e7ff756a245f675a3d6fa2796a11edb2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e7ff756a245f675a3d6fa2796a11edb2_JaffaCakes118
Size

40KB
MD5

e7ff756a245f675a3d6fa2796a11edb2
SHA1

a78e1a8c256e61ae37dd75cd3afc4261d09b107d
SHA256

be838461dc7fa9db3aee30ab32c087f5a442f5ddd98c736a2b9289405501aac8
SHA512

a240345318657f3f30208caa97988b127e724f396c0aed30cebdf2e737d2782000a1127db1c12a65ba47e06b1c6ffdefc050000b635bcb404db0b3cac12aaeb6
SSDEEP

768:6LX5P2xr+qaC1hI1N08S6Y+fm18FOydVcf:6LciihI1NroaFO8Vm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7ff756a245f675a3d6fa2796a11edb2_JaffaCakes118

Files

e7ff756a245f675a3d6fa2796a11edb2_JaffaCakes118
.dll windows:6 windows x64 arch:x64

7c63c3777eb17da0efe8d9947bc078d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\Users\qt\work\qt\qt3d\plugins\geometryloaders\gltfgeometryloader.pdb

Imports

qt53drender

?qt_metacall@QGeometry@Qt3DRender@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QAttribute@Qt3DRender@@UEAAPEAXPEBD@Z
?qt_metacall@QAttribute@Qt3DRender@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QGeometry@Qt3DRender@@UEAAPEAXPEBD@Z
?sceneChangeEvent@QBuffer@Qt3DRender@@MEAAXAEBV?$QSharedPointer@VQSceneChange@Qt3DCore@@@@@Z
?metaObject@QBuffer@Qt3DRender@@UEBAPEBUQMetaObject@@XZ
?qt_metacall@QBuffer@Qt3DRender@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?metaObject@QGeometry@Qt3DRender@@UEBAPEBUQMetaObject@@XZ
?metaObject@QAttribute@Qt3DRender@@UEBAPEBUQMetaObject@@XZ
?createNodeCreationChange@QGeometry@Qt3DRender@@EEBA?AV?$QSharedPointer@VQNodeCreatedChangeBase@Qt3DCore@@@@XZ
?createNodeCreationChange@QBuffer@Qt3DRender@@EEBA?AV?$QSharedPointer@VQNodeCreatedChangeBase@Qt3DCore@@@@XZ
?createNodeCreationChange@QAttribute@Qt3DRender@@EEBA?AV?$QSharedPointer@VQNodeCreatedChangeBase@Qt3DCore@@@@XZ
?addAttribute@QGeometry@Qt3DRender@@QEAAXPEAVQAttribute@2@@Z
??1QGeometry@Qt3DRender@@UEAA@XZ
??0QGeometry@Qt3DRender@@QEAA@PEAVQNode@Qt3DCore@@@Z
?setData@QBuffer@Qt3DRender@@QEAAXAEBVQByteArray@@@Z
??1QBuffer@Qt3DRender@@UEAA@XZ
??0QBuffer@Qt3DRender@@QEAA@W4BufferType@01@PEAVQNode@Qt3DCore@@@Z
?setAttributeType@QAttribute@Qt3DRender@@QEAAXW4AttributeType@12@@Z
?defaultTangentAttributeName@QAttribute@Qt3DRender@@SA?AVQString@@XZ
?defaultTextureCoordinateAttributeName@QAttribute@Qt3DRender@@SA?AVQString@@XZ
?defaultColorAttributeName@QAttribute@Qt3DRender@@SA?AVQString@@XZ
?defaultNormalAttributeName@QAttribute@Qt3DRender@@SA?AVQString@@XZ
?defaultPositionAttributeName@QAttribute@Qt3DRender@@SA?AVQString@@XZ
??1QAttribute@Qt3DRender@@UEAA@XZ
??0QAttribute@Qt3DRender@@QEAA@PEAVQBuffer@1@AEBVQString@@W4VertexBaseType@01@IIIIPEAVQNode@Qt3DCore@@@Z
??0QAttribute@Qt3DRender@@QEAA@PEAVQBuffer@1@W4VertexBaseType@01@IIIIPEAVQNode@Qt3DCore@@@Z
??1QGeometryLoaderFactory@Qt3DRender@@UEAA@XZ
??0QGeometryLoaderFactory@Qt3DRender@@QEAA@PEAVQObject@@@Z
?qt_metacall@QGeometryLoaderFactory@Qt3DRender@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QGeometryLoaderFactory@Qt3DRender@@UEAAPEAXPEBD@Z
?qt_metacast@QBuffer@Qt3DRender@@UEAAPEAXPEBD@Z
?staticMetaObject@QGeometryLoaderFactory@Qt3DRender@@2UQMetaObject@@B

qt53dcore

?sceneChangeEvent@QNode@Qt3DCore@@MEAAXAEBV?$QSharedPointer@VQSceneChange@Qt3DCore@@@@@Z

qt5core

??4QString@@QEAAAEAV0@$$QEAV0@@Z
?startsWith@QString@@QEBA_NVQLatin1String@@W4CaseSensitivity@Qt@@@Z
?utf16@QString@@QEBAPEBGXZ
?compare@QString@@QEBAHAEBV1@W4CaseSensitivity@Qt@@@Z
??8@YA_NAEBVQString@@0@Z
??8QString@@QEBA_NVQLatin1String@@@Z
?toUpper_helper@QString@@CA?AV1@AEBV1@@Z
??1QJsonValue@@QEAA@XZ
?type@QJsonValue@@QEBA?AW4Type@1@XZ
?toInt@QJsonValue@@QEBAHH@Z
?toString@QJsonValue@@QEBA?AVQString@@XZ
?toArray@QJsonValue@@QEBA?AVQJsonArray@@XZ
??4QString@@QEAAAEAV0@AEBV0@@Z
??0QJsonDocument@@QEAA@XZ
??1QJsonDocument@@QEAA@XZ
??4QJsonDocument@@QEAAAEAV0@AEBV0@@Z
?fromBinaryData@QJsonDocument@@SA?AV1@AEBVQByteArray@@W4DataValidation@1@@Z
?fromJson@QJsonDocument@@SA?AV1@AEBVQByteArray@@PEAUQJsonParseError@@@Z
?isObject@QJsonDocument@@QEBA_NXZ
?object@QJsonDocument@@QEBA?AVQJsonObject@@XZ
?isNull@QJsonDocument@@QEBA_NXZ
?cast@QMetaObject@@QEBAPEAVQObject@@PEAV2@@Z
?qHash@@YAIAEBVQString@@I@Z
??0QObject@@QEAA@PEAV0@@Z
??1QObject@@UEAA@XZ
?allocateNode@QHashData@@QEAAPEAXH@Z
?detach_helper@QHashData@@QEAAPEAU1@P6AXPEAUNode@1@PEAX@ZP6AX0@ZHH@Z
?rehash@QHashData@@QEAAXH@Z
?free_helper@QHashData@@QEAAXP6AXPEAUNode@1@@Z@Z
?nextNode@QHashData@@SAPEAUNode@1@PEAU21@@Z
?readAll@QIODevice@@QEAA?AVQByteArray@@XZ
??0QFile@@QEAA@AEBVQString@@@Z
??1QFile@@UEAA@XZ
?open@QFile@@UEAA_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QFileInfo@@QEAA@AEBVQString@@@Z
??1QFileInfo@@QEAA@XZ
?dir@QFileInfo@@QEBA?AVQDir@@XZ
??0QDir@@QEAA@AEBVQString@@@Z
??1QDir@@QEAA@XZ
?absolutePath@QDir@@QEBA?AVQString@@XZ
?absoluteFilePath@QDir@@QEBA?AVQString@@AEBV2@@Z
??1QJsonArray@@QEAA@XZ
?at@QJsonArray@@QEBA?AVQJsonValue@@H@Z
?begin@QJsonArray@@QEBA?AVconst_iterator@1@XZ
?end@QJsonArray@@QEBA?AVconst_iterator@1@XZ
??1QJsonObject@@QEAA@XZ
?value@QJsonObject@@QEBA?AVQJsonValue@@VQLatin1String@@@Z
?begin@QJsonObject@@QEBA?AVconst_iterator@1@XZ
?end@QJsonObject@@QEBA?AVconst_iterator@1@XZ
?keyAt@QJsonObject@@AEBA?AVQString@@H@Z
?valueAt@QJsonObject@@AEBA?AVQJsonValue@@H@Z
??0QLoggingCategory@@QEAA@PEBDW4QtMsgType@@@Z
??1QLoggingCategory@@QEAA@XZ
?isDebugEnabled@QLoggingCategory@@QEBA_NXZ
?isWarningEnabled@QLoggingCategory@@QEBA_NXZ
?shared_null@QHashData@@2U1@B
?staticMetaObject@QFile@@2UQMetaObject@@B
?staticMetaObject@QObject@@2UQMetaObject@@B
?qt_metacast@QObject@@UEAAPEAXPEBD@Z
?qt_metacall@QObject@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
??0QString@@QEAA@XZ
?mid@QByteArray@@QEBA?AV1@HH@Z
??1QByteArray@@QEAA@XZ
?warning@QMessageLogger@@QEBAXPEBDZZ
?debug@QMessageLogger@@QEBAXPEBDZZ
??0QMessageLogger@@QEAA@PEBDH00@Z
?shared_null@QListData@@2UData@1@B
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?append@QListData@@QEAAPEAPEAXXZ
?dispose@QListData@@SAXPEAUData@1@@Z
?detach_grow@QListData@@QEAAPEAUData@1@PEAHH@Z
?detach@QListData@@QEAAPEAUData@1@H@Z
?compare@QString@@QEBAHVQLatin1String@@W4CaseSensitivity@Qt@@@Z
??1QString@@QEAA@XZ
??0QString@@QEAA@AEBV0@@Z
??0QString@@QEAA@VQLatin1String@@@Z
?toObject@QJsonValue@@QEBA?AVQJsonObject@@XZ

kernel32

EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
CloseHandle

vcruntime140

__vcrt_InitializeCriticalSectionEx
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_configure_narrow_argv

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c63c3777eb17da0efe8d9947bc078d6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

qt53drender

qt53dcore

qt5core

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 1024B - Virtual size: 1KB

.pdata Size: 1KB - Virtual size: 1KB

.qtmetad Size: 512B - Virtual size: 284B

.tls Size: 512B - Virtual size: 9B

.gfids Size: 512B - Virtual size: 52B

.rsrc Size: 1024B - Virtual size: 856B

.reloc Size: 512B - Virtual size: 248B

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.qtmetad
Size: 512B - Virtual size: 284B

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 512B - Virtual size: 52B

.rsrc
Size: 1024B - Virtual size: 856B

.reloc
Size: 512B - Virtual size: 248B