dc562cb95b85c6111494ef847de09e0d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc562cb95b85c6111494ef847de09e0d_JaffaCakes118
Size

274KB
MD5

dc562cb95b85c6111494ef847de09e0d
SHA1

dd8dc2e3c7c236dccaa14a95584a08b758c56fa4
SHA256

bb5db47f4682147106a9807247278bc6fb21c3e9d9b8373a67ee7f1da4e98fda
SHA512

93f95c5c4be0fe5830eee537634bc48ef8a74545725edbcb634408ad0ebf17c5be3421252f13188ed59d007b247dc17569900295e414d1bff044637a9cb68960
SSDEEP

3072:aZMDooyuPrp1jUWBwqguv3iyWXDf62XuRRqDd2iptlCVE8wM8LG0udQIIJNpH/yW:uCySlWqJWXd7VptlCRi3IIJNl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc562cb95b85c6111494ef847de09e0d_JaffaCakes118

Files

dc562cb95b85c6111494ef847de09e0d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

8cd0166679f089912f2f677457ad1b52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pbvm70

ord5670
ord2544
ord9109
ord1701
ord1700
ord2240
ord2205
ord5721
ord2076
ord5584
ord2262
ord2259
ord5574
ord5577
ord5562
ord5770
ord5569
ord5567
ord5575
ord5570
ord5564
ord9025
ord9026
ord9101
ord5669
ord5680
ord5665
ord9000
ord5717

pbdev70

ord404

pbsys70

ord508

libjcc

JagORB_string_to_object
JagString_dup
new_JagORB
new_JagStream
JagORB_log
delete_JagObjectRef
JagObjectRef_narrow
JagMemory_size
JagMemory__free
JagMemory__alloc
JagORB_init

pbcmp70

ord6
ord3
ord4
ord13

pblib70

ord159

msvcrt

?_query_new_mode@@YAHXZ
strncpy
_purecall
strstr
strtok
strchr
isdigit
isspace
_CxxThrowException
sprintf
__CxxFrameHandler
?_query_new_handler@@YAP6AHI@ZXZ
strrchr
_except_handler3
rand
srand
abort
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_stricmp
strncmp

kernel32

_lread
GetProcAddress
HeapFree
CreateEventA
GetVersionExA
GetModuleHandleA
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GetLastError
CreateMutexA
WaitForSingleObject
VirtualQueryEx
GetCurrentProcess
OpenProcess
GetSystemInfo
CreateFileMappingA
ReleaseMutex
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
MapViewOfFileEx
OpenMutexA
CloseHandle
IsBadCodePtr
SetEvent
GetProcessHeap
HeapAlloc
VirtualFree
VirtualAlloc
_lclose
LoadLibraryA
LeaveCriticalSection
_llseek
VirtualLock
GetTempPathA
GetVersion
InterlockedExchange
EnterCriticalSection
VirtualQuery

user32

GetWindowLongA
GetActiveWindow
SetWindowLongA
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
EnableWindow
SendMessageA
SetDlgItemTextA
WinHelpA
MessageBoxA
LoadStringA
GetDlgItemTextA
wsprintfA
EndDialog
LoadBitmapA
GetSubMenu
LoadMenuA
SetCursor
LoadCursorA
TrackPopupMenu
GetCursorPos
ScreenToClient
DialogBoxParamA
LoadIconA
MessageBeep

gdi32

DeleteObject

msvcirt

??1ofstream@@UAE@XZ
?flush@ostream@@QAEAAV1@XZ
?openprot@filebuf@@2HB
??6ostream@@QAEAAV0@PBD@Z
?open@ofstream@@QAEXPBDHH@Z
??1ios@@UAE@XZ
??0ofstream@@QAE@XZ
?close@ofstream@@QAEXXZ

Exports

Exports

CachePropertyList
ClearPropertyList
CreateJPGRepositoryService
CreatePBIGeneratorFactory
DestroyJPGRepositoryService
DllRegisterServer
DllUnregisterServer
GetLastErrorString
GetPackageComponents
GetPropertyNameValue
GetRepositoryPackages
WEP

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 122KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8cd0166679f089912f2f677457ad1b52

Headers

File Characteristics

Imports

pbvm70

pbdev70

pbsys70

libjcc

pbcmp70

pblib70

msvcrt

kernel32

user32

gdi32

msvcirt

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 7KB - Virtual size: 6KB

.text Size: 122KB - Virtual size: 124KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: 122KB - Virtual size: 124KB