89f9ba8f8d09b329a4356401fa078fba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89f9ba8f8d09b329a4356401fa078fba_JaffaCakes118
Size

668KB
MD5

89f9ba8f8d09b329a4356401fa078fba
SHA1

979a7bea7100c97a80624a82a703dfe7b2a2f38b
SHA256

4093300ab72faea95022d4aa9b307e13be928f874b5df1b22862ae7be290b230
SHA512

7197fa22f2450921e92a1ac6bfc5bd5821306e6b637ec3e2bf5de78083f13b6d5cdc0f9116cf01cde442c17b29ba821b39085c274eba8524af22957c9e140956
SSDEEP

12288:UzC+x/braY0w4t5w6sC72kM9Fk0ds1txrp1V1j:UzC+x/braY0w4t5yC72kM9FjqtLF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89f9ba8f8d09b329a4356401fa078fba_JaffaCakes118

Files

89f9ba8f8d09b329a4356401fa078fba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db443fbb18d0e6bffdadcd25923c7cef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libsoprano

_ZN7Soprano4NodeD1Ev
_ZN7Soprano4NodeC1ERKS0_
_ZN7Soprano5qHashERKNS_4NodeE
_ZNK7Soprano4NodeeqERKS0_
_ZN7Soprano13versionStringEv
_ZNK7Soprano5Error10ErrorCache8setErrorERKNS0_5ErrorE
_ZN7Soprano5Error5ErrorD1Ev
_ZNK7Soprano5Error10ErrorCache8setErrorERK7QStringi
_ZN7Soprano9StatementC1ERKS0_
_ZN7Soprano9StatementD1Ev
_ZN7Soprano9StatementC1Ev
_ZN7Soprano4NodeC1Ev
_ZN7Soprano10Vocabulary3RDF4typeEv
_ZN7Soprano4NodeC1ERK4QUrl
_ZNK7Soprano5Graph14listStatementsERKNS_4NodeES3_S3_S3_
_ZNK7Soprano9Statement7subjectEv
_ZNK7Soprano9Statement7contextEv
_ZNK7Soprano4Node7isValidEv
_ZN7Soprano10Vocabulary3NRL13GraphMetadataEv
_ZNK7Soprano5Graph17containsStatementERKNS_4NodeES3_S3_S3_
_ZN7Soprano17StatementIteratorD1Ev
_ZN7Soprano23mimeTypeToSerializationERK7QString
_ZN7Soprano13PluginManager8instanceEv
_ZN7Soprano13PluginManager30discoverParserForSerializationENS_16RdfSerializationERK7QString
_ZNK7Soprano5Error5Error4codeEv
_ZlsR11QTextStreamRKN7Soprano5Error5ErrorE
_ZN7Soprano5GraphC1Ev
_ZN7Soprano5Graph12addStatementERKNS_9StatementE
_ZN7Soprano5GraphD1Ev
_ZNK7Soprano4Node3uriEv
_ZN7Soprano10Vocabulary4RDFS7commentEv
_ZNK7Soprano4Node8toStringEv
_ZNK7Soprano9Statement6objectEv
_ZNK7Soprano4Node7literalEv
_ZNK7Soprano12LiteralValue8toStringEv
_ZN7Soprano12LiteralValueD1Ev
_ZN7Soprano10Vocabulary3NRL8OntologyEv
_ZN7Soprano17StatementIteratoraSERKS0_

qtcore4

_ZNK7QStringltERKS_
_ZN7QString4freeEPNS_4DataE
_ZN5QChar9fromAsciiEc
_ZN7QString4growEi
_ZN7QString7reallocEi
_ZN11QTextStreamC1EP6_iobuf6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN11QTextStreamlsEPKc
_Z4endlR11QTextStream
_ZN11QTextStreamD1Ev
_ZN11QTextStreamlsERK7QString
_Z5qFreePv
_ZN9QListData6detachEi
_ZN9QListData11detach_growEPii
_ZN9QListData6appendEv
_ZN9QListData11shared_nullE
_ZN9QHashData8nextNodeEPNS_4NodeE
_ZN9QListData7reallocEi
_ZN7QString9fromAsciiEPKci
_ZN7QString6appendERKS_
_ZN7QString11shared_nullE
_ZN5QCharC1Ec
_ZN7QString7replaceE5QCharRKS_N2Qt15CaseSensitivityE
_ZN7QString17fromLatin1_helperEPKci
_ZN9QtPrivate20QStringList_containsEPK11QStringListRK7QStringN2Qt15CaseSensitivityE
_ZNK7QString3midEii
_ZNK7QString4leftEi
_ZNK7QString7toUpperEv
_ZNK7QString7toLowerEv
_ZNK7QString11toLocal8BitEv
_ZN10QByteArray7reallocEi
_Z17qt_message_output9QtMsgTypePKc
_ZN8QMapData16continueFreeDataEi
_ZN8QMapData10createDataEi
_ZN8QMapData11node_createEPPNS_4NodeEii
_ZN7QString10fromLatin1EPKci
_ZN9QHashData11shared_nullE
_ZN4QUrlD1Ev
_ZN9QHashData14detach_helper2EPFvPNS_4NodeEPvEPFvS1_Eii
_ZN9QHashData12allocateNodeEi
_ZN9QHashData11free_helperEPFvPNS_4NodeEE
_ZN9QHashData6rehashEi
_ZNK7QString5splitERK5QCharNS_13SplitBehaviorEN2Qt15CaseSensitivityE
_ZN7QString16fromAscii_helperEPKci
_ZN7QRegExpC1ERK7QStringN2Qt15CaseSensitivityENS_13PatternSyntaxE
_ZNK7QString5splitERK7QRegExpNS_13SplitBehaviorE
_ZN7QRegExpD1Ev
_ZN7QString6insertEi5QChar
_ZN7QString6appendE5QChar
_ZN16QCoreApplicationC1ERiPPc
_ZN16QCoreApplication9argumentsEv
_ZN7QStringaSERKS_
_ZN7QString16codecForCStringsE
_ZNK7QStringeqERKS_
_ZNK7QStringeqERK13QLatin1String
_ZN5QFile6existsERK7QString
_ZN16QCoreApplicationD1Ev
_ZN4QUrlC1ERK7QString
_ZN5QFileC1ERK7QString
_ZN5QFile4openE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZNK5QFile8fileNameEv
_ZN5QFileD1Ev
_ZN11QTextStreamC1EP9QIODevice
_ZN8QMapData11shared_nullE
_ZNK4QUrl8toStringE6QFlagsINS_16FormattingOptionEE
_ZNK4QUrl8fragmentEv
_ZNK7QString7indexOfE5QChariN2Qt15CaseSensitivityE
_ZNK4QUrl4pathEv
_ZNK7QString7sectionERKS_ii6QFlagsINS_11SectionFlagEE
_ZNK4QUrl11hasFragmentEv
_ZN4QUrl11setFragmentERK7QString
_ZN11QTextStreamC1EP7QString6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN11QTextStreamlsEc
_ZN4QUrlC1Ev
_ZN4QUrlaSERKS_
_ZNK7QString3argERKS_iRK5QChar
_ZNK4QUrl7isEmptyEv
_ZNK5QChar7toUpperEv
_ZN7QStringC1E5QChar
_ZNK7QString5splitERKS_NS_13SplitBehaviorEN2Qt15CaseSensitivityE

kernel32

CloseHandle
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

_write
__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_iob
_lock
_onexit
_unlock
abort
calloc
exit
fprintf
fputc
fputs
free
fwrite
malloc
memcpy
realloc
signal
sprintf
strcmp
strcpy
strlen
vfprintf

libgcc_s_sjlj-1

_Unwind_SjLj_Resume
_Unwind_SjLj_Register
_Unwind_SjLj_Unregister
_Unwind_GetTextRelBase
_Unwind_GetDataRelBase
_Unwind_GetRegionStart
_Unwind_GetLanguageSpecificData
_Unwind_GetIPInfo
_Unwind_SetGR
_Unwind_SetIP
_Unwind_DeleteException
_Unwind_SjLj_Resume_or_Rethrow
_Unwind_SjLj_RaiseException

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1024B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/35
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/47
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/61
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/73
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/86
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/108
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db443fbb18d0e6bffdadcd25923c7cef

Headers

File Characteristics

Imports

libsoprano

qtcore4

kernel32

msvcrt

libgcc_s_sjlj-1

Sections

.text Size: 75KB - Virtual size: 75KB

.data Size: 19KB - Virtual size: 18KB

.rdata Size: 9KB - Virtual size: 9KB

.bss Size: - Virtual size: 1024B

.idata Size: 8KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

/4 Size: 2KB - Virtual size: 1KB

/19 Size: 7KB - Virtual size: 7KB

/35 Size: 344KB - Virtual size: 343KB

/47 Size: 20KB - Virtual size: 19KB

/61 Size: 29KB - Virtual size: 28KB

/73 Size: 6KB - Virtual size: 6KB

/86 Size: 6KB - Virtual size: 5KB

/97 Size: 33KB - Virtual size: 33KB

/108 Size: 16KB - Virtual size: 16KB

.text
Size: 75KB - Virtual size: 75KB

.data
Size: 19KB - Virtual size: 18KB

.rdata
Size: 9KB - Virtual size: 9KB

.bss
Size: - Virtual size: 1024B

.idata
Size: 8KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

/4
Size: 2KB - Virtual size: 1KB

/19
Size: 7KB - Virtual size: 7KB

/35
Size: 344KB - Virtual size: 343KB

/47
Size: 20KB - Virtual size: 19KB

/61
Size: 29KB - Virtual size: 28KB

/73
Size: 6KB - Virtual size: 6KB

/86
Size: 6KB - Virtual size: 5KB

/97
Size: 33KB - Virtual size: 33KB

/108
Size: 16KB - Virtual size: 16KB