f3004267bc3ae9950591cf4b37ab13e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f3004267bc3ae9950591cf4b37ab13e6_JaffaCakes118
Size

328KB
MD5

f3004267bc3ae9950591cf4b37ab13e6
SHA1

1ebc2e8fb9e287ce94e0043c9930fe900dcdc727
SHA256

e1fe350437c397ba317ad150c41db16fce4ba8b11259c1ac489a00d690012dee
SHA512

d1231626b30e4afb4c8938c4199fb755facd38743099a47e189212f4fed4b07e68f83f37f8b4de9e81de3defa6d242ed41fd2f7ee5752640a10b34b0b9e58e0f
SSDEEP

6144:IgZaiHh5lP7d4sL7KyQgbIYq9JOYxbMp2MVgVfRF0K5eim49Xe:9Zaild4sL7KyQSIYq9JOYxbDl30Yte

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3004267bc3ae9950591cf4b37ab13e6_JaffaCakes118

Files

f3004267bc3ae9950591cf4b37ab13e6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6978db6e2fe047d92a30103318af8718

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_AREA\jdk6\control\build\windows-i586\tmp\sun\sun.font\fontmanager\obj\fontmanager.pdb

Imports

java

_JNU_ThrowArrayIndexOutOfBoundsException@8
_JNU_ThrowClassNotFoundException@8
_JNU_ThrowInternalError@8
_JNU_ThrowNoSuchFieldException@8
_JNU_NewStringPlatform@8

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyW
RegEnumValueW

user32

GetDC

gdi32

EnumFontFamiliesExW
EnumFontFamiliesExA

awt

_D3DDrawGlyphList@36
_GrPrim_Sg2dGetLCDTextContrast@8
_GetNativePrim@8
_GrPrim_Sg2dGetPixel@8
_Region_GetBounds@12
_SurfaceData_GetOps@8
_GrPrim_Sg2dGetCompInfo@16
_GrPrim_Sg2dGetClip@12
_SurfaceData_IntersectBounds@8
_GrPrim_Sg2dGetEaRGB@8

msvcr71

__dllonexit
free
_onexit
_except_handler3
__CppXcptFilter
_adjust_fdiv
_initterm
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
wcsstr
strstr
wcscpy
_assert
memcpy
memset
memmove
strlen
strtoul
toupper
strcmp
malloc
_stricmp
_setjmp3
longjmp
realloc
sqrt
ceil
floor
calloc
pow
getenv
strcpy
strcat
strrchr
wcslen

kernel32

GetSystemDirectoryA
GetVersionExA
DisableThreadLibraryCalls
GetWindowsDirectoryA

Exports

Exports

_Java_java_text_Bidi_nativeBidiChars@36
_Java_java_text_Bidi_nativeGetDirectionCode@12
_Java_sun_font_FileFontStrike_createScalerContext@44
_Java_sun_font_FileFontStrike_getNullScalerContext@16
_Java_sun_font_FileFont_freeScaler@16
_Java_sun_font_FileFont_getFontMetrics@16
_Java_sun_font_FileFont_getGlyphAdvance@20
_Java_sun_font_FileFont_getGlyphImage@20
_Java_sun_font_FileFont_getGlyphMetrics@24
_Java_sun_font_FileFont_getGlyphOutline@28
_Java_sun_font_FileFont_getGlyphOutlineBounds@20
_Java_sun_font_FileFont_getGlyphVectorOutline@32
_Java_sun_font_FileFont_getNullScaler@8
_Java_sun_font_FontManager_getFont2D@12
_Java_sun_font_FontManager_getFontPath@12
_Java_sun_font_FontManager_getPlatformFontVar@8
_Java_sun_font_FontManager_initIDs@8
_Java_sun_font_FontManager_isCreatedFont@12
_Java_sun_font_FontManager_populateFontFileNameMap@24
_Java_sun_font_FontManager_setCreatedFont@12
_Java_sun_font_FontManager_setFont2D@16
_Java_sun_font_FontManager_setNativeFontPath@12
_Java_sun_font_StrikeCache_freeIntMemory@20
_Java_sun_font_StrikeCache_freeIntPointer@12
_Java_sun_font_StrikeCache_freeLongMemory@20
_Java_sun_font_StrikeCache_freeLongPointer@16
_Java_sun_font_StrikeCache_getGlyphCacheDescription@12
_Java_sun_font_SunLayoutEngine_initGVIDs@8
_Java_sun_font_SunLayoutEngine_nativeLayout@68
_Java_sun_font_TrueTypeFont_createScaler@24
_Java_sun_font_TrueTypeFont_getGlyphPoint@24
_Java_sun_font_Type1Font_createScaler@12
_Java_sun_font_Type1Font_getGlyphCode@20
_Java_sun_font_Type1Font_getMissingGlyphCode@16
_Java_sun_font_Type1Font_getNumGlyphs@16
_Java_sun_java2d_d3d_D3DTextRenderer_doDrawGlyphList@32
_Java_sun_java2d_loops_DrawGlyphListAA_DrawGlyphListAA@20
_Java_sun_java2d_loops_DrawGlyphListLCD_DrawGlyphListLCD@20
_Java_sun_java2d_loops_DrawGlyphList_DrawGlyphList@20

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6978db6e2fe047d92a30103318af8718

Headers

File Characteristics

PDB Paths

Imports

java

advapi32

user32

gdi32

awt

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 104KB - Virtual size: 100KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 8KB - Virtual size: 6KB

.text Size: 68KB - Virtual size: 68KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 104KB - Virtual size: 100KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 68KB - Virtual size: 68KB