07e9e92464934cd1c4ff1fe5e62627bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07e9e92464934cd1c4ff1fe5e62627bd_JaffaCakes118
Size

198KB
MD5

07e9e92464934cd1c4ff1fe5e62627bd
SHA1

762e9dba37283a8771faef1ab50179f6e869c70c
SHA256

59fd151ee64f82542e2305ba22fc141c6108b827b475444a2adfe695e9dee802
SHA512

08cf6a3affb4cf2691045c01a075a975d794d4924dd58fd927bf738676431359026a69dfb091cea25554598f70a801ac78f4c7456670e59175c0225cd1e7f535
SSDEEP

6144:Y+Xyol0j+17goOuvJ7nMB6lP2JCjvGLQfRL:YulG+17goOErM6P2Jc+LQF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07e9e92464934cd1c4ff1fe5e62627bd_JaffaCakes118

Files

07e9e92464934cd1c4ff1fe5e62627bd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

82e0f8175f076692e45dc44c9cfd56ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\CXR18\BSF\intel_a\code\bin\CATAECMigrationItf.pdb

Imports

js0group

?GetIDsOfNames@CATBaseUnknown@@UAGJABU_GUID@@PAPAGIKPAJ@Z
?Invoke@CATBaseUnknown@@UAGJJABU_GUID@@KGPAUtagDISPPARAMS@@PAUtagVARIANT@@PAUtagEXCEPINFO@@PAI@Z
?QueryInterface@CATBaseUnknown@@UBEPAV1@PBD@Z
?GetMetaObject@CATBaseUnknown@@UBGPAVCATMetaClass@@XZ
?IsA@CATBaseUnknown@@UBEPBDXZ
?IsAKindOf@CATBaseUnknown@@UBEHPBD@Z
?GetImpl@CATBaseUnknown@@UBGPAV1@H@Z
?SetImpl@CATBaseUnknown@@UAGPAV1@PAV1@@Z
?IsNull@CATBaseUnknown@@UBEHXZ
?IsEqual@CATBaseUnknown@@UBEHPBV1@@Z
?ChangeComponentState@CATBaseUnknown@@UAEJW4ComponentState@1@0PBVCATSysChangeComponentStateContext@@@Z
??1CATBaseUnknown@@UAE@XZ
??0CATBaseUnknown@@QAE@ABV0@@Z
??4CATBaseUnknown@@QAEAAV0@ABV0@@Z
??3CATBaseUnknown@@SAXPAX@Z
?SetFWname@CATMetaClass@@QAEXPBD@Z
?AddDictionary@@YAPBUinfo_dic@@PBU_GUID@@0PBD11PAX12HHH1@Z
?GetTypeInfo@CATBaseUnknown@@UAGJIKPAPAUITypeInfo@@@Z
??0CATMetaClass@@QAE@PBU_GUID@@PBDPAV0@2W4ENUMTypeOfClass@@@Z
?MetaObject@CATBaseUnknown@@SGPAVCATMetaClass@@XZ
??2CATMetaClass@@SAPAXI@Z
?GetClassId@CATMetaClass@@QBGABU_GUID@@XZ
?IsA@CATMetaClass@@QBEPBDXZ
?CastTo@CATBaseUnknown_var@@IAGXPAUIUnknown@@ABU_GUID@@@Z
??0CATFillDictionary@@QAE@ABU_GUID@@0PAX1@Z
??0CATBaseUnknown_var@@QAE@XZ
??1CATBaseUnknown_var@@QAE@XZ
??0CATCollecRoot@@QAE@XZ
??4CATBaseUnknown_var@@QAGAAV0@ABV0@@Z
??1CATCollecRoot@@QAE@XZ
??BCATBaseUnknown_var@@QBGPAVCATBaseUnknown@@XZ
?CATFatalError@@YAXPBD0000H@Z
?CLSID_CATBaseUnknown@@3U_GUID@@B
?GetTypeInfoCount@CATBaseUnknown@@UAGJPAI@Z
?Release@CATBaseUnknown@@UAGKXZ
?AddRef@CATBaseUnknown@@UAGKXZ
??0CATBaseUnknown@@QAE@XZ
?QueryInterface@CATBaseUnknown@@UAGJABU_GUID@@PAPAX@Z
?CLSID_CATMetaClass@@3U_GUID@@B

catv4integrationbase

??4CATIMigration@@QAEAAV0@ABV0@@Z
?MetaObject@CATIMigration@@SGPAVCATMetaClass@@XZ
??0CATIMigration@@QAE@ABV0@@Z
??1CATIMigration@@UAE@XZ
??0CATIMigration@@QAE@XZ

msvcr80

_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_amsg_exit
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
memcpy
memset
free
??_V@YAXPAX@Z
??3@YAXPAX@Z
_purecall
_callnewh
_unlock
malloc

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

Exports

Exports

??0CATIAecApplConnections@@QAE@ABV0@@Z
??0CATIAecApplConnections@@QAE@XZ
??0CATIAecApplMigrator@@QAE@ABV0@@Z
??0CATIAecApplMigrator@@QAE@XZ
??0CATIAecApplicationModeler@@QAE@ABV0@@Z
??0CATIAecApplicationModeler@@QAE@XZ
??0CATIAecClassDef@@QAE@ABV0@@Z
??0CATIAecClassDef@@QAE@XZ
??0CATIAecMigration@@QAE@ABV0@@Z
??0CATIAecMigration@@QAE@XZ
??0CATIAecModelDomain@@QAE@ABV0@@Z
??0CATIAecModelDomain@@QAE@XZ
??0CATListValCATIAecClassDef_var@@QAE@ABV0@@Z
??0CATListValCATIAecClassDef_var@@QAE@H@Z
??0CATListValCATIAecClassDef_var@@QAE@HH@Z
??0CATListValCATIAecClassDef_var@@QAE@XZ
??0CATListValCATIAecModelDomain_var@@QAE@ABV0@@Z
??0CATListValCATIAecModelDomain_var@@QAE@H@Z
??0CATListValCATIAecModelDomain_var@@QAE@HH@Z
??0CATListValCATIAecModelDomain_var@@QAE@XZ
??1CATIAecApplConnections@@UAE@XZ
??1CATIAecApplMigrator@@UAE@XZ
??1CATIAecApplicationModeler@@UAE@XZ
??1CATIAecClassDef@@UAE@XZ
??1CATIAecMigration@@UAE@XZ
??1CATIAecModelDomain@@UAE@XZ
??1CATListValCATIAecClassDef_var@@UAE@XZ
??1CATListValCATIAecModelDomain_var@@UAE@XZ
??4CATIAecApplConnections@@QAEAAV0@ABV0@@Z
??4CATIAecApplMigrator@@QAEAAV0@ABV0@@Z
??4CATIAecApplicationModeler@@QAEAAV0@ABV0@@Z
??4CATIAecClassDef@@QAEAAV0@ABV0@@Z
??4CATIAecMigration@@QAEAAV0@ABV0@@Z
??4CATIAecModelDomain@@QAEAAV0@ABV0@@Z
??4CATListValCATIAecClassDef_var@@QAEAAV0@ABV0@@Z
??4CATListValCATIAecModelDomain_var@@QAEAAV0@ABV0@@Z
??ACATListValCATIAecClassDef_var@@QAEAAVCATIAecClassDef_var@@H@Z
??ACATListValCATIAecClassDef_var@@QBEABVCATIAecClassDef_var@@H@Z
??ACATListValCATIAecModelDomain_var@@QAEAAVCATIAecModelDomain_var@@H@Z
??ACATListValCATIAecModelDomain_var@@QBEABVCATIAecModelDomain_var@@H@Z
??_7CATIAecApplConnections@@6B@
??_7CATIAecApplMigrator@@6B@
??_7CATIAecApplicationModeler@@6B@
??_7CATIAecClassDef@@6B@
??_7CATIAecMigration@@6B@
??_7CATIAecModelDomain@@6B@
??_7CATListValCATIAecClassDef_var@@6B@
??_7CATListValCATIAecModelDomain_var@@6B@
?Append@CATListValCATIAecClassDef_var@@QAEXABV1@@Z
?Append@CATListValCATIAecClassDef_var@@QAEXABVCATIAecClassDef_var@@@Z
?Append@CATListValCATIAecModelDomain_var@@QAEXABV1@@Z
?Append@CATListValCATIAecModelDomain_var@@QAEXABVCATIAecModelDomain_var@@@Z
?ClassId@CATIAecApplConnections@@SGABU_GUID@@XZ
?ClassId@CATIAecApplMigrator@@SGABU_GUID@@XZ
?ClassId@CATIAecApplicationModeler@@SGABU_GUID@@XZ
?ClassId@CATIAecClassDef@@SGABU_GUID@@XZ
?ClassId@CATIAecMigration@@SGABU_GUID@@XZ
?ClassId@CATIAecModelDomain@@SGABU_GUID@@XZ
?ClassName@CATIAecApplConnections@@SGPBDXZ
?ClassName@CATIAecApplMigrator@@SGPBDXZ
?ClassName@CATIAecApplicationModeler@@SGPBDXZ
?ClassName@CATIAecClassDef@@SGPBDXZ
?ClassName@CATIAecMigration@@SGPBDXZ
?ClassName@CATIAecModelDomain@@SGPBDXZ
?FreeStorage@CATListValCATIAecClassDef_var@@IAEXAAPAVCATIAecClassDef_var@@@Z
?FreeStorage@CATListValCATIAecModelDomain_var@@IAEXAAPAVCATIAecModelDomain_var@@@Z
?GetImplementationList@CATListValCATIAecClassDef_var@@IBEXHAAPAPAUIUnknown@@@Z
?GetImplementationList@CATListValCATIAecModelDomain_var@@IBEXHAAPAPAUIUnknown@@@Z
?GetStorage@CATListValCATIAecClassDef_var@@IAEXHAAPAVCATIAecClassDef_var@@@Z
?GetStorage@CATListValCATIAecModelDomain_var@@IAEXHAAPAVCATIAecModelDomain_var@@@Z
?IID_CATIAecApplConnections@@3U_GUID@@A
?IID_CATIAecApplMigrator@@3U_GUID@@A
?IID_CATIAecApplicationModeler@@3U_GUID@@A
?IID_CATIAecClassDef@@3U_GUID@@A
?IID_CATIAecMigration@@3U_GUID@@A
?IID_CATIAecModelDomain@@3U_GUID@@A
?Locate@CATListValCATIAecClassDef_var@@QBEHABVCATIAecClassDef_var@@H@Z
?Locate@CATListValCATIAecModelDomain_var@@QBEHABVCATIAecModelDomain_var@@H@Z
?Max@CATListValCATIAecClassDef_var@@QAEXH@Z
?Max@CATListValCATIAecModelDomain_var@@QAEXH@Z
?MetaObject@CATIAecApplConnections@@SGPAVCATMetaClass@@XZ
?MetaObject@CATIAecApplMigrator@@SGPAVCATMetaClass@@XZ
?MetaObject@CATIAecApplicationModeler@@SGPAVCATMetaClass@@XZ
?MetaObject@CATIAecClassDef@@SGPAVCATMetaClass@@XZ
?MetaObject@CATIAecMigration@@SGPAVCATMetaClass@@XZ
?MetaObject@CATIAecModelDomain@@SGPAVCATMetaClass@@XZ
?RemoveAll@CATListValCATIAecClassDef_var@@QAEXW4MemoryHandling@CATCollec@@@Z
?RemoveAll@CATListValCATIAecModelDomain_var@@QAEXW4MemoryHandling@CATCollec@@@Z
?Size@CATListValCATIAecClassDef_var@@QBEHXZ
?Size@CATListValCATIAecModelDomain_var@@QBEHXZ
?_SBSize@CATListValCATIAecClassDef_var@@1HB
?_SBSize@CATListValCATIAecModelDomain_var@@1HB
?__CastTo@CATIAecApplConnections_var@@AAGXPAUIUnknown@@@Z
?__CastTo@CATIAecApplicationModeler_var@@AAGXPAUIUnknown@@@Z
?__CastTo@CATIAecClassDef_var@@AAGXPAUIUnknown@@@Z
?__CastTo@CATIAecMigration_var@@AAGXPAUIUnknown@@@Z
?__CastTo@CATIAecModelDomain_var@@AAGXPAUIUnknown@@@Z
?meta_object@CATIAecApplConnections@@0PAVCATMetaClass@@A
?meta_object@CATIAecApplMigrator@@0PAVCATMetaClass@@A
?meta_object@CATIAecApplicationModeler@@0PAVCATMetaClass@@A
?meta_object@CATIAecClassDef@@0PAVCATMetaClass@@A
?meta_object@CATIAecMigration@@0PAVCATMetaClass@@A
?meta_object@CATIAecModelDomain@@0PAVCATMetaClass@@A
DASSAULT_SYSTEMES_CAA2_INTERNAL_CATAECMigrationItf

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82e0f8175f076692e45dc44c9cfd56ab

Headers

File Characteristics

PDB Paths

Imports

js0group

catv4integrationbase

msvcr80

kernel32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 176KB - Virtual size: 176KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 176KB - Virtual size: 176KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB