7234520a9e36db7d5937a908d1233f13_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7234520a9e36db7d5937a908d1233f13_JaffaCakes118
Size

232KB
MD5

7234520a9e36db7d5937a908d1233f13
SHA1

ec6b745846672ed8b02430b7c529d92cec4da1ab
SHA256

f10f2d9fd4b8373f9e0dc30ba45f766afd05e39ef963f05489a7e433dafd86b4
SHA512

8aec8d1b8dfafce020b140b8094d2db1bd02a5012c9668a1b2548d14c3ddc9798077a7ef3206d2437170e94b40deef2db572cfe0ecb8bb6912935dee204a7544
SSDEEP

6144:FzvVqm8ejPYyI4WHtOKxnIdBEMo+0WHtD5:FzvVqm1eMBEMojWND5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7234520a9e36db7d5937a908d1233f13_JaffaCakes118

Files

7234520a9e36db7d5937a908d1233f13_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7350ecf6cf3a6c29538fb0d1ad23bcbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Qt\qt-mobility-opensource-src-1.1.0\plugins\multimedia\directshow\release\dsengine.pdb

Imports

gdi32

Rectangle
SelectObject
CreateSolidBrush
CreatePen
DeleteObject

user32

BeginPaint
EndPaint

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoGetMalloc
CreateBindCtx

oleaut32

SysStringLen
SysFreeString
VariantInit
VariantClear

qtmultimediakit1

??1QVideoSurfaceFormat@@QAE@XZ
?staticMetaObject@QVideoWindowControl@@2UQMetaObject@@B
?qt_metacall@QVideoWindowControl@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QVideoWindowControl@@UAEPAXPBD@Z
?staticMetaObject@QVideoRendererControl@@2UQMetaObject@@B
?qt_metacall@QVideoRendererControl@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QVideoRendererControl@@UAEPAXPBD@Z
?staticMetaObject@QMediaService@@2UQMetaObject@@B
?qt_metacall@QMediaService@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QMediaService@@UAEPAXPBD@Z
?staticMetaObject@QMediaPlayerControl@@2UQMetaObject@@B
?qt_metacall@QMediaPlayerControl@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QMediaPlayerControl@@UAEPAXPBD@Z
?staticMetaObject@QMetaDataReaderControl@@2UQMetaObject@@B
?qt_metacall@QMetaDataReaderControl@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QMetaDataReaderControl@@UAEPAXPBD@Z
?staticMetaObject@QAudioEndpointSelector@@2UQMetaObject@@B
?qt_metacall@QAudioEndpointSelector@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QAudioEndpointSelector@@UAEPAXPBD@Z
?staticMetaObject@QMediaServiceProviderPlugin@@2UQMetaObject@@B
?qt_metacall@QMediaServiceProviderPlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QMediaServiceProviderPlugin@@UAEPAXPBD@Z
?saturationChanged@QVideoWindowControl@@IAEXH@Z
?hueChanged@QVideoWindowControl@@IAEXH@Z
?contrastChanged@QVideoWindowControl@@IAEXH@Z
?brightnessChanged@QVideoWindowControl@@IAEXH@Z
??0QVideoWindowControl@@IAE@PAVQObject@@@Z
?fullScreenChanged@QVideoWindowControl@@IAEX_N@Z
??1QVideoWindowControl@@UAE@XZ
?frameSize@QVideoSurfaceFormat@@QBE?AVQSize@@XZ
??0QVideoFrame@@QAE@PAVQAbstractVideoBuffer@@ABVQSize@@W4PixelFormat@0@@Z
??4QVideoSurfaceFormat@@QAEAAV0@ABV0@@Z
??0QVideoFrame@@QAE@XZ
??1QVideoFrame@@QAE@XZ
?handle@QAbstractVideoBuffer@@UBE?AVQVariant@@XZ
??0QAbstractVideoBuffer@@QAE@W4HandleType@0@@Z
??1QAbstractVideoBuffer@@UAE@XZ
??1QVideoRendererControl@@UAE@XZ
??0QVideoRendererControl@@IAE@PAVQObject@@@Z
?url@QMediaResource@@QBE?AVQUrl@@XZ
?resources@QMediaContent@@QBE?AV?$QList@VQMediaResource@@@@XZ
??0QMediaService@@IAE@PAVQObject@@@Z
??1QMediaService@@UAE@XZ
??0QMediaTimeRange@@QAE@ABV0@@Z
??0QMediaTimeRange@@QAE@_J0@Z
??0QMediaTimeRange@@QAE@XZ
??4QMediaTimeRange@@QAEAAV0@ABV0@@Z
??1QMediaTimeRange@@QAE@XZ
??0QMediaResource@@QAE@ABV0@@Z
??1QMediaResource@@QAE@XZ
?volumeChanged@QMediaPlayerControl@@IAEXH@Z
??4QMediaContent@@QAEAAV0@ABV0@@Z
?error@QMediaPlayerControl@@IAEXHABVQString@@@Z
?audioAvailableChanged@QMediaPlayerControl@@IAEX_N@Z
?videoAvailableChanged@QMediaPlayerControl@@IAEX_N@Z
?positionChanged@QMediaPlayerControl@@IAEX_J@Z
?durationChanged@QMediaPlayerControl@@IAEX_J@Z
?seekableChanged@QMediaPlayerControl@@IAEX_N@Z
?mediaStatusChanged@QMediaPlayerControl@@IAEXW4MediaStatus@QMediaPlayer@@@Z
?stateChanged@QMediaPlayerControl@@IAEXW4State@QMediaPlayer@@@Z
??0QMediaContent@@QAE@ABV0@@Z
?playbackRateChanged@QMediaPlayerControl@@IAEXN@Z
?mutedChanged@QMediaPlayerControl@@IAEX_N@Z
??1QMediaContent@@QAE@XZ
??0QMediaPlayerControl@@IAE@PAVQObject@@@Z
??0QMediaContent@@QAE@XZ
??1QMediaPlayerControl@@UAE@XZ
?metaDataChanged@QMetaDataReaderControl@@IAEXXZ
?metaDataAvailableChanged@QMetaDataReaderControl@@IAEX_N@Z
??1QMetaDataReaderControl@@UAE@XZ
?pixelFormat@QVideoSurfaceFormat@@QBE?AW4PixelFormat@QVideoFrame@@XZ
?frameWidth@QVideoSurfaceFormat@@QBEHXZ
??0QAudioEndpointSelector@@IAE@PAVQObject@@@Z
??1QAudioEndpointSelector@@UAE@XZ
??_7QMediaServiceSupportedDevicesInterface@@6B@
??_7QMediaServiceProviderFactoryInterface@@6B@
??_7QMediaServiceProviderPlugin@@6BQObject@@@
??_7QMediaServiceProviderPlugin@@6BQMediaServiceProviderFactoryInterface@@@
??0QMetaDataReaderControl@@IAE@PAVQObject@@@Z
??0QVideoSurfaceFormat@@QAE@XZ
??0QVideoSurfaceFormat@@QAE@ABVQSize@@W4PixelFormat@QVideoFrame@@W4HandleType@QAbstractVideoBuffer@@@Z
?setFrameRate@QVideoSurfaceFormat@@QAEXN@Z
?setScanLineDirection@QVideoSurfaceFormat@@QAEXW4Direction@1@@Z
??0QVideoSurfaceFormat@@QAE@ABV0@@Z

qtgui4

?find@QWidget@@SAPAV1@PAUHWND__@@@Z
?palette@QWidget@@QBEABVQPalette@@XZ
?color@QPalette@@QBEABVQColor@@W4ColorRole@1@@Z
?blue@QColor@@QBEHXZ
?green@QColor@@QBEHXZ
?red@QColor@@QBEHXZ

qtcore4

?self@QCoreApplication@@0PAV1@A
?activate@QMetaObject@@SAXPAVQObject@@PBU1@HPAPAX@Z
?staticMetaObject@QObject@@2UQMetaObject@@B
?qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QObject@@UAEPAXPBD@Z
?scale@QSize@@QAEXABV1@W4AspectRatioMode@Qt@@@Z
?fromLatin1@QString@@SA?AV1@PBDH@Z
??0QSemaphore@@QAE@H@Z
?acquire@QSemaphore@@QAEXH@Z
?release@QSemaphore@@QAEXH@Z
??1QSemaphore@@QAE@XZ
?scheme@QUrl@@QBE?AVQString@@XZ
?toString@QUrl@@QBE?AVQString@@V?$QFlags@W4FormattingOption@QUrl@@@@@Z
?clear@QUrl@@QAEXXZ
?isReadable@QIODevice@@QBE_NXZ
?wait@QThread@@QAE_NK@Z
??0QUrl@@QAE@XZ
?start@QThread@@QAEXW4Priority@1@@Z
??1QUrl@@QAE@XZ
?erase@QListData@@QAEPAPAXPAPAX@Z
?qstrcmp@@YAHPBD0@Z
?qMalloc@@YAPAXI@Z
?qWarning@@YAXPBDZZ
??1QThread@@UAE@XZ
?qt_metacall@QThread@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QThread@@UAEPAXPBD@Z
?metaObject@QThread@@UBEPBUQMetaObject@@XZ
??0QThread@@QAE@PAVQObject@@@Z
??4QVariant@@QAEAAV0@ABV0@@Z
??1QVariant@@QAE@XZ
?fromUtf16@QString@@SA?AV1@PBGH@Z
??0QVariant@@QAE@H@Z
?resize@QString@@QAEXH@Z
??0QVariant@@QAE@ABVQString@@@Z
??0QVariant@@QAE@XZ
?shared_null@QByteArray@@0UData@1@A
?resize@QByteArray@@QAEXH@Z
?detach@QByteArray@@QAEXXZ
??0QVariant@@QAE@ABVQByteArray@@@Z
??0QVariant@@QAE@_N@Z
??0QVariant@@QAE@_J@Z
??0QFile@@QAE@XZ
?grow@QVectorData@@SAHHHH_N@Z
?path@QUrl@@QBE?AVQString@@XZ
??0QChar@@QAE@UQLatin1Char@@@Z
?setFileName@QFile@@QAEXABVQString@@@Z
?fileName@QFile@@QBE?AVQString@@XZ
?toLocal8Bit@QString@@QBE?AVQByteArray@@XZ
??8QString@@QBE_NABVQLatin1String@@@Z
?shared_null@QString@@0UData@1@A
??_7QFactoryInterface@@6B@
??0QObject@@QAE@PAV0@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?connectNotify@QObject@@MAEXPBD@Z
?disconnectNotify@QObject@@MAEXPBD@Z
??1QObject@@UAE@XZ
?shared_null@QListData@@2UData@1@A
?removeGuard@QMetaObject@@SAXPAPAVQObject@@@Z
?changeGuard@QMetaObject@@SAXPAPAVQObject@@PAV2@@Z
??0QString@@QAE@ABV0@@Z
?free@QString@@CAXPAUData@1@@Z
?qFree@@YAXPAX@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?detach@QListData@@QAEPAUData@1@H@Z
?append@QListData@@QAEPAPAXXZ
??1QString@@QAE@XZ
?fromLatin1_helper@QString@@CAPAUData@1@PBDH@Z
?shared_null@QMapData@@2U1@A
??MQString@@QBE_NABV0@@Z
?continueFreeData@QMapData@@QAEXH@Z
?node_delete@QMapData@@QAEXQAPAUNode@1@HPAU21@@Z
?qDebug@@YAXPBDZZ
??4QString@@QAEAAV0@ABV0@@Z
?fromWCharArray@QString@@SA?AV1@PBGH@Z
??8QString@@QBE_NABV0@@Z
?createData@QMapData@@SAPAU1@H@Z
?realloc@QListData@@QAEXH@Z
?endsWith@QString@@QBE_NABVQLatin1String@@W4CaseSensitivity@Qt@@@Z
??0QMutex@@QAE@W4RecursionMode@0@@Z
??1QMutexLocker@@QAE@XZ
?unlock@QMutex@@QAEXXZ
?postEvent@QCoreApplication@@SAXPAVQObject@@PAVQEvent@@@Z
??0QEvent@@QAE@W4Type@0@@Z
??0QMutexLocker@@QAE@PAVQMutex@@@Z
??1QEvent@@UAE@XZ
?lock@QMutex@@QAEXXZ
?node_create@QMapData@@QAEPAUNode@1@QAPAU21@HH@Z
?notifyInternal@QCoreApplication@@AAE_NPAVQObject@@PAVQEvent@@@Z
??1QMutex@@QAE@XZ
?wait@QWaitCondition@@QAE_NPAVQMutex@@K@Z
??1QWaitCondition@@QAE@XZ
?wakeAll@QWaitCondition@@QAEXXZ
?qMemSet@@YAPAXPAXHI@Z
?read@QIODevice@@QAE_JPAD_J@Z
?connect@QObject@@SA_NPBV1@PBD01W4ConnectionType@Qt@@@Z
?moveToThread@QObject@@QAEXPAVQThread@@@Z
?thread@QObject@@QBEPAVQThread@@XZ
??0QWaitCondition@@QAE@XZ
?currentThread@QThread@@SAPAV1@XZ
?append@QString@@QAEAAV1@ABV1@@Z
??0QString@@QAE@VQChar@@@Z
?toWCharArray@QString@@QBEHPAG@Z
?truncate@QString@@QAEXH@Z
?qMemCopy@@YAPAXPAXPBXI@Z
?utf16@QString@@QBEPBGXZ
?shared_null@QVectorData@@2U1@A
?free@QVectorData@@SAXPAU1@H@Z
?qBadAlloc@@YAXXZ
?allocate@QVectorData@@SAPAU1@HH@Z
??1QByteArray@@QAE@XZ

msvcr90

_encoded_null
??2@YAPAXI@Z
__CxxFrameHandler3
_CxxThrowException
memset
memcpy
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
??3@YAXPAX@Z
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_CIlog10
_CIpow
_purecall

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
WaitForMultipleObjects
CloseHandle
ResetEvent
SetEvent
CreateEventW

Exports

Exports

qt_plugin_instance
qt_plugin_query_verification_data

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 125KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7350ecf6cf3a6c29538fb0d1ad23bcbf

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

ole32

oleaut32

qtmultimediakit1

qtgui4

qtcore4

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 7KB - Virtual size: 7KB

.text Size: 125KB - Virtual size: 128KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 125KB - Virtual size: 128KB