3c2f9f28b2bec002a18e71fce2f621dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c2f9f28b2bec002a18e71fce2f621dd_JaffaCakes118
Size

41KB
MD5

3c2f9f28b2bec002a18e71fce2f621dd
SHA1

73d37216ff625daf6f9d3d35e44d4e7aca70c0ce
SHA256

efef27cf15ce12fd0d0ce8d53a72460e59c26c4d816c479f36fb13c6cf7272b9
SHA512

c555e15c00da023d5048a2554045c6146b49cdc028e5db288d6f6cbdf87d1fa5eb8164f75456e83af5560b0531ecffc66fcc15b5e2866b515e9968bcefda1d55
SSDEEP

384:B+GJThTWVixFwIHTVV5hHwwTLVlDbLhaVJixXQc8VMSdtAXCqTXy9DV5rWkDot2M:cYh5pVV5hHw8Lao5Qfd01DmB9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c2f9f28b2bec002a18e71fce2f621dd_JaffaCakes118

Files

3c2f9f28b2bec002a18e71fce2f621dd_JaffaCakes118
.dll windows:5 windows x86 arch:x86

9dc0bd9d1743709ef08b4c591bfcb1aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\onegit\pango\wntmsci12.pro\misc\build\pango-1.28.3\pango\pangocairolo.pdb

Imports

gliblo

g_log
g_utf8_get_char
g_unichar_iswide
g_unichar_iszerowidth
g_slice_alloc
g_slist_free
g_slist_foreach
g_malloc0_n
g_once_init_leave
g_once_init_enter_impl
g_malloc_n
g_snprintf
g_thread_functions_for_glib_use
g_static_mutex_get_mutex_impl
g_threads_got_initialized
g_assertion_message_expr
g_slist_prepend
g_free
g_intern_static_string
g_slice_free1
g_quark_from_static_string
g_slice_alloc0
g_utf8_skip

gobjectlo

g_object_add_weak_pointer
g_object_set_qdata_full
g_object_get_qdata
g_type_check_instance_cast
g_object_unref
g_type_interface_add_prerequisite
g_type_register_static
g_type_interface_peek
g_object_ref
g_object_new
g_type_init
g_type_register_static_simple
g_type_class_peek_parent
g_type_check_class_cast
g_type_add_interface_static
g_type_check_instance_is_a

pangolo

pango_font_get_type
pango_layout_get_type
pango_layout_get_context
pango_layout_context_changed
pango_units_from_double
pango_font_map_create_context
pango_context_get_matrix
pango_font_description_free
pango_context_get_type
pango_font_description_set_family_static
pango_font_description_unset_fields
pango_font_description_get_gravity
pango_font_description_get_size
pango_gravity_to_rotation
pango_font_metrics_unref
pango_font_description_to_string
pango_font_description_set_absolute_size
pango_font_describe
pango_font_metrics_ref
pango_layout_get_extents
pango_layout_set_text
pango_layout_set_font_description
pango_font_describe_with_absolute_size
pango_matrix_get_font_scale_factor
pango_context_set_language
pango_font_metrics_new
pango_font_get_font_map
pango_language_get_sample_string
pango_layout_get_lines_readonly
pango_font_map_load_font
pango_script_get_sample_language
pango_context_set_matrix
pango_font_get_glyph_extents
pango_font_map_get_type
pango_renderer_get_type
pango_renderer_get_color
pango_glyph_item_iter_next_cluster
pango_glyph_item_iter_init_start
pango_renderer_get_layout
pango_renderer_deactivate
pango_renderer_draw_glyphs
pango_renderer_set_color
pango_renderer_activate
pango_renderer_draw_glyph_item
pango_renderer_draw_layout_line
pango_renderer_draw_layout
pango_quantize_line_geometry
pango_font_description_get_size_is_absolute
pango_layout_new

cairo

cairo_matrix_scale
cairo_win32_scaled_font_get_metrics_factor
cairo_win32_scaled_font_select_font
cairo_win32_scaled_font_done_font
cairo_win32_font_face_create_for_logfontw
cairo_has_current_point
cairo_get_current_point
cairo_surface_has_show_text_glyphs
cairo_new_path
cairo_user_to_device_distance
cairo_identity_matrix
cairo_translate
cairo_fill
cairo_rectangle
cairo_new_sub_path
cairo_line_to
cairo_close_path
cairo_rel_line_to
cairo_set_line_cap
cairo_set_line_width
cairo_set_line_join
cairo_set_miter_limit
cairo_stroke
cairo_move_to
cairo_text_path
cairo_show_text
cairo_set_source_rgb
cairo_save
cairo_glyph_path
cairo_show_text_glyphs
cairo_show_glyphs
cairo_restore
cairo_scaled_font_glyph_extents
cairo_scaled_font_destroy
cairo_matrix_init_rotate
cairo_matrix_multiply
cairo_matrix_init
cairo_matrix_init_identity
cairo_matrix_transform_distance
cairo_scaled_font_text_extents
cairo_scaled_font_extents
cairo_scaled_font_get_font_options
cairo_scaled_font_get_ctm
cairo_set_scaled_font
cairo_scaled_font_create
cairo_font_face_destroy
cairo_scaled_font_status
cairo_font_face_status
cairo_status_to_string
cairo_font_options_get_hint_metrics
cairo_get_matrix
cairo_font_options_destroy
cairo_font_options_equal
cairo_surface_get_font_options
cairo_font_options_create
cairo_get_target
cairo_font_options_copy
cairo_font_options_merge

pangowin32lo

_pango_win32_font_map_get_type
_pango_win32_fontmap_cache_remove
_pango_win32_make_matching_logfontw
_pango_win32_font_get_type
pango_win32_get_dc

gdi32

GetDeviceCaps

msvcr90

_lock
__dllonexit
_unlock
_onexit
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
atan2
tan
cos
sqrt
ceil
memcmp
_except_handler4_common
__clean_type_info_names_internal

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
SetUnhandledExceptionFilter

Exports

Exports

pango_cairo_context_get_font_options
pango_cairo_context_get_resolution
pango_cairo_context_get_shape_renderer
pango_cairo_context_set_font_options
pango_cairo_context_set_resolution
pango_cairo_context_set_shape_renderer
pango_cairo_create_context
pango_cairo_create_layout
pango_cairo_error_underline_path
pango_cairo_font_get_scaled_font
pango_cairo_font_get_type
pango_cairo_font_map_create_context
pango_cairo_font_map_get_default
pango_cairo_font_map_get_font_type
pango_cairo_font_map_get_resolution
pango_cairo_font_map_get_type
pango_cairo_font_map_new
pango_cairo_font_map_new_for_font_type
pango_cairo_font_map_set_default
pango_cairo_font_map_set_resolution
pango_cairo_glyph_string_path
pango_cairo_layout_line_path
pango_cairo_layout_path
pango_cairo_renderer_get_type
pango_cairo_show_error_underline
pango_cairo_show_glyph_item
pango_cairo_show_glyph_string
pango_cairo_show_layout
pango_cairo_show_layout_line
pango_cairo_update_context
pango_cairo_update_layout

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9dc0bd9d1743709ef08b4c591bfcb1aa

Headers

File Characteristics

PDB Paths

Imports

gliblo

gobjectlo

pangolo

cairo

pangowin32lo

gdi32

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 2KB - Virtual size: 1KB