O:\OOO330\ooo\extensions\wntmsci12.pro\bin\plmi.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3f16522723b9e7aef7c8b5d0bfc79968_JaffaCakes118.dll
Resource
win7-20240704-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
3f16522723b9e7aef7c8b5d0bfc79968_JaffaCakes118.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
3f16522723b9e7aef7c8b5d0bfc79968_JaffaCakes118
-
Size
152KB
-
MD5
3f16522723b9e7aef7c8b5d0bfc79968
-
SHA1
a579f0be7020f8cf887868d686220e539f129b89
-
SHA256
820b84e2b74bc4bafdd0e5ebe0a9a2df5477d8c57252440b22e5e7d8cfa6ec2c
-
SHA512
0a35d1746031fdd0aa02412bc256ff0322c100972d9d8fde3a6ac264952f57614799771aba4d15067a89c1f62f10d25796c7b4f5ba09863713f5e7f5fe8529c8
-
SSDEEP
3072:R/B/RIZck38b8LVjPEqicJ+/wcQKQwSS/2O3lyUFh:tKV7BcQKD2O3dh
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3f16522723b9e7aef7c8b5d0bfc79968_JaffaCakes118
Files
-
3f16522723b9e7aef7c8b5d0bfc79968_JaffaCakes118.dll windows:5 windows x86 arch:x86
df5536d81bbe2bdbd0bf89a437047f46
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
tkmi
?GetWindow@VCLUnoHelper@@SAPAVWindow@@ABV?$Reference@VXWindowPeer@awt@star@sun@com@@@uno@star@sun@com@@@Z
vclmi
?GetPreferredKeyInputWindow@Window@@UAEPAV1@XZ
?getValue@SettingsConfigItem@vcl@@QBEABVOUString@rtl@@ABV34@0@Z
?get@SettingsConfigItem@vcl@@SAPAV12@XZ
?GetSystemData@SystemChildWindow@@QBEPBUSystemEnvData@@XZ
?PostUserEvent@Application@@SAEAAKABVLink@@PAX@Z
?PostUserEvent@Application@@SAKABVLink@@PAX@Z
??0SolarThreadExecutor@vcl@@QAE@XZ
??1SolarThreadExecutor@vcl@@UAE@XZ
?impl_execute@SolarThreadExecutor@vcl@@AAEJPBUTimeValue@@@Z
??1SystemChildWindow@@UAE@XZ
?GetSurroundingTextSelection@Window@@UBE?AVSelection@@XZ
?GetSurroundingText@Window@@UBE?AVString@@XZ
?GetOptimalSize@Window@@UBE?AVSize@@W4WindowSizeType@@@Z
?GetPrimarySelection@Window@@UAE?AV?$Reference@VXClipboard@clipboard@datatransfer@star@sun@com@@@uno@star@sun@com@@XZ
?GetClipboard@Window@@UAE?AV?$Reference@VXClipboard@clipboard@datatransfer@star@sun@com@@@uno@star@sun@com@@XZ
?GetDragGestureRecognizer@Window@@UAE?AV?$Reference@VXDragGestureRecognizer@dnd@datatransfer@star@sun@com@@@uno@star@sun@com@@XZ
?GetDragSource@Window@@UAE?AV?$Reference@VXDragSource@dnd@datatransfer@star@sun@com@@@uno@star@sun@com@@XZ
?GetDropTarget@Window@@UAE?AV?$Reference@VXDropTarget@dnd@datatransfer@star@sun@com@@@uno@star@sun@com@@XZ
?GrabFocus@Window@@QAEXXZ
?GetParentLabelFor@Window@@UBEPAV1@PBV1@@Z
?CreateAccessible@Window@@UAE?AV?$Reference@VXAccessible@accessibility@star@sun@com@@@uno@star@sun@com@@XZ
?SetComponentInterface@Window@@UAEXV?$Reference@VXWindowPeer@awt@star@sun@com@@@uno@star@sun@com@@@Z
?GetComponentInterface@Window@@UAE?AV?$Reference@VXWindowPeer@awt@star@sun@com@@@uno@star@sun@com@@E@Z
?GetDisplayBackground@Window@@UBEABVWallpaper@@XZ
?GetDisplayText@Window@@UBE?AVString@@XZ
?GetText@Window@@UBE?AVString@@XZ
?SetText@Window@@UAEXABVString@@@Z
?Invalidate@Window@@UAEXG@Z
?Invalidate@Window@@UAEXABVRectangle@@G@Z
?Invalidate@Window@@UAEXABVRegion@@G@Z
?Scroll@Window@@UAEXJJG@Z
?Scroll@Window@@UAEXJJABVRectangle@@G@Z
?IsScrollable@Window@@UBEEXZ
?SetOutputSizePixel@Window@@UAEXABVSize@@@Z
?GetSizePixel@Window@@UBE?AVSize@@XZ
?SetSizePixel@Window@@UAEXABVSize@@@Z
?GetPosPixel@Window@@UBE?AVPoint@@XZ
?SetPosPixel@Window@@UAEXABVPoint@@@Z
?SetPosSizePixel@Window@@UAEXJJJJG@Z
?SetPosSizePixel@Window@@UAEXABVPoint@@ABVSize@@@Z
?SetSettings@Window@@UAEXABVAllSettings@@E@Z
?GetParentLabeledBy@Window@@UBEPAV1@PBV1@@Z
?Notify@Window@@UAEJAAVNotifyEvent@@@Z
?PreNotify@Window@@UAEJAAVNotifyEvent@@@Z
?DataChanged@Window@@UAEXABVDataChangedEvent@@@Z
?StateChanged@Window@@UAEXG@Z
?UserEvent@Window@@UAEXKPAX@Z
?Tracking@Window@@UAEXABVTrackingEvent@@@Z
?Command@Window@@UAEXABVCommandEvent@@@Z
?RequestHelp@Window@@UAEXABVHelpEvent@@@Z
?LoseFocus@Window@@UAEXXZ
?GetFocus@Window@@UAEXXZ
?Deactivate@Window@@UAEXXZ
?Activate@Window@@UAEXXZ
?Resize@Window@@UAEXXZ
?Move@Window@@UAEXXZ
?Draw@Window@@UAEXPAVOutputDevice@@ABVPoint@@ABVSize@@K@Z
?Paint@Window@@UAEXABVRectangle@@@Z
?PrePaint@Window@@UAEXXZ
?KeyUp@Window@@UAEXABVKeyEvent@@@Z
?KeyInput@Window@@UAEXABVKeyEvent@@@Z
?MouseButtonUp@Window@@UAEXABVMouseEvent@@@Z
?MouseButtonDown@Window@@UAEXABVMouseEvent@@@Z
?MouseMove@Window@@UAEXABVMouseEvent@@@Z
?SetRelativeMapMode@OutputDevice@@UAEXABVMapMode@@@Z
?SetMapMode@OutputDevice@@UAEXXZ
?SetMapMode@OutputDevice@@UAEXABVMapMode@@@Z
?SetSettings@Window@@UAEXABVAllSettings@@@Z
??0SystemChildWindow@@QAE@PAVWindow@@_J@Z
?HasFocus@Window@@QBEEXZ
utlmi
??0SvtPathOptions@@QAE@XZ
?GetPluginPath@SvtPathOptions@@QBEABVString@@XZ
??1SvtPathOptions@@UAE@XZ
tlmi
?Close@SvFileStream@@QAEXXZ
??0SvFileStream@@QAE@XZ
??4DirEntry@@QAEAAV0@ABV0@@Z
??BString@@QBE?AVOUString@rtl@@XZ
?GetToken@String@@QBE?AV1@GG@Z
?GetTokenCount@String@@QBEGG@Z
??1String@@QAE@XZ
??0String@@QAE@ABV0@@Z
??1INetURLObject@@QAE@XZ
?GetName@INetURLObject@@QBE?AVOUString@rtl@@W4DecodeMechanism@1@G@Z
??0INetURLObject@@QAE@ABVOUString@rtl@@W4EncodeMechanism@0@G@Z
??1DirEntry@@QAE@XZ
?Kill@DirEntry@@QBEKH@Z
??0DirEntry@@QAE@ABVString@@W4FSysPathStyle@@@Z
??0String@@QAE@ABVOUString@rtl@@@Z
?GetMainURL@INetURLObject@@QBE?AVOUString@rtl@@W4DecodeMechanism@1@G@Z
??1ByteString@@QAE@XZ
?SetSmartURL@INetURLObject@@QAE_NABVByteString@@W4EncodeMechanism@1@GW4FSysStyle@1@@Z
??0ByteString@@QAE@ABVOString@rtl@@@Z
??0INetURLObject@@QAE@XZ
??1SvFileStream@@UAE@XZ
?GetExtension@DirEntry@@QBE?AVString@@D@Z
?Read@SvStream@@QAEKPAXK@Z
?Seek@SvStream@@QAEKK@Z
??0SvFileStream@@QAE@ABVString@@G@Z
?Assign@String@@QAEAAV1@ABVOUString@rtl@@@Z
?PathToFileName@INetURLObject@@QBE?AVOUString@rtl@@XZ
??0String@@QAE@PBDGK@Z
?GetFull@DirEntry@@QBE?AVString@@W4FSysPathStyle@@EG@Z
?TempName@DirEntry@@QBE?AV1@H@Z
??0DirEntry@@QAE@W4DirEntryFlag@@@Z
?setAbsURIRef@INetURLObject@@AAE_NABVOUString@rtl@@_NW4EncodeMechanism@1@G1W4FSysStyle@1@@Z
??0String@@QAE@PBDGGK@Z
?Write@SvStream@@QAEKPBXK@Z
?Open@SvFileStream@@QAEXABVString@@G@Z
?SetExtension@DirEntry@@QAEXABVString@@D@Z
??0ByteString@@QAE@ABVString@@GK@Z
vos3msc
?start@OTimer@vos@@QAAXXZ
?release@OReference@vos@@UAAJXZ
?acquire@OReference@vos@@UAAJXZ
??0OReference@vos@@QAE@XZ
??0OObject@vos@@QAE@XZ
?getClassInfo@OTimer@vos@@UBAABUOClassInfo@2@XZ
??3OObject@vos@@SAXPAX@Z
??2OObject@vos@@SAPAXI@Z
??1OReference@vos@@UAE@XZ
??1OObject@vos@@UAE@XZ
??1OTimer@vos@@MAE@XZ
??0OTimer@vos@@QAE@ABUTTimeValue@1@0@Z
ucbhelper4msc
?openStream@Content@ucbhelper@@QAEEABV?$Reference@VXOutputStream@io@star@sun@com@@@uno@star@sun@com@@@Z
??0Content@ucbhelper@@QAE@ABVOUString@rtl@@ABV?$Reference@VXCommandEnvironment@ucb@star@sun@com@@@uno@star@sun@com@@@Z
??1Content@ucbhelper@@QAE@XZ
cppuhelper3msc
?getContainedTypes@OMultiTypeInterfaceContainerHelper@cppu@@QBA?AV?$Sequence@VType@uno@star@sun@com@@@uno@star@sun@com@@XZ
?removeInterface@OInterfaceContainerHelper@cppu@@QAAJABV?$Reference@VXInterface@uno@star@sun@com@@@uno@star@sun@com@@@Z
?addInterface@OMultiTypeInterfaceContainerHelper@cppu@@QAAJABVType@uno@star@sun@com@@ABV?$Reference@VXInterface@uno@star@sun@com@@@4567@@Z
?getContainer@OMultiTypeInterfaceContainerHelper@cppu@@QBAPAVOInterfaceContainerHelper@2@ABVType@uno@star@sun@com@@@Z
??0OInterfaceIteratorHelper@cppu@@QAE@AAVOInterfaceContainerHelper@1@@Z
?next@OInterfaceIteratorHelper@cppu@@QAAPAVXInterface@uno@star@sun@com@@XZ
??1OInterfaceIteratorHelper@cppu@@QAE@XZ
?disposeAndClear@OMultiTypeInterfaceContainerHelper@cppu@@QAAXABUEventObject@lang@star@sun@com@@@Z
??0WeakReferenceHelper@uno@star@sun@com@@QAE@ABV?$Reference@VXInterface@uno@star@sun@com@@@1234@@Z
?get@WeakReferenceHelper@uno@star@sun@com@@QBA?AV?$Reference@VXInterface@uno@star@sun@com@@@2345@XZ
?ImplHelper_getImplementationId@cppu@@YA?AV?$Sequence@C@uno@star@sun@com@@PAUclass_data@1@@Z
?WeakAggImplHelper_getTypes@cppu@@YA?AV?$Sequence@VType@uno@star@sun@com@@@uno@star@sun@com@@PAUclass_data@1@@Z
?WeakAggImplHelper_queryAgg@cppu@@YA?AVAny@uno@star@sun@com@@ABVType@3456@PAUclass_data@1@PAXPAVOWeakAggObject@1@@Z
?disposing@OPropertySetHelper@cppu@@QAAXXZ
?fillHandles@OPropertyArrayHelper@cppu@@UAAJPAJABV?$Sequence@VOUString@rtl@@@uno@star@sun@com@@@Z
?getHandleByName@OPropertyArrayHelper@cppu@@UAAJABVOUString@rtl@@@Z
?hasPropertyByName@OPropertyArrayHelper@cppu@@UAAEABVOUString@rtl@@@Z
?getPropertyByName@OPropertyArrayHelper@cppu@@UAA?AUProperty@beans@star@sun@com@@ABVOUString@rtl@@@Z
?getProperties@OPropertyArrayHelper@cppu@@UAA?AV?$Sequence@UProperty@beans@star@sun@com@@@uno@star@sun@com@@XZ
?fillPropertyMembersByHandle@OPropertyArrayHelper@cppu@@UAAEPAVOUString@rtl@@PAFJ@Z
?removeVetoableChangeListener@OPropertySetHelper@cppu@@UAAXABVOUString@rtl@@ABV?$Reference@VXVetoableChangeListener@beans@star@sun@com@@@uno@star@sun@com@@@Z
?addVetoableChangeListener@OPropertySetHelper@cppu@@UAAXABVOUString@rtl@@ABV?$Reference@VXVetoableChangeListener@beans@star@sun@com@@@uno@star@sun@com@@@Z
?removePropertyChangeListener@OPropertySetHelper@cppu@@UAAXABVOUString@rtl@@ABV?$Reference@VXPropertyChangeListener@beans@star@sun@com@@@uno@star@sun@com@@@Z
?addPropertyChangeListener@OPropertySetHelper@cppu@@UAAXABVOUString@rtl@@ABV?$Reference@VXPropertyChangeListener@beans@star@sun@com@@@uno@star@sun@com@@@Z
?getPropertyValue@OPropertySetHelper@cppu@@UAA?AVAny@uno@star@sun@com@@ABVOUString@rtl@@@Z
?setPropertyValue@OPropertySetHelper@cppu@@UAAXABVOUString@rtl@@ABVAny@uno@star@sun@com@@@Z
?getFastPropertyValue@OPropertySetHelper@cppu@@UAA?AVAny@uno@star@sun@com@@J@Z
?setFastPropertyValue@OPropertySetHelper@cppu@@UAAXJABVAny@uno@star@sun@com@@@Z
?firePropertiesChangeEvent@OPropertySetHelper@cppu@@UAAXABV?$Sequence@VOUString@rtl@@@uno@star@sun@com@@ABV?$Reference@VXPropertiesChangeListener@beans@star@sun@com@@@4567@@Z
?removePropertiesChangeListener@OPropertySetHelper@cppu@@UAAXABV?$Reference@VXPropertiesChangeListener@beans@star@sun@com@@@uno@star@sun@com@@@Z
?addPropertiesChangeListener@OPropertySetHelper@cppu@@UAAXABV?$Sequence@VOUString@rtl@@@uno@star@sun@com@@ABV?$Reference@VXPropertiesChangeListener@beans@star@sun@com@@@4567@@Z
?getPropertyValues@OPropertySetHelper@cppu@@UAA?AV?$Sequence@VAny@uno@star@sun@com@@@uno@star@sun@com@@ABV?$Sequence@VOUString@rtl@@@4567@@Z
?setPropertyValues@OPropertySetHelper@cppu@@UAAXABV?$Sequence@VOUString@rtl@@@uno@star@sun@com@@ABV?$Sequence@VAny@uno@star@sun@com@@@4567@@Z
??0OPropertySetHelper@cppu@@QAE@AAU?$OBroadcastHelperVar@VOMultiTypeInterfaceContainerHelper@cppu@@VType@uno@star@sun@com@@@1@@Z
??0OPropertyArrayHelper@cppu@@QAE@PAUProperty@beans@star@sun@com@@JE@Z
??1OPropertySetHelper@cppu@@QAE@XZ
??1IPropertyArrayHelper@cppu@@UAE@XZ
?createPropertySetInfo@OPropertySetHelper@cppu@@SA?AV?$Reference@VXPropertySetInfo@beans@star@sun@com@@@uno@star@sun@com@@AAVIPropertyArrayHelper@2@@Z
??1OWeakAggObject@cppu@@MAE@XZ
?queryAggregation@OWeakAggObject@cppu@@UAA?AVAny@uno@star@sun@com@@ABVType@4567@@Z
?setDelegator@OWeakAggObject@cppu@@UAAXABV?$Reference@VXInterface@uno@star@sun@com@@@uno@star@sun@com@@@Z
?queryAdapter@OWeakObject@cppu@@UAA?AV?$Reference@VXAdapter@uno@star@sun@com@@@uno@star@sun@com@@XZ
?createSingleFactory@cppu@@YA?AV?$Reference@VXSingleServiceFactory@lang@star@sun@com@@@uno@star@sun@com@@ABV?$Reference@VXMultiServiceFactory@lang@star@sun@com@@@3456@ABVOUString@rtl@@P6A?AV?$Reference@VXInterface@uno@star@sun@com@@@3456@0@ZABV?$Sequence@VOUString@rtl@@@3456@PAU_rtl_ModuleCount@@@Z
??1OMultiTypeInterfaceContainerHelper@cppu@@QAE@XZ
??0OMultiTypeInterfaceContainerHelper@cppu@@QAE@AAVMutex@osl@@@Z
??1WeakReferenceHelper@uno@star@sun@com@@QAE@XZ
??1OWeakObject@cppu@@MAE@XZ
??0OWeakObject@cppu@@QAE@XZ
?queryInterface@OWeakAggObject@cppu@@UAA?AVAny@uno@star@sun@com@@ABVType@4567@@Z
?acquire@OWeakAggObject@cppu@@UAAXXZ
?release@OWeakAggObject@cppu@@UAAXXZ
cppu3
uno_type_sequence_assign
uno_type_sequence_realloc
uno_type_sequence_reference2One
uno_type_sequence_construct
typelib_static_type_init
uno_type_any_assign
uno_any_destruct
uno_type_any_construct
uno_any_construct
typelib_typedescriptionreference_acquire
typelib_typedescriptionreference_equals
typelib_typedescriptionreference_release
uno_type_destructData
typelib_static_sequence_type_init
typelib_static_type_getByTypeClass
sal3
rtl_string_new
rtl_uString_assign
rtl_uString_newConcat
rtl_ustr_reverseCompare_WithLength
rtl_uString_newFromAscii
rtl_uString_new
rtl_uString_acquire
osl_createMutex
rtl_string_newFromStr_WithLength
rtl_str_indexOfStr_WithLength
rtl_str_lastIndexOfChar_WithLength
rtl_str_indexOfChar_WithLength
rtl_string_newConcat
osl_getSystemPathFromFileURL
rtl_ustr_indexOfStr_WithLength
rtl_ustr_lastIndexOfChar_WithLength
rtl_ustr_ascii_compare_WithLength
rtl_str_toInt32
rtl_str_compareIgnoreAsciiCase_WithLength
rtl_string_assign
osl_destroyMutex
osl_getThreadTextEncoding
rtl_str_indexOfStr
rtl_uString_newToAsciiLowerCase
rtl_uString_newFromStr_WithLength
rtl_uString_newFromStr
rtl_string_getToken
rtl_string_newTrim
rtl_string_newToAsciiLowerCase
rtl_str_reverseCompare_WithLength
rtl_str_compare_WithLength
rtl_string_release
rtl_uString2String
rtl_string_newFromStr
rtl_string_acquire
osl_getGlobalMutex
osl_releaseMutex
osl_acquireMutex
rtl_ustr_toBoolean
rtl_ustr_ascii_shortenedCompare_WithLength
rtl_ustr_compare_WithLength
rtl_string2UString
osl_incrementInterlockedCount
rtl_freeMemory
rtl_allocateMemory
rtl_uString_release
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
advapi32
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
msvcr90
__clean_type_info_names_internal
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
_except_handler4_common
_adjust_fdiv
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
malloc
memset
strncmp
_purecall
free
fclose
fopen
fwrite
fflush
??_U@YAPAXI@Z
??_V@YAXPAX@Z
strncpy
getenv
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBDH@Z
??1exception@std@@UAE@XZ
__CxxFrameHandler3
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_amsg_exit
__CppXcptFilter
_strdup
kernel32
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
FreeLibrary
LoadLibraryA
GetProcAddress
lstrcpyA
lstrcatA
FindFirstFileA
FindNextFileA
FindClose
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
stlport_vc7145
?allocate@?$__node_alloc@$00$0A@@_STL@@SAPAXI@Z
?deallocate@?$__node_alloc@$00$0A@@_STL@@SAXPAXI@Z
?_M_increment@?$_Rb_global@_N@_STL@@SAPAU_Rb_tree_node_base@2@PAU32@@Z
?_M_decrement@?$_Rb_global@_N@_STL@@SAPAU_Rb_tree_node_base@2@PAU32@@Z
?_Rebalance@?$_Rb_global@_N@_STL@@SAXPAU_Rb_tree_node_base@2@AAPAU32@@Z
Exports
Exports
GetVersionInfo
component_getFactory
component_getImplementationEnvironment
component_writeInfo
Sections
.text Size: 84KB - Virtual size: 83KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 51KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ