXABVString@@@Z
?EnableMenu@RemoteControl@@UAEX_N@Z
?EnablePlaylists@RemoteControl@@UAEX_N0@Z
?SetRunInfo@RemoteControl@@UAEXII_J@Z
?GetPosition@RemoteControl@@UBE?AVPoint@@XZ
?SetPosition@RemoteControl@@UAEXABVPoint@@@Z
?GetSize@RemoteControl@@UBE?AVSize@@XZ
?UpdateCommandProc@RemoteControl@@MAEJIIJAAUMsgProcess@@@Z
?CommandProc@RemoteControl@@MAEJIIJAAUMsgProcess@@@Z
??0RemoteControl@@QAE@XZ
?OnTimer@RemoteControl@@MAEXI@Z
?GetToolTipText@RemoteControl@@UBE?AVString@@VPoint@@PAVToolTipCtrl@@AAI@Z
?WndProc@RemoteControl@@MAEJIIJAAUMsgProcess@@@Z
??1AMCDocumentUI@@UAE@XZ
??0VideoDocUI@@QAE@XZ
?GetDisplayName@VideoDocUI@@UBE?AVString@@ABVIMenuPage@@@Z

amclib

?GetAllowedMediaTypes@DocTypeRecordingInfo@@YA?AW4tag_NERO_MEDIA_TYPE@@W4Type@IVideoDocBase@@@Z
??0NMCPreviewChannelContainer@@QAE@XZ
??1NMCPreviewChannelContainer@@UAE@XZ

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?length@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?_Nomemory@std@@YAXXZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z

msvcr71

_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
memmove
malloc
_callnewh
??1type_info@@UAE@XZ
__security_error_handler
_except_handler3
__dllonexit
_onexit
free
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
__RTDynamicCast
??3@YAXPAX@Z
__CxxFrameHandler
_purecall
??0exception@@QAE@ABV0@@Z

Exports

Exports

CreateAMCDocumentUI
Initialize

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4be084b7ebda69b1bd4a5fd1bf1b81ad

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gccore

gclib

amcdocbase

amcuibase

amclib

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 9KB - Virtual size: 8KB

.text Size: 113KB - Virtual size: 116KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 113KB - Virtual size: 116KB