78123c08b4dccc79f8d3b9708d9555f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

78123c08b4dccc79f8d3b9708d9555f1_JaffaCakes118
Size

124KB
MD5

78123c08b4dccc79f8d3b9708d9555f1
SHA1

76219532c9645ef4fb310bcdaf39429b6a4f0b7e
SHA256

97be18485619ecb01529f13a0144329a10d63aa1c9aafb4280f263f35ea1a04d
SHA512

d27f46e87e679b7ca66b8ed9424d8313da9903560ed9187841219e1dbf636a6994ba7d6a0ce9f8d51678674b97d37f9e893f8c9be1b82a0fa5e1f9d04e3c055d
SSDEEP

3072:1+O2vUycODMMScqyJNd5uGZzfTYRtRDE3ABjqDPQf7rMhr+hU5c1LA0TepIbZ6lG:1+O2vUycODMMScqyJNjuGZzfTYRtRDEk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78123c08b4dccc79f8d3b9708d9555f1_JaffaCakes118

Files

78123c08b4dccc79f8d3b9708d9555f1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

52924d9ae8af5c475f168affd4de51d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_~1\jdk6_16\control\build\WINDOW~1\tmp\deploy\plugin\npjp2\obj\npjp2.pdb

Imports

user32

GetWindowLongA
SetWindowLongA
MessageBoxA
UnhookWindowsHookEx
SetWindowsHookExA
TranslateMessage
PeekMessageA
DispatchMessageA
RemovePropA
SetPropA
GetParent
IsWindow
GetPropA
CallNextHookEx

gdi32

DeleteEnhMetaFile
StretchDIBits
GetDeviceCaps
GetObjectType
CreateEnhMetaFileA
CloseEnhMetaFile
PlayEnhMetaFile

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegEnumKeyA

msvcr71

__CppXcptFilter
_adjust_fdiv
malloc
_initterm
_onexit
__dllonexit
_splitpath
_except_handler3
free
sprintf
strncpy
??3@YAXPAX@Z
??2@YAPAXI@Z
getenv
_vsnprintf
_snprintf
_stat
_mbsicmp
_mbsrchr
_strdup
memset
__security_error_handler
__CxxFrameHandler

kernel32

lstrlenW
DisableThreadLibraryCalls
GetLastError
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
GetShortPathNameA
GetModuleHandleA
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
CreateFileA
GetSystemTimeAsFileTime
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
MultiByteToWideChar
CloseHandle
GetCurrentThreadId
GetTickCount
WaitForSingleObject
LoadLibraryA
GetProcAddress
FreeLibrary
AllocConsole
GetStdHandle
WriteConsoleA
GetLongPathNameA

ole32

CoTaskMemFree
StringFromCLSID

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown
_Java_sun_plugin2_main_server_MozillaPlugin_allocateNPObject@20
_Java_sun_plugin2_main_server_MozillaPlugin_allocateNPObjectForJavaNameSpace@20
_Java_sun_plugin2_main_server_MozillaPlugin_allocateVariantArray@12
_Java_sun_plugin2_main_server_MozillaPlugin_freeVariantArray@20
_Java_sun_plugin2_main_server_MozillaPlugin_getAuthentication0@36
_Java_sun_plugin2_main_server_MozillaPlugin_getCookie0@20
_Java_sun_plugin2_main_server_MozillaPlugin_getProxy0@20
_Java_sun_plugin2_main_server_MozillaPlugin_initServiceManager@8
_Java_sun_plugin2_main_server_MozillaPlugin_invokeLater0@20
_Java_sun_plugin2_main_server_MozillaPlugin_javaScriptGetWindow0@16
_Java_sun_plugin2_main_server_MozillaPlugin_npnEvaluate@36
_Java_sun_plugin2_main_server_MozillaPlugin_npnGetIntIdentifier@12
_Java_sun_plugin2_main_server_MozillaPlugin_npnGetProperty@40
_Java_sun_plugin2_main_server_MozillaPlugin_npnGetStringIdentifier@12
_Java_sun_plugin2_main_server_MozillaPlugin_npnHasMethod@32
_Java_sun_plugin2_main_server_MozillaPlugin_npnHasProperty@32
_Java_sun_plugin2_main_server_MozillaPlugin_npnIdentifierIsString@16
_Java_sun_plugin2_main_server_MozillaPlugin_npnIntFromIdentifier@16
_Java_sun_plugin2_main_server_MozillaPlugin_npnInvoke@52
_Java_sun_plugin2_main_server_MozillaPlugin_npnReleaseObject@16
_Java_sun_plugin2_main_server_MozillaPlugin_npnRemoveProperty@32
_Java_sun_plugin2_main_server_MozillaPlugin_npnRetainObject@16
_Java_sun_plugin2_main_server_MozillaPlugin_npnSetException@20
_Java_sun_plugin2_main_server_MozillaPlugin_npnSetProperty@40
_Java_sun_plugin2_main_server_MozillaPlugin_npnUTF8FromIdentifier@16
_Java_sun_plugin2_main_server_MozillaPlugin_setCookie0@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIB@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIC@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JID@28
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIF@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JII@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIJ@28
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JILjava_lang_String_2@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIS@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIZ@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElementToScriptingObject0@28
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElementToVoid0@20
_Java_sun_plugin2_main_server_MozillaPlugin_showDocument0@24
_Java_sun_plugin2_main_server_MozillaPlugin_showStatus0@20
_Java_sun_plugin2_main_server_MozillaPlugin_variantArrayElementToObject0@28
_Java_sun_plugin2_main_server_ServerPrintHelper_isPrinterDC0@16
_Java_sun_plugin2_main_server_ServerPrintHelper_printBand0@56
_Java_sun_plugin2_main_server_WindowsHelper_installModalFilterHook@20
_Java_sun_plugin2_main_server_WindowsHelper_installMouseHook@20
_Java_sun_plugin2_main_server_WindowsHelper_runMessagePump0@28
_Java_sun_plugin2_main_server_WindowsHelper_uninstallHook@24

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52924d9ae8af5c475f168affd4de51d8

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

advapi32

msvcr71

kernel32

ole32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 20KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 4KB - Virtual size: 1KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 20KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 4KB - Virtual size: 1KB

.rmnet
Size: 60KB - Virtual size: 60KB