777ca54ec1658d5b5a6274ae762933b6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

777ca54ec1658d5b5a6274ae762933b6_JaffaCakes118
Size

1.2MB
MD5

777ca54ec1658d5b5a6274ae762933b6
SHA1

abbb0062ea4cb7f5bdaeb503dabd5307f67cec2d
SHA256

9227c2e8851bb424799cb3646f7bd53d0e012e52bd0096399256ff030dc72202
SHA512

b3fa05f389e6383b2a499d94a9f7c0dfa23f26ec2981613558b3fd07390a1cbf4f942df29c9e0cf3581ec1851183bc6cf2bebd1fc8849285fb61b7bebde8d2f8
SSDEEP

24576:BQbxqHgyl6l1GEP+2lCZ6yr0ybCClP/HUTdy90UETv2ZGTMNpV:YQg1qiNqlXpETwGTKpV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
777ca54ec1658d5b5a6274ae762933b6_JaffaCakes118

Files

777ca54ec1658d5b5a6274ae762933b6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6aeda32095ac35c7b5bdc238d358807c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
GetProcAddress
LoadLibraryA
DeleteCriticalSection
DisableThreadLibraryCalls
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte

user32

ShowWindow
SetWindowLongW
IsWindowVisible
IsWindow
SendMessageW

xpcom

NS_StringGetData
NS_StringContainerInit
NS_StringContainerFinish
NS_Alloc
NS_StringContainerInit2
NS_GetComponentManager
NS_CStringSetData
NS_CStringContainerInit
NS_Free
NS_CStringGetData
NS_CStringContainerFinish
NS_GetServiceManager

nspr4

PR_AtomicIncrement
PR_AtomicDecrement

msvcp60

?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?_Xlen@std@@YAXXZ
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?_Refcnt@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEAAEPBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?find_first_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIPBGI@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
??1locale@std@@QAE@XZ
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??1?$basic_ifstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
??_7?$basic_ifstream@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0ios_base@std@@IAE@XZ
??_8?$basic_ifstream@DU?$char_traits@D@std@@@std@@7B@
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1logic_error@std@@UAE@XZ
??_7out_of_range@std@@6B@
??_7logic_error@std@@6B@
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIABV12@II@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0runtime_error@std@@QAE@ABV01@@Z
??1runtime_error@std@@UAE@XZ
??_7runtime_error@std@@6B@
??8std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIABV12@@Z
?assign@?$char_traits@G@std@@SAXAAGABG@Z
?_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ
?copy@?$char_traits@G@std@@SAPAGPAGPBGI@Z
?capacity@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIABV12@I@Z
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?_Freeze@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??_D?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAEXXZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??_D?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAEXXZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
?close@?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAEPAV12@XZ
??_7?$basic_filebuf@GU?$char_traits@G@std@@@std@@6B@
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ofstream@GU?$char_traits@G@std@@@std@@6B@
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_8?$basic_ofstream@GU?$char_traits@G@std@@@std@@7B@
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??1?$basic_filebuf@GU?$char_traits@G@std@@@std@@UAE@XZ
?getline@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@1@AAV21@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@@Z
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
?open@?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAEPAV12@PBDH@Z
??_7?$basic_ifstream@GU?$char_traits@G@std@@@std@@6B@
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??_8?$basic_ifstream@GU?$char_traits@G@std@@@std@@7B@
??1?$basic_ofstream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
?close@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@XZ
??_7?$basic_filebuf@DU?$char_traits@D@std@@@std@@6B@
?getline@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JW4seekdir@ios_base@2@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?what@logic_error@std@@UBEPBDXZ
?_Fpz@std@@3_JB
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Initcvt@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
?__Fiopen@std@@YAPAU_iobuf@@PBDH@Z
??_7?$basic_ofstream@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??_8?$basic_ofstream@DU?$char_traits@D@std@@@std@@7B@

msvcrt

_wstat
fwrite
_fdopen
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler
wcslen
time
_purecall
strcpy
strlen
memcpy
_ltow
_ultow
wcstol
_errno
wcstoul
atof
swprintf
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_CxxThrowException
fclose
_wfopen
rand
_ftol
wcsftime
localtime
gmtime
memmove
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_beginthreadex
difftime
wcscpy
memchr
isalnum
tolower
fopen
_snprintf
fprintf
fread
ftell
fseek
fputc
isalpha
isspace
strncmp
strchr
free

oleaut32

VariantClear
SysAllocString
SysFreeString

Exports

Exports

NSGetModule

Sections

.text
Size: 964KB - Virtual size: 960KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6aeda32095ac35c7b5bdc238d358807c

Headers

File Characteristics

Imports

kernel32

user32

xpcom

nspr4

msvcp60

msvcrt

oleaut32

Exports

Exports

Sections

.text Size: 964KB - Virtual size: 960KB

.rdata Size: 108KB - Virtual size: 104KB

.data Size: 4KB - Virtual size: 21KB

.reloc Size: 112KB - Virtual size: 110KB

.text
Size: 964KB - Virtual size: 960KB

.rdata
Size: 108KB - Virtual size: 104KB

.data
Size: 4KB - Virtual size: 21KB

.reloc
Size: 112KB - Virtual size: 110KB