75cb35092f04990a8b3d0d6e46ab2778_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

75cb35092f04990a8b3d0d6e46ab2778_JaffaCakes118
Size

82KB
MD5

75cb35092f04990a8b3d0d6e46ab2778
SHA1

1e8c86af5ecaa30b408bedd6a89c61cd4bf6b258
SHA256

9a015430a91f3e4c7060f486bf32f87a82338cd0217a34e04761c653cf5d2774
SHA512

43816d632190118acfdc210120b2cb3b7e91effe6cf82df16116528add2a1f137f726cf107f3d7731f19c08a588d3bdc2201e3ad434f1b0252c59f0e4ba27bf8
SSDEEP

768:nCEHl3/cLCyC7CI607WXGu+ZH4A9xSVTL0B3W8VQeOEYazKM:nCq3/v7Cx0ahm9gTwB3W8VQeOEHzz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75cb35092f04990a8b3d0d6e46ab2778_JaffaCakes118

Files

75cb35092f04990a8b3d0d6e46ab2778_JaffaCakes118
.dll windows:6 windows x86 arch:x86

6a6e6c1f298f5f4845a58fa423255689

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\BuildAgent71\work\d383c7052768eb16\Qt\qtsvg\plugins\iconengines\qsvgicond.pdb

Imports

qt5svgd

?render@QSvgRenderer@@QAEXPAVQPainter@@@Z
?load@QSvgRenderer@@QAE_NABVQByteArray@@@Z
?load@QSvgRenderer@@QAE_NABVQString@@@Z
?defaultSize@QSvgRenderer@@QBE?AVQSize@@XZ
?isValid@QSvgRenderer@@QBE_NXZ
??1QSvgRenderer@@UAE@XZ
??0QSvgRenderer@@QAE@ABVQString@@PAVQObject@@@Z
??0QSvgRenderer@@QAE@PAVQObject@@@Z

qt5guid

?staticMetaObject@QGuiApplication@@2UQMetaObject@@B
?virtual_hook@QIconEngine@@UAEXHPAX@Z
?iconName@QIconEngine@@UBE?AVQString@@XZ
?availableSizes@QIconEngine@@UBE?AV?$QList@VQSize@@@@W4Mode@QIcon@@W4State@4@@Z
?instance@QGuiApplicationPrivate@@SAPAV1@XZ
?insert@QPixmapCache@@SA_NABVQString@@ABVQPixmap@@@Z
?find@QPixmapCache@@SA_NABVQString@@AAVQPixmap@@@Z
?drawPixmap@QPainter@@QAEXABVQRect@@ABVQPixmap@@@Z
?end@QPainter@@QAE_NXZ
??1QPainter@@QAE@XZ
??0QPainter@@QAE@PAVQPaintDevice@@@Z
??0QIconEngine@@QAE@ABV0@@Z
??0QIconEngine@@QAE@XZ
??1QIconEngine@@UAE@XZ
??6@YAAAVQDataStream@@AAV0@ABVQPixmap@@@Z
??5@YAAAVQDataStream@@AAV0@AAVQPixmap@@@Z
?fromImage@QPixmap@@SA?AV1@ABVQImage@@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?size@QPixmap@@QBE?AVQSize@@XZ
?isNull@QPixmap@@QBE_NXZ
??4QPixmap@@QAEAAV0@$$QAV0@@Z
??4QPixmap@@QAEAAV0@ABV0@@Z
??1QPixmap@@UAE@XZ
??0QPixmap@@QAE@ABV0@@Z
??0QPixmap@@QAE@ABVQString@@PBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
??0QPixmap@@QAE@XZ
?fill@QImage@@QAEXI@Z
??1QImage@@UAE@XZ
??0QImage@@QAE@ABVQSize@@W4Format@0@@Z
?staticMetaObject@QIconEnginePlugin@@2UQMetaObject@@B
??1QIconEnginePlugin@@UAE@XZ
??0QIconEnginePlugin@@QAE@PAVQObject@@@Z
?qt_metacall@QIconEnginePlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QIconEnginePlugin@@UAEPAXPBD@Z

qt5cored

?detach@QListData@@QAEPAUData@1@H@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?dispose@QListData@@QAEXXZ
?dispose@QListData@@SAXPAUData@1@@Z
?append@QListData@@QAEPAPAXXZ
?begin@QListData@@QBEPAPAXXZ
?end@QListData@@QBEPAPAXXZ
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
??0QSize@@QAE@XZ
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?shared_null@QListData@@2UData@1@B
?isNull@QString@@QBE_NXZ
?isNull@QSize@@QBE_NXZ
?isEmpty@QSize@@QBE_NXZ
?width@QSize@@QBEHXZ
?height@QSize@@QBEHXZ
?scale@QSize@@QAEXABV1@W4AspectRatioMode@Qt@@@Z
?cast@QMetaObject@@QBEPAVQObject@@PAV2@@Z
?size@QRect@@QBE?AVQSize@@XZ
??0QChar@@QAE@UQLatin1Char@@@Z
??1QString@@QAE@XZ
??0QByteArray@@QAE@XZ
??0QByteArray@@QAE@ABV0@@Z
??1QByteArray@@QAE@XZ
??4QByteArray@@QAEAAV0@ABV0@@Z
??4QByteArray@@QAEAAV0@$$QAV0@@Z
?size@QByteArray@@QBEHXZ
?isEmpty@QByteArray@@QBE_NXZ
?constData@QByteArray@@QBEPBDXZ
?qUncompress@@YA?AVQByteArray@@PBEH@Z
??6@YAAAVQDataStream@@AAV0@ABVQByteArray@@@Z
??5@YAAAVQDataStream@@AAV0@AAVQByteArray@@@Z
?qCompress@@YA?AVQByteArray@@PBEHH@Z
??0QString@@QAE@XZ
??4QString@@QAEAAV0@ABV0@@Z
??0QString@@QAE@$$QAV0@@Z
??4QString@@QAEAAV0@$$QAV0@@Z
?isEmpty@QString@@QBE_NXZ
?at@QString@@QBE?BVQChar@@H@Z
?endsWith@QString@@QBE_NVQLatin1String@@W4CaseSensitivity@Qt@@@Z
?append@QString@@QAEAAV1@VQChar@@@Z
??YQString@@QAEAAV0@ABV0@@Z
?number@QString@@SA?AV1@HH@Z
??6@YAAAVQDataStream@@AAV0@ABVQString@@@Z
??5@YAAAVQDataStream@@AAV0@AAVQString@@@Z
?readAll@QIODevice@@QAE?AVQByteArray@@XZ
?atEnd@QDataStream@@QBE_NXZ
?status@QDataStream@@QBE?AW4Status@1@XZ
?setStatus@QDataStream@@QAEXW4Status@1@@Z
?resetStatus@QDataStream@@QAEXXZ
?version@QDataStream@@QBEHXZ
??5QDataStream@@QAEAAV0@AAH@Z
??5QDataStream@@QAEAAV0@AAI@Z
??6QDataStream@@QAEAAV0@H@Z
??6QDataStream@@QAEAAV0@I@Z
??0QSharedData@@QAE@XZ
??0QSharedData@@QAE@ABV0@@Z
?allocateNode@QHashData@@QAEPAXH@Z
?detach_helper@QHashData@@QAEPAU1@P6AXPAUNode@1@PAX@ZP6AX0@ZHH@Z
?willGrow@QHashData@@QAE_NXZ
?free_helper@QHashData@@QAEXP6AXPAUNode@1@@Z@Z
?firstNode@QHashData@@QAEPAUNode@1@XZ
?nextNode@QHashData@@SAPAUNode@1@PAU21@@Z
?previousNode@QHashData@@SAPAUNode@1@PAU21@@Z
??0QFile@@QAE@ABVQString@@@Z
??1QFile@@UAE@XZ
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QFileInfo@@QAE@ABVQString@@@Z
??1QFileInfo@@QAE@XZ
?absoluteFilePath@QFileInfo@@QBE?AVQString@@XZ
?instance@QCoreApplication@@SAPAV1@XZ
?shared_null@QHashData@@2U1@B
??0QString@@QAE@ABV0@@Z
??0QString@@QAE@VQLatin1String@@@Z
?qt_assert@@YAXPBD0H@Z
?unicode@QChar@@QAEAAGXZ
?realloc@QListData@@QAEXH@Z

msvcp120d

?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
??0_Container_base12@std@@QAE@XZ
?_Debug_message@std@@YAXPB_W0I@Z
?_Xout_of_range@std@@YAXPBD@Z
??0id@locale@std@@QAE@I@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z

msvcr120d

_CrtSetCheckCount
_free_dbg
_malloc_dbg
_amsg_exit
__CppXcptFilter
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_dbg
_CrtDbgReportW
_unlock
_lock
_hypot
memmove
strlen
strcmp
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
_purecall
_initterm
_initterm_e
_except_handler4_common
__crtUnhandledException
_crt_debugger_hook
__clean_type_info_names_internal
__crtTerminateProcess
?terminate@@YAXXZ

kernel32

IsProcessorFeaturePresent
IsDebuggerPresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a6e6c1f298f5f4845a58fa423255689

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

qt5svgd

qt5guid

qt5cored

msvcp120d

msvcr120d

kernel32

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 1KB

.idata Size: 9KB - Virtual size: 8KB

.qtmetad Size: 1024B - Virtual size: 572B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 1KB

.idata
Size: 9KB - Virtual size: 8KB

.qtmetad
Size: 1024B - Virtual size: 572B

.reloc
Size: 2KB - Virtual size: 2KB