3c40b2bb100764428accf27f078ac48e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c40b2bb100764428accf27f078ac48e_JaffaCakes118
Size

64KB
MD5

3c40b2bb100764428accf27f078ac48e
SHA1

e3028ae3dc2b6ee9d95b6f9b92f79eabeb850412
SHA256

a5f69bdec17be08724f8fd64afd9ca8bbabbb8a0785f267f3955427cc2a80d13
SHA512

e608adffa88e6ebcb8079128a23205ad01bd746afe34a746c4e16821f07b72b41b81f81c22a74fffa972f2e24e2c0cfde3d090eeaad18e6d2f5520dd16923ef9
SSDEEP

768:AwM9IejgZrpFcFZV7rz5RluL7sBoqKXszOQVBKNivNy9A3EcWxa3:ligZMD5ROsKNszp7Mivo2ERxq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c40b2bb100764428accf27f078ac48e_JaffaCakes118

Files

3c40b2bb100764428accf27f078ac48e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f98efe6d9cf2e07883bf9a18b648385c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

basedir

?GetIntCadlink@@YGHPBD0H@Z
?UdateUnits@@YGXH@Z
?GetUnits@@YGHXZ
?GetDoubleCadlink@@YGNPBD0N@Z
?GetStringCadlink@@YGHPBD0PADH@Z
?WriteIntCadlink@@YGXPBD0H@Z
?WriteDoubleCadlink@@YGXPBD0NH@Z
?WriteStringCadlink@@YGXPBD00@Z

xlate

_TMessageBox@16
_TranslateDialog@4

signlab71.exe

?SetSubStrate@CSheetLayer@@QAEXPBVCSLSubStrate@@@Z
?SetSHType@CSheetLayer@@QAEXW4SHEET_LAYER_TYPE@1@@Z
?SetName@CSheetLayer@@QAEXVCString@@@Z
?SetSheetLayerNumber@CSheetLayer@@QAEXH@Z
?GetNextEmptyLayer@@YGHXZ
?GetNextSheetLayer@@YGHAAVCSheetLayer@@@Z
?GetSheetLayerNumber@CSheetLayer@@QBEHXZ
?GetName@CSheetLayer@@QBE?AVCString@@XZ
?GetFirstSheetLayer@@YGHAAVCSheetLayer@@@Z
?GetNumOfSheets@@YGHXZ
??0CSheetLayer@@QAE@XZ
_ProfileLabMode@0
?GetColorName@@YGHAAVCSLColor@@PADH@Z
?AddSheetToPalette@@YGHAAVCSheetLayer@@@Z
?GetPaletteColor@@YGHHPAVCSLColor@@@Z
?Get_Palette_Size@@YGHXZ
_ToolPathMode@0
??1CSLColor@@UAE@XZ
??0CSLColor@@QAE@XZ
_HourGlass@4
?SetSheetLayerActive@@YGXHH@Z
_SetToIdentityMatrix@4
_mul_tm@8
??1CSheetLayer@@UAE@XZ
??0CSLFullColor@@QAE@XZ
?FindPaletteColor@@YGHPADAAVCSLFullColor@@@Z
??1CSLFullColor@@UAE@XZ
??0CSLFullColor@@QAE@KW4COLORSPACE@CSLColor@@W4CORRECTION_MODE@2@W4REFLECTIVITY@2@@Z
?SetColorName@CSLFullColor@@QAEXPAD@Z
?GetRGBcolor@CSLColor@@QBEKXZ
?Draw@CSLColor@@UAEXPAUHDC__@@PBUtagRECT@@HH@Z
?GetToolTipText@CSLFullColor@@UAEHPADH@Z
?Edit@CSLFullColor@@UAEHXZ
?GetUIButtonSize@CSLAttribute@@UAEHIK@Z
?ApplyToLayer@CSLColor@@UAEXI@Z
?ApplyToLayer@CSLColor@@UAEXXZ
?ApplyToOutline@CSLColor@@UAEXI@Z
?ApplyToOutline@CSLColor@@UAEXXZ
?ApplyToSignblank@CSLColor@@UAEXXZ
?ApplyToNubSet@CSLColor@@UAEXHH@Z
?SelectObjectsByLayer@CSLColor@@UAEXXZ
?SelectObjectsByOutline@CSLColor@@UAEXXZ
?InclusiveSelectObjectsByLayer@CSLColor@@UAEXXZ
?InclusiveSelectObjectsByOutline@CSLColor@@UAEXXZ
?Invalidate@CSLColor@@UAEXK@Z
?ApplyNewAttribute@CSLColor@@UAEHPAVCSLAttribute@@K@Z
?IsCompatible@CSLColor@@UAEHPAVCSLAttribute@@@Z
?CanApplyToLayer@CSLAttribute@@UAEHK@Z
?CanApplyToLayer@CSLAttribute@@UAEHI@Z
?CanApplyToOutline@CSLAttribute@@UAEHK@Z
?CanApplyToOutline@CSLAttribute@@UAEHI@Z
?Save@CSLFullColor@@UBEHPAVCStream@@@Z
?Load@CSLFullColor@@UAEHPAVCStream@@H@Z
?GetListName@CSLAttribute@@UAEHPADH@Z
?GetNumberListColumns@CSLAttribute@@UAEHXZ
?GetTitleName@CSLAttribute@@UAEHHPADH@Z
?GetColumnData@CSLAttribute@@UAEHHPADH@Z
?SetAsCurrent@CSLColor@@UAEXXZ
?PutPostscript@CSLFullColor@@UBEX_NPAVCStream@@@Z
?SetDefaults@CSLFullColor@@UAEXXZ
?get_hash@CSLFullColor@@UBEABVcolour_hash@@XZ
?hash_less_than@CSLColor@@UBE_NABV1@@Z
?hash_equal_to@CSLColor@@UBE_NABV1@@Z
SafeFree
SafeRealloc
_translate_point@12
SafeMalloc
?IsColorNamedColor@@YGHAAVCSLColor@@@Z

cut

_ScrollFloat@40

mfc42

ord800
ord537
ord825
ord823

msvcrt

__dllonexit
ceil
_onexit
strncpy
strchr
atof
atoi
strncmp
__CxxFrameHandler
isdigit
_stricmp
_ftol
sprintf
??1type_info@@UAE@XZ
_initterm
malloc
_adjust_fdiv
??9type_info@@QBEHABV0@@Z
free
_itoa

kernel32

_lclose
lstrcpyA
_lread
LoadLibraryA
GetProcAddress
VirtualQuery
FreeLibrary
SearchPathA
_lopen
_llseek
_lwrite

user32

CheckDlgButton
EnableWindow
EndDialog
GetDlgItemTextA
IsDlgButtonChecked
SendMessageA
GetDlgItem
CheckRadioButton
GetWindowLongA
MessageBoxA
RegisterWindowMessageA
SetDlgItemTextA

msvcp60

??1Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Exports

Exports

?GetFontManager@@YGAAV?$DynamicLink@VFontManagerSupport@@VFontManagerSupportDefault@@@@XZ
?MPRDlgProc@@YGHPAUHWND__@@IIJ@Z
CheckFile
CloseFile
GetFileHandle
GetImportCommand
SendInfo
_FloatErrorMsg@8
_UsingFontManager@0

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f98efe6d9cf2e07883bf9a18b648385c

Headers

File Characteristics

Imports

basedir

xlate

signlab71.exe

cut

mfc42

msvcrt

kernel32

user32

msvcp60

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 5KB