G:\CXR19\BSF\intel_a\code\bin\CATManufacturingNCRUIDbg.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3dfe848109b58262f7327a8f8ffc5a9e_JaffaCakes118.dll
Resource
win7-20240705-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
3dfe848109b58262f7327a8f8ffc5a9e_JaffaCakes118.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
3dfe848109b58262f7327a8f8ffc5a9e_JaffaCakes118
-
Size
33KB
-
MD5
3dfe848109b58262f7327a8f8ffc5a9e
-
SHA1
617046bb5bfccc94cb939aec2361064c1029d01b
-
SHA256
bf655f68590033a4b26aa99511720c1598a7090be60e2eb4d6b7dcb63e5045d2
-
SHA512
948265922a38f5a3d7e9c3b716ffc1ed321d36f89fda5622d90c98d96acabbed751a9643e92882de03d559ab63287728bee58dbe3ae4de86d3ed0cf2be4c05d3
-
SSDEEP
768:9GqoeKqj36+T7tp8sd7wcuvO4yAKGpz1:YtD435bCcuve4z1
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3dfe848109b58262f7327a8f8ffc5a9e_JaffaCakes118
Files
-
3dfe848109b58262f7327a8f8ffc5a9e_JaffaCakes118.dll windows:4 windows x86 arch:x86
c4eb5cc404acdfa91ac7f4fa0c955aff
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
catapplicationframe
?SetBusyCursor@CATApplicationFrame@@SAXXZ
?GetFrame@CATApplicationFrame@@SAPAV1@XZ
??0CATFrmFile@@QAE@PAVCATDialog@@ABVCATString@@K@Z
?GetMetaObject@CATFrmFile@@UBGPAVCATMetaClass@@XZ
?IsA@CATFrmFile@@UBEPBDXZ
?IsAKindOf@CATFrmFile@@UBEHPBD@Z
??1CATFrmFile@@UAE@XZ
?GetElement@CATCSO@@QAEPAVCATBaseUnknown@@H@Z
di0panv2
?GetWindCloseNotification@CATDlgWindow@@QBEPAVCATNotification@@XZ
?RequestDelayedDestruction@CATDialog@@UAEXXZ
?GetReadOnlyState@CATDlgFile@@QAEHXZ
?GetName@CATDialog@@UAEAAVCATString@@XZ
?Activate@CATDialog@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?GetDiaCANCELNotification@CATDlgFile@@QBEPAVCATNotification@@XZ
?Cancel@CATDialog@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?SaveState@CATDialog@@UAEHPAVCATNotification@@AAVCATMarshal@@@Z
?GetDiaOKNotification@CATDlgFile@@QBEPAVCATNotification@@XZ
?SetFilterPattern@CATDlgFile@@QAEXABVCATUnicodeString@@@Z
?SetFilterStrings@CATDlgFile@@QAEXPAVCATUnicodeString@@PAVCATString@@H@Z
?SetVisibility@CATDialog@@QAEXK@Z
?RestoreState@CATDialog@@UAEHPAVCATNotification@@AAVCATMarshal@@@Z
?GetLetterObject@CATDlgFile@@UAEPAVl_CATDialog@@XZ
?ResetLetterObject@CATDlgFile@@UAEXXZ
?Desactivate@CATDialog@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?SetTitle@CATDialog@@QAEXABVCATUnicodeString@@@Z
?GetResourceFilename@CATDialog@@UBEPADH@Z
?GetSelection@CATDlgFile@@QAEXAAVCATUnicodeString@@@Z
catdialogengine
?AddCSOClient@CATStateCommand@@QAEXPAVCATCommand@@@Z
?IsOutputSetCondition@CATStateCommand@@QAEPAVCATStateCondition@@PAVCATCommand@@@Z
??1CATStateCommand@@UAE@XZ
??1CATPathElementAgent@@UAE@XZ
?DecodePath@CATPathElementAgent@@MAEPAVCATPathElement@@PAV2@AAVCATString@@PAH@Z
?DecodeSO@CATPathElementAgent@@MAEPAVCATSO@@PAV2@@Z
?ProcessPath@CATPathElementAgent@@UAEPAVCATPathElement@@PAV2@H@Z
?CheckPath@CATPathElementAgent@@UAEPAVCATPathElement@@PAV2@H@Z
?PrecheckPath@CATPathElementAgent@@UAEPAVCATPathElement@@PAV2@@Z
?SetMessage@CATPathElementAgent@@UAEXVCATUnicodeString@@PBVCATPathElement@@@Z
?GetModifier@CATPathElementAgent@@UAEHXZ
?GetValueType@CATPathElementAgent@@UAEPBDXZ
?GetElementValue@CATPathElementAgent@@UAEPAVCATBaseUnknown@@XZ
?SetListOfValues@CATPathElementAgent@@UAEXPAVCATSO@@@Z
?GetListOfValues@CATPathElementAgent@@UAEPAVCATSO@@XZ
?SetValue@CATPathElementAgent@@UAEXPAVCATPathElement@@@Z
?GetValue@CATPathElementAgent@@UAEPAVCATPathElement@@XZ
?SetBehaviorMode@CATAcquisitionAgent@@UAEXW4BehaviorMode@1@@Z
?RemoveFromHSO@CATPathElementAgent@@UAEXXZ
?GetMetaObject@CATStateCommand@@UBGPAVCATMetaClass@@XZ
?IsA@CATStateCommand@@UBEPBDXZ
?IsAKindOf@CATStateCommand@@UBEHPBD@Z
?RequestDelayedDestruction@CATStateCommand@@UAEXXZ
?SetPrompt@CATDialogAgent@@UAEXVCATString@@@Z
?GetPrompt@CATDialogAgent@@UAE?AVCATString@@XZ
?EndCommand@CATDialogAgent@@UAEXXZ
?Reset@CATDialogAgent@@UAEXXZ
?UndoCommand@CATDialogAgent@@UAEXXZ
?GetGlobalUndo@CATStateCommand@@UAEPAVCATCommandGlobalUndo@@XZ
?InitializeAcquisition@CATDialogAgent@@UAEXXZ
?IsOutputSet@CATDialogAgent@@UAEEXZ
?IsActivated@CATDialogAgent@@UAEEXZ
?SetBehavior@CATDialogAgent@@UAEX_K@Z
?GetBehavior@CATDialogAgent@@UAE_KXZ
?AddPanelForNLS@CATDialogAgent@@UAEXPAVCATDialog@@@Z
?RemoveLastPrevaluation@CATDialogAgent@@UAEXXZ
?ResetPrevaluation@CATDialogAgent@@UAEXXZ
?GetResourceFilename@CATDialogAgent@@UBEPADH@Z
?GetResourceClass@CATDialogAgent@@UBEPADH@Z
?IsOtherResourceFile@CATDialogAgent@@UBEHH@Z
?SetUndoTitle@CATDialogAgent@@UAEXABVCATUnicodeString@@@Z
?SetRedoTitle@CATDialogAgent@@UAEXABVCATUnicodeString@@@Z
?GetUndoTitle@CATDialogAgent@@UAEAAVCATUnicodeString@@XZ
?GetRedoTitle@CATDialogAgent@@UAEAAVCATUnicodeString@@XZ
?RedoCommand@CATDialogAgent@@UAEXXZ
?BeforeUndo@CATDialogAgent@@UAEXXZ
?BeforeRedo@CATDialogAgent@@UAEXXZ
?AfterUndo@CATDialogAgent@@UAEXXZ
?AfterRedo@CATDialogAgent@@UAEXXZ
?RemoveAcquisition@CATDialogAgent@@UAEXXZ
?BuildParallel@CATStateCommand@@UAEXXZ
?CreateGraph@CATStateCommand@@UAEJXZ
?GetInitialState@CATStateCommand@@UAEPAVCATDialogState@@XZ
?GetInitialState@CATStateCommand@@UAEPAVCATDialogState@@ABVCATString@@@Z
?GetCancelState@CATStateCommand@@UAEPAVCATDialogState@@XZ
?AddDialogState@CATStateCommand@@UAEXPAVCATDialogState@@@Z
?AddDialogState@CATStateCommand@@UAEPAVCATDialogState@@ABVCATString@@@Z
?SetInitialState@CATStateCommand@@UAEXPAVCATDialogState@@@Z
?RemoveState@CATStateCommand@@UAEHPAVCATDialogState@@@Z
?InitStateList@CATStateCommand@@UAEXXZ
?GetNextState@CATStateCommand@@UAEPAVCATDialogState@@XZ
?AddTransition@CATStateCommand@@UAEXPAVCATDialogTransition@@@Z
?AddTransition@CATStateCommand@@UAEPAVCATDialogTransition@@PAVCATDialogState@@0PAVCATDiaAction@@@Z
?AddTransition@CATStateCommand@@UAEPAVCATDialogTransition@@PAVCATDialogState@@0PAVCATStateCondition@@@Z
?AddTransition@CATStateCommand@@UAEPAVCATDialogTransition@@PAVCATDialogState@@0PAVCATStateCondition@@PAVCATDiaAction@@@Z
?AddTransition@CATStateCommand@@UAEPAVCATDialogTransition@@PAVCATDialogState@@0@Z
?InitTransitionList@CATStateCommand@@UAEXXZ
?GetNextTransition@CATStateCommand@@UAEPAVCATDialogTransition@@XZ
?RemoveTransition@CATStateCommand@@UAEHPAVCATDialogTransition@@@Z
?GetCurrentState@CATStateCommand@@UBEPAVCATDialogState@@XZ
?GetLastModifiedAgent@CATStateCommand@@UBEPAVCATCommand@@XZ
?IsLastModifiedAgent@CATStateCommand@@UBEEPAVCATCommand@@@Z
?GetLastNotification@CATStateCommand@@UBEPAVCATNotification@@XZ
?GetLastModificationMode@CATStateCommand@@UBE?AW4ValuationMode@CATDialogAgent@@XZ
?IsRedoMode@CATStateCommand@@UBEHXZ
?Rescue@CATStateCommand@@UAEXXZ
?OrCondition@CATStateCommand@@QAEPAVCATStateCondition@@PAV2@0@Z
?IsLastModifiedAgentCondition@CATStateCommand@@QAEPAVCATStateCondition@@PAVCATCommand@@PAVCATNotification@@@Z
?Action@CATStateCommand@@QAEPAVCATDiaAction@@P8CATCommand@@AEEPAX@Z110@Z
?AcceptOnNotify@CATDialogAgent@@QAEXPAVCATCommand@@PAVCATNotification@@@Z
??0CATPanelAcquisition@@QAE@ABVCATString@@PAVCATDialog@@@Z
?GetMetaObject@CATPanelAcquisition@@UBGPAVCATMetaClass@@XZ
?IsA@CATPanelAcquisition@@UBEPBDXZ
?IsAKindOf@CATPanelAcquisition@@UBEHPBD@Z
?RequestDelayedDestruction@CATDialogAgent@@UAEXXZ
?Activate@CATPanelAcquisition@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?Desactivate@CATPanelAcquisition@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?Cancel@CATPanelAcquisition@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?AnalyseNotification@CATPanelAcquisition@@UAE?AW4CATNotifPropagationMode@@PAVCATCommand@@PAVCATNotification@@@Z
??1CATPanelAcquisition@@UAE@XZ
?SetElementType@CATPathElementAgent@@QAEXPBD@Z
??0CATPathElementAgent@@QAE@ABVCATString@@PBD_K@Z
??0CATStateCommand@@QAE@ABVCATString@@_KW4CATCommandMode@@@Z
?GetMetaObject@CATPathElementAgent@@UBGPAVCATMetaClass@@XZ
?IsA@CATPathElementAgent@@UBEPBDXZ
?IsAKindOf@CATPathElementAgent@@UBEHPBD@Z
?Activate@CATPathElementAgent@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?Desactivate@CATPathElementAgent@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?Cancel@CATPathElementAgent@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?ResetPrevaluation@CATAcquisitionAgent@@UAEXXZ
?GetValuationState@CATAcquisitionAgent@@UBE?AW4ValuationState@1@XZ
?SetValuation@CATAcquisitionAgent@@UAEXXZ
?SetBehaviorOnNotify@CATAcquisitionAgent@@UAEXW4ValuationMode@CATDialogAgent@@PBD@Z
?ResetBehaviorOnNotify@CATAcquisitionAgent@@UAEXW4ValuationMode@CATDialogAgent@@PBD@Z
?SetValuationState@CATAcquisitionAgent@@UAEXW4ValuationState@1@@Z
?SetPrevaluation@CATAcquisitionAgent@@UAEXXZ
?UndoValue@CATPathElementAgent@@UAEPAXXZ
?RedoValue@CATPathElementAgent@@UAEPAXXZ
?ResetValue@CATPathElementAgent@@UAEXXZ
?DecodeNotification@CATPathElementAgent@@UAEPAXPAVCATCommand@@PAVCATNotification@@@Z
?InitializeValue@CATPathElementAgent@@UAEXXZ
?StoreValue@CATPathElementAgent@@UAEXXZ
?PutIntoPSO@CATPathElementAgent@@UAEXXZ
?UpdatePSO@CATPathElementAgent@@UAEEXZ
?RemoveFromPSO@CATPathElementAgent@@UAEXXZ
?PutIntoHSO@CATPathElementAgent@@UAEXXZ
js0fm
?Desactivate@CATCommand@@UAE?AW4CATStatusChangeRC@@PAV1@PAVCATNotification@@@Z
?Cancel@CATCommand@@UAE?AW4CATStatusChangeRC@@PAV1@PAVCATNotification@@@Z
?LogicalDeath@CATCommand@@UAEJXZ
?GetName@CATCommand@@UAEAAVCATString@@XZ
?SetName@CATCommand@@UAEXAAVCATString@@@Z
?AnalyseNotification@CATCommand@@UAE?AW4CATNotifPropagationMode@@PAV1@PAVCATNotification@@@Z
?SendCommandSpecificObject@CATCommand@@UAEPAXPBDPAVCATNotification@@@Z
?GetStatusPrompt@CATCommand@@UAEHXZ
?BeginCommand@CATCommand@@UAEXXZ
?SaveState@CATCommand@@UAEHPAVCATNotification@@AAVCATMarshal@@@Z
?RestoreState@CATCommand@@UAEHPAVCATNotification@@AAVCATMarshal@@@Z
?SetPrompt@CATCommand@@UAEXVCATString@@@Z
?GetPrompt@CATCommand@@UAE?AVCATString@@XZ
?EndCommand@CATCommand@@UAEXXZ
?Reset@CATCommand@@UAEXXZ
?UndoCommand@CATCommand@@UAEXXZ
?GetGlobalUndo@CATCommand@@UAEPAVCATCommandGlobalUndo@@XZ
?Activate@CATCommand@@UAE?AW4CATStatusChangeRC@@PAV1@PAVCATNotification@@@Z
?GetCallbackManager@CATCommand@@UAEPAVCATCallbackManager@@XZ
js0group
?AddSubscription@CATEventSubscriber@@UAEJPAVCATBaseUnknown@@PBDP82@AEX1PAXPAVCATNotification@@2J@ZABU_GUID@@2@Z
?AddSubscription@CATEventSubscriber@@UAEJPAVCATBaseUnknown@@PBDP82@AEX1PAXPAVCATNotification@@2J@ZPAD2@Z
?RemoveSubscriptionsOn@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@PBDABU_GUID@@PAX@Z
?RemoveSubscriptionsOn@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@PBDPADPAX@Z
?RemoveInterfaceSubscriptions@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@ABU_GUID@@@Z
?RemoveInterfaceSubscriptions@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@PAD@Z
?Self@CATError@@QAEPAV1@XZ
?ClassName@CATError@@SGPBDXZ
?GetError@CATXHContext@@QAEPAVCATError@@XZ
??1CATXHContext@@QAE@XZ
??HCATUnicodeString@@QBE?AV0@PBD@Z
??H@YA?AVCATUnicodeString@@PBDABV0@@Z
?BuildFromNum@CATUnicodeString@@QAEHHPBD@Z
??4CATUnicodeString@@QAEAAV0@ABV0@@Z
??1CATUnicodeString@@QAE@XZ
CATFileAccess
?RemoveSubscriberCallbacks@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@@Z
CATMakePath
?ConvertToChar@CATUnicodeString@@QBEPBDXZ
??0CATUnicodeString@@QAE@QBD@Z
CATGetTempDirectory
?GetJmpbuf@CATXHContext@@QAEPAY0BA@HXZ
??0CATXHContext@@QAE@XZ
??2CATBaseUnknown@@SAPAXI@Z
??3CATBaseUnknown@@SAXPAX@Z
??4CATString@@QAEAAV0@PBD@Z
??4CATUnicodeString@@QAEAAV0@PBD@Z
??0CATString@@QAE@XZ
??0CATUnicodeString@@QAE@XZ
??1CATString@@QAE@XZ
?BuildMessage@CATMsgCatalog@@SA?BVCATUnicodeString@@ABVCATString@@0PAV2@HABV2@@Z
??0CATString@@QAE@QBD@Z
??0CATFillDictionary@@QAE@PBDPAX@Z
??1CATBaseUnknown_var@@QAE@XZ
??0CATBaseUnknown_var@@QAE@PAVCATBaseUnknown@@@Z
?RemoveCallback@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@J@Z
?AddCallback@CATEventSubscriber@@UAEJPAVCATBaseUnknown@@PBDP82@AEX1PAXPAVCATNotification@@2J@Z2@Z
?ChangeComponentState@CATBaseUnknown@@UAEJW4ComponentState@1@0PBVCATSysChangeComponentStateContext@@@Z
?IsEqual@CATBaseUnknown@@UBEHPBV1@@Z
?IsNull@CATBaseUnknown@@UBEHXZ
?SetImpl@CATBaseUnknown@@UAGPAV1@PAV1@@Z
?GetImpl@CATBaseUnknown@@UBGPAV1@H@Z
?QueryInterface@CATBaseUnknown@@UBEPAV1@PBD@Z
?Invoke@CATBaseUnknown@@UAGJJABU_GUID@@KGPAUtagDISPPARAMS@@PAUtagVARIANT@@PAUtagEXCEPINFO@@PAI@Z
?GetIDsOfNames@CATBaseUnknown@@UAGJABU_GUID@@PAPAGIKPAJ@Z
?GetTypeInfo@CATBaseUnknown@@UAGJIKPAPAUITypeInfo@@@Z
?GetTypeInfoCount@CATBaseUnknown@@UAGJPAI@Z
?Release@CATBaseUnknown@@UAGKXZ
?AddRef@CATBaseUnknown@@UAGKXZ
?QueryInterface@CATBaseUnknown@@UAGJABU_GUID@@PAPAX@Z
??BCATUnicodeString@@QBEPBDXZ
?RemoveCallbacksOn@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@PBDPAX@Z
catmanufacturinginterfaces
?ClassName@CATIMfgActivity@@SGPBDXZ
catmanufacturingutilities
?DisplayErrOnly@CATMfgErrorUtilities@@SAXPAVCATError@@@Z
catmanufacturing1
?GetCurrentCSO@CATMfgVisuUtilities@@SAPAVCATCSO@@XZ
?GetMainWindow@CATMfgUtilities@@SAPAVCATDlgWindow@@XZ
catmanufacturingncrdbg
?DumpClfile@CATMfgClfileDump@@SAHABVCATUnicodeString@@0@Z
?DumpToolPath@CATMfgToolPathDump@@SAHABVCATBaseUnknown_var@@ABVCATUnicodeString@@@Z
?DumpV4Model@CATMfgV4ModelDump@@SAHABVCATUnicodeString@@0@Z
catmanufacturingbasecmd
?GetFactoryContainer@CATMfgCom@@UAE?AVCATIContainer_var@@XZ
??0CATMfgCom@@QAE@PAVCATString@@_KW4CATCommandMode@@@Z
?Activate@CATMfgCom@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?Desactivate@CATMfgCom@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
??1CATMfgCom@@UAE@XZ
msvcr80
_unlock
__dllonexit
__clean_type_info_names_internal
_onexit
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
_setjmp3
_lock
kernel32
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent
Exports
Exports
DASSAULT_SYSTEMES_CAA2_INTERNAL_CATManufacturingNCRUIDbg
fctCreateCATMfgNCReviewDumpClfile
fctCreateCATMfgNCReviewDumpTPS
fctCreateCATMfgNCReviewDumpV4Model
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 868B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ