a3cb16dceeb680bbf6260d86152e7dc9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a3cb16dceeb680bbf6260d86152e7dc9_JaffaCakes118
Size

200KB
MD5

a3cb16dceeb680bbf6260d86152e7dc9
SHA1

605b558aa23e214c2b0de9618e28204f19c2fa72
SHA256

4a0068ca010677e9ee7b629d2a25a4818161643f95114036d00a499bb9623c18
SHA512

185498d2eacdd6e6c8cad4e705cab17e81ac398fd5018330acb44c77d3bf66d5a53575512cf35d5ff5df812a16ba03901132927a569a3444fc8d3e67ee205da0
SSDEEP

3072:9IN8vgHF+P+WkslyCxCEkwgQmuyx/ygOWEPmzkCAWlV8SfKO31+Zpx1CrhV3j:yNC7SslyCUwgQmuIbbH4ZdCrhVT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3cb16dceeb680bbf6260d86152e7dc9_JaffaCakes118

Files

a3cb16dceeb680bbf6260d86152e7dc9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ef065eb599f6db600758a9b921b0bf46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\mg\Burst_web\NeroVision\NeroVisionSource\Amc\PDB_ReleaseW\VCDDoc.PDB

Imports

gccore

??0GCUnknown@@QAE@ABV0@@Z
?_CreateClassObject@ObjectServices@@CAJABU_GUID@@0PAPAX@Z
??1String@@QAE@XZ
?GetClassID@ObjectFactory@@UBEHABVtype_info@@@Z
?GetClassID@ObjectFactory@@UBEHPBD@Z
?GetClassMethods@ObjectFactory@@UBEPBVIClassMethod@IObjectFactory@@H@Z
?CreateObject@ObjectFactory@@UBEPAUIUnknown@@ABVtype_info@@@Z
?CreateObject@ObjectFactory@@UBEPAUIUnknown@@PBD@Z
?CreateObject@ObjectFactory@@UBEPAUIUnknown@@H@Z
?Register@ObjectFactory@@QAE_NPAVIClassMethod@IObjectFactory@@PBD@Z
??1ObjectFactory@@UAE@XZ
??0GCUnknown@@QAE@XZ
??4String@@QAEAAV0@ABV0@@Z
??0String@@QAE@ABV0@@Z
?Release@GCUnknown@@UAGKXZ
?AddRef@GCUnknown@@UAGKXZ
?QueryInterface@GCUnknown@@UAGJABU_GUID@@PAPAX@Z
??1GCUnknown@@UAE@XZ
??1ModuleBase@@UAE@XZ
??0ModuleBase@@QAE@XZ

amcdocbase

?SetMinMenuSize@VideoDoc@@UAE_N_J@Z
?GetProviderID@DocBaseUtils@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??0GCStillMediaStream@@QAE@XZ
??0MPEGSettings@@QAE@XZ
??0GCConverterInput@@QAE@XZ
?Init@MPEGSettings@@UAE_NW4StreamType@IMPEGSettings@@_NPAUINeroConvertManagerEx2@NeroMultiMediaConverter@@@Z
?Set@MPEGSettings@@UAE_NPBVIOutputSettings@@@Z
?ConfigureInput@MPEGSettings@@UBE_NPAVIGCConverterInput@@@Z
??1MPEGSettings@@UAE@XZ
?CreateProxy@AssetRefBase@@IAEPAVAssetRefProxy@@PAVIAsset@@@Z
?AddRef@AssetRefProxy@@QAEXXZ
??0DocBaseFactory@@QAE@XZ
?Release@AssetRefProxy@@QAEXXZ
??1AMCDocument@@UAE@XZ
??0MenuDoc@@QAE@XZ
??0VideoDoc@@QAE@XZ
??0AMCDocument@@QAE@XZ
??1MenuDoc@@UAE@XZ
??1VideoDoc@@UAE@XZ
?SetTitleFinishedAction@MenuDoc@@UAE_NW4TitleFinishedAction@IMenuDoc@@@Z
?GetTitleFinishedAction@MenuDoc@@UBE?AW4TitleFinishedAction@IMenuDoc@@XZ
?SetAdditionalContentTypes@VideoDoc@@UAE_NE@Z
?GetTitle@VideoDoc@@UBEPBVITitle@@H@Z
?GetTitle@VideoDoc@@UAEPAVITitle@@H@Z
?GetNumTitles@VideoDoc@@UBEH_N0@Z
?GetTitleNumber@VideoDoc@@UBEHPBVITitle@@_N@Z
?GetTotalTitleNumber@VideoDoc@@UBEHH_N@Z
?InsertTitle@VideoDoc@@UAE_NPAVITitle@@H@Z
?RemoveTitle@VideoDoc@@UAEPAVITitle@@H@Z
?RemoveAllTitles@VideoDoc@@UAEXXZ
?MoveTitle@VideoDoc@@UAE_NHH@Z
?SetTitleList@VideoDoc@@UAEXABV?$deque@V?$AssetRef@VITitle@@@@V?$allocator@V?$AssetRef@VITitle@@@@@std@@@std@@@Z
?SetOutputSettings@VideoDoc@@UAE_NABVIOutputSettings@@@Z
?SetFirstPlayItem@VideoDoc@@UAE_NPBVIAsset@@@Z
?SetMediaTypeInfo@VideoDoc@@UAE_NABUMediaTypeInfo@@@Z
?SetVolumeName@VideoDoc@@UAE_NABVString@@@Z
?SetUseAutoChapters@VideoDoc@@UAE_N_N@Z
?SetUseTitleSkip@VideoDoc@@UAE_N_N@Z
?SetAllowBlackThumbnails@VideoDoc@@UAE_N_N@Z
?SetFinalizeDisc@VideoDoc@@UAE_N_N@Z
?GetNumPlaylistItems@VideoDoc@@UBEHXZ
?FindPlaylist@VideoDoc@@UAEPAVIPlaylist@@PBVIPlaylistItem@@@Z
?CreateMenuVideoIterator@MenuDoc@@UBEPAVIMenuVideoIterator@@PBVIMenuPage@@@Z
?CreateMenuVideoIterator@MenuDoc@@UBEPAVIMenuVideoIterator@@XZ
?GetNumMenuPages@MenuDoc@@UBEHXZ
?GetMenuPage@MenuDoc@@UBEPBVIMenuPage@@H@Z
?GetMenuPage@MenuDoc@@UAEPAVIMenuPage@@H@Z
?GetMenuPagePos@MenuDoc@@UBEHPBVIMenuPage@@@Z
?InsertMenuPage@MenuDoc@@UAEXPAVIMenuPage@@H@Z
?SetFirstMenuPage@MenuDoc@@UAEXPAVIMenuPage@@@Z
?RemoveMenuPage@MenuDoc@@UAEPAVIMenuPage@@H@Z
?RemoveAllMenuPages@MenuDoc@@UAEXXZ
?GetIntroVideo@MenuDoc@@UBEPBVIMenuVideo@@XZ
?InsertIntroVideo@MenuDoc@@UAEXPAVIMenuVideo@@@Z
?GetMenuTransition@MenuDoc@@UBEPBVIMenuVideo@@PBVIMenuPage@@PBVIButtonElement@@@Z
?GetTitleTransition@MenuDoc@@UBEPBVIMenuVideo@@PBVITitle@@PBVIMenuPage@@@Z
?AddTitleTransition@MenuDoc@@UAEXABV?$set@PBVITitle@@U?$less@PBVITitle@@@std@@V?$allocator@PBVITitle@@@3@@std@@PBVIMenuPage@@PAVIMenuVideo@@@Z
?GetMenuOutputSettings@MenuDoc@@UBEABVIOutputSettings@@XZ
?SetMenuAutoSettingsProfile@MenuDoc@@UAEXABUAutoSettingsProfile@@@Z

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?resize@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
?length@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?data@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?_Nomemory@std@@YAXXZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

??1exception@@UAE@XZ
??0exception@@QAE@XZ
__RTDynamicCast
memmove
malloc
_callnewh
__dllonexit
_onexit
??1type_info@@UAE@XZ
__security_error_handler
_except_handler3
free
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
??0exception@@QAE@ABV0@@Z
??3@YAXPAX@Z
__CxxFrameHandler
_purecall
_CxxThrowException

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess

Exports

Exports

CreateAMCDocument
GetDocFactory
Initialize

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 125KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ef065eb599f6db600758a9b921b0bf46

Headers

File Characteristics

PDB Paths

Imports

gccore

amcdocbase

msvcp71

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 8KB - Virtual size: 7KB

.text Size: 125KB - Virtual size: 128KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 125KB - Virtual size: 128KB