c923f59820ff0db0764ecc581f1cb0fb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c923f59820ff0db0764ecc581f1cb0fb_JaffaCakes118
Size

40KB
MD5

c923f59820ff0db0764ecc581f1cb0fb
SHA1

b0377462d4992c188524c1d870ca191f5e8ee8a4
SHA256

ac4c8fdb1a704d2dc8de39949f70eea315ee81afc1bf708f04fbcb50d9d71d5a
SHA512

3659f8043b128b89e639b4eb6d53a8ef49adda5daeb7352e15fee9e401f10e80a437d8ca912e1b9cf920320f83cded6feed822b7d380c87290c10de32b81cb92
SSDEEP

768:4KCfIGGBLcEPNCnedg8FJBkXClczOtnI:4KofGBL1PNCneW7zOtnI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c923f59820ff0db0764ecc581f1cb0fb_JaffaCakes118

Files

c923f59820ff0db0764ecc581f1cb0fb_JaffaCakes118
.dll windows:5 windows x86 arch:x86

57ff78c4e753c9c2f2e20466163f89ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

O:\OOO330\ooo\svtools\wntmsci12.pro\bin\productregistration.uno.pdb

Imports

tkmi

?GetWindow@VCLUnoHelper@@SAPAVWindow@@ABV?$Reference@VXWindow@awt@star@sun@com@@@uno@star@sun@com@@@Z

vclmi

?EndDialog@Dialog@@QAEXJ@Z
?PreNotify@SystemWindow@@UAEJAAVNotifyEvent@@@Z
?StartExecuteModal@Dialog@@UAEXABVLink@@@Z
?Resizing@SystemWindow@@UAEXAAVSize@@@Z
?Roll@SystemWindow@@UAEXXZ
?Pin@SystemWindow@@UAEXXZ
?TitleButtonClick@SystemWindow@@UAEXG@Z
?Close@Dialog@@UAEEXZ
?GetSurroundingTextSelection@Window@@UBE?AVSelection@@XZ
?GetSurroundingText@Window@@UBE?AVString@@XZ
?GetOptimalSize@Window@@UBE?AVSize@@W4WindowSizeType@@@Z
?GetClipboard@Window@@UAE?AV?$Reference@VXClipboard@clipboard@datatransfer@star@sun@com@@@uno@star@sun@com@@XZ
?GetDragGestureRecognizer@Window@@UAE?AV?$Reference@VXDragGestureRecognizer@dnd@datatransfer@star@sun@com@@@uno@star@sun@com@@XZ
?GetDragSource@Window@@UAE?AV?$Reference@VXDragSource@dnd@datatransfer@star@sun@com@@@uno@star@sun@com@@XZ
?GetDropTarget@Window@@UAE?AV?$Reference@VXDropTarget@dnd@datatransfer@star@sun@com@@@uno@star@sun@com@@XZ
?GetParentLabeledBy@Window@@UBEPAV1@PBV1@@Z
?GetParentLabelFor@Window@@UBEPAV1@PBV1@@Z
?CreateAccessible@Window@@UAE?AV?$Reference@VXAccessible@accessibility@star@sun@com@@@uno@star@sun@com@@XZ
?SetComponentInterface@Window@@UAEXV?$Reference@VXWindowPeer@awt@star@sun@com@@@uno@star@sun@com@@@Z
?GetComponentInterface@Window@@UAE?AV?$Reference@VXWindowPeer@awt@star@sun@com@@@uno@star@sun@com@@E@Z
?GetDisplayBackground@Window@@UBEABVWallpaper@@XZ
?GetDisplayText@Window@@UBE?AVString@@XZ
?GetText@Window@@UBE?AVString@@XZ
?SetText@Window@@UAEXABVString@@@Z
?Invalidate@Window@@UAEXG@Z
?Invalidate@Window@@UAEXABVRectangle@@G@Z
?Invalidate@Window@@UAEXABVRegion@@G@Z
?Scroll@Window@@UAEXJJG@Z
?Scroll@Window@@UAEXJJABVRectangle@@G@Z
?IsScrollable@Window@@UBEEXZ
?SetOutputSizePixel@Window@@UAEXABVSize@@@Z
?GetPosPixel@Window@@UBE?AVPoint@@XZ
?SetPosPixel@Window@@UAEXABVPoint@@@Z
?SetPosSizePixel@Window@@UAEXJJJJG@Z
?SetPosSizePixel@Window@@UAEXABVPoint@@ABVSize@@@Z
?SetSettings@Window@@UAEXABVAllSettings@@E@Z
?GetPreferredKeyInputWindow@Window@@UAEPAV1@XZ
?Notify@Dialog@@UAEJAAVNotifyEvent@@@Z
?DataChanged@Dialog@@UAEXABVDataChangedEvent@@@Z
?StateChanged@Dialog@@UAEXG@Z
?UserEvent@Window@@UAEXKPAX@Z
?Tracking@Window@@UAEXABVTrackingEvent@@@Z
?Command@Window@@UAEXABVCommandEvent@@@Z
?RequestHelp@Window@@UAEXABVHelpEvent@@@Z
?LoseFocus@Window@@UAEXXZ
?GetFocus@Window@@UAEXXZ
?Deactivate@Window@@UAEXXZ
?Activate@Window@@UAEXXZ
?Resize@Window@@UAEXXZ
?Move@Window@@UAEXXZ
?Draw@Dialog@@MAEXPAVOutputDevice@@ABVPoint@@ABVSize@@K@Z
?Paint@Window@@UAEXABVRectangle@@@Z
?PrePaint@Window@@UAEXXZ
?KeyUp@Window@@UAEXABVKeyEvent@@@Z
?KeyInput@Window@@UAEXABVKeyEvent@@@Z
?MouseButtonUp@Window@@UAEXABVMouseEvent@@@Z
?MouseButtonDown@Window@@UAEXABVMouseEvent@@@Z
?MouseMove@Window@@UAEXABVMouseEvent@@@Z
?SetRelativeMapMode@OutputDevice@@UAEXABVMapMode@@@Z
?SetMapMode@OutputDevice@@UAEXXZ
?SetMapMode@OutputDevice@@UAEXABVMapMode@@@Z
?SetSettings@Window@@UAEXABVAllSettings@@@Z
??0ModalDialog@@QAE@PAVWindow@@ABVResId@@@Z
??0FixedImage@@QAE@PAVWindow@@ABVResId@@@Z
??0FixedText@@QAE@PAVWindow@@ABVResId@@@Z
??0RadioButton@@QAE@PAVWindow@@ABVResId@@@Z
??0FixedLine@@QAE@PAVWindow@@ABVResId@@@Z
??0OKButton@@QAE@PAVWindow@@ABVResId@@@Z
??0HelpButton@@QAE@PAVWindow@@ABVResId@@@Z
?Show@Window@@QAEXEG@Z
??0MapMode@@QAE@W4MapUnit@@@Z
?LogicToPixel@OutputDevice@@QBE?AVSize@@ABV2@ABVMapMode@@@Z
??1MapMode@@QAE@XZ
?GetSizePixel@Window@@UBE?AVSize@@XZ
?SetSizePixel@Window@@UAEXABVSize@@@Z
?Check@RadioButton@@QAEXE@Z
??0ErrorBox@@QAE@PAVWindow@@ABVResId@@@Z
?Execute@Dialog@@UAEFXZ
??1MessBox@@UAE@XZ
??1ErrorBox@@UAE@XZ
?GetDefDialogParent@Application@@SAPAVWindow@@XZ
??1PushButton@@UAE@XZ
??1Control@@UAE@XZ
??1RadioButton@@UAE@XZ
??1FixedImage@@UAE@XZ
??1Dialog@@UAE@XZ
??1ModalDialog@@UAE@XZ
??1FixedText@@UAE@XZ
??1FixedLine@@UAE@XZ
??1OKButton@@UAE@XZ
??1HelpButton@@UAE@XZ
?GetPrimarySelection@Window@@UAE?AV?$Reference@VXClipboard@clipboard@datatransfer@star@sun@com@@@uno@star@sun@com@@XZ

utlmi

?getDialogPermission@RegOptions@utl@@QBE?AW4DialogPermission@12@XZ
?markSessionDone@RegOptions@utl@@QAEXXZ
??0RegOptions@utl@@QAE@XZ
?getRegistrationURL@RegOptions@utl@@QBE?AVString@@XZ
??1RegOptions@utl@@QAE@XZ
?activateReminder@RegOptions@utl@@QAEXJ@Z

tlmi

??0String@@QAE@ABVResId@@@Z
?Append@String@@QAEAAV1@ABV1@@Z
?PopContext@ResMgr@@QAEXPBVResource@@@Z
??BString@@QBE?AVOUString@rtl@@XZ
??1String@@QAE@XZ
?CreateResMgr@ResMgr@@SAPAV1@PBDULocale@lang@star@sun@com@@@Z
??1ResMgr@@QAE@XZ

cppuhelper3msc

?ImplHelper_getImplementationId@cppu@@YA?AV?$Sequence@C@uno@star@sun@com@@PAUclass_data@1@@Z
?WeakImplHelper_getTypes@cppu@@YA?AV?$Sequence@VType@uno@star@sun@com@@@uno@star@sun@com@@PAUclass_data@1@@Z
?WeakImplHelper_query@cppu@@YA?AVAny@uno@star@sun@com@@ABVType@3456@PAUclass_data@1@PAXPAVOWeakObject@1@@Z
?createSingleFactory@cppu@@YA?AV?$Reference@VXSingleServiceFactory@lang@star@sun@com@@@uno@star@sun@com@@ABV?$Reference@VXMultiServiceFactory@lang@star@sun@com@@@3456@ABVOUString@rtl@@P6A?AV?$Reference@VXInterface@uno@star@sun@com@@@3456@0@ZABV?$Sequence@VOUString@rtl@@@3456@PAU_rtl_ModuleCount@@@Z
?release@OWeakObject@cppu@@UAAXXZ
?acquire@OWeakObject@cppu@@UAAXXZ
??1OWeakObject@cppu@@MAE@XZ
?queryAdapter@OWeakObject@cppu@@UAA?AV?$Reference@VXAdapter@uno@star@sun@com@@@uno@star@sun@com@@XZ
??0OWeakObject@cppu@@QAE@XZ

cppu3

uno_type_sequence_construct
cppu_unsatisfied_iquery_msg
uno_type_destructData
uno_type_assignData
uno_type_sequence_reference2One
typelib_static_type_init
uno_type_any_assign
uno_any_destruct
uno_type_any_construct
typelib_static_type_getByTypeClass
uno_any_construct
typelib_static_sequence_type_init

sal3

rtl_uString_new
rtl_uString_acquire
rtl_string2UString
rtl_uString_release
rtl_uString_assign
rtl_ustr_reverseCompare_WithLength
rtl_ustr_ascii_compare_WithLength
rtl_uString_newFromAscii
rtl_allocateMemory
rtl_freeMemory
osl_incrementInterlockedCount
osl_acquireMutex
osl_releaseMutex
osl_getGlobalMutex

msvcr90

??1exception@std@@UAE@XZ
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
__CxxFrameHandler3
??0exception@std@@QAE@ABQBDH@Z

kernel32

Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange

Exports

Exports

GetVersionInfo
component_getFactory
component_getImplementationEnvironment
component_writeInfo

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57ff78c4e753c9c2f2e20466163f89ef

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

tkmi

vclmi

utlmi

tlmi

cppuhelper3msc

cppu3

sal3

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB