955a9aad05f830dd6f80969c16ec878d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

955a9aad05f830dd6f80969c16ec878d_JaffaCakes118
Size

270KB
MD5

955a9aad05f830dd6f80969c16ec878d
SHA1

88a28fcd3513cf17d99c5295415ae3eb3f4386fa
SHA256

3750aa9e13f88d58674c672992961e2a5c4c633527ef78dd09f8ec6eb7a6dcb8
SHA512

8a5ba30198db6edb861e6b2d756bd281d1a857c46c27aceb70b9e72fea7e4c8b890d9231031a1eeba35f77cfc89b45bce01163c7f0278665120a009ef3098af0
SSDEEP

6144:wVfo549q7gUg+Emj+u+4+WTQ+NOhDhVhEcrcd9v8ZEcew8buHqBnvh0OmTyNLhy9:S9q7EM13Yh9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
955a9aad05f830dd6f80969c16ec878d_JaffaCakes118

Files

955a9aad05f830dd6f80969c16ec878d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

959833161a438aa8d2347f3d396a0528

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

qtcore4

_Z5qFreePv
_ZN10QByteArray11shared_nullE
_ZN10QByteArray7reallocEi
_ZN10QByteArrayC1EPKc
_ZN7QString16fromAscii_helperEPKci
_ZN7QString4freeEPNS_4DataE
_ZN7QString6appendERKS_
_ZN7QString9fromAsciiEPKci
_ZN7QStringaSERKS_
_ZN8QVariantD1Ev
_ZN9QListData11shared_nullE
_ZN9QListData6detachEi
_ZN9QtPrivate16QStringList_joinEPK11QStringListRK7QString
_ZNK7QString11toLocal8BitEv
_ZNK8QVariant12toStringListEv
_ZNK8QVariant4typeEv
_ZNK8QVariant6toBoolEv
_ZNK8QVariant8toStringEv

kernel32

CloseHandle
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeLibrary
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
_winmajor
abort
atexit
calloc
fputc
fputs
free
fwrite
malloc
memcpy
printf
realloc
signal
sprintf
strcmp
strcpy
vfprintf

libgcc_s_dw2-1

_Unwind_DeleteException
_Unwind_GetDataRelBase
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__deregister_frame_info
__emutls_get_address
__register_frame_info

libkdecore

_Z5ki18nPKc
_ZN12KCmdLineArgs10parsedArgsERK10QByteArray
_ZN12KCmdLineArgs17addCmdLineOptionsERK15KCmdLineOptionsRK16KLocalizedStringRK10QByteArrayS8_
_ZN12KCmdLineArgs4initEiPPcRK10QByteArrayS4_RK16KLocalizedStringS4_S7_6QFlagsINS_13StdCmdLineArgEE
_ZN12KCmdLineArgs5usageERK10QByteArray
_ZN15KCmdLineOptions3addERK10QByteArrayRK16KLocalizedStringS2_
_ZN15KCmdLineOptionsC1Ev
_ZN15KCmdLineOptionsD1Ev
_ZN15KMimeTypeTrader4selfEv
_ZN16KLocalizedStringC1Ev
_ZN16KLocalizedStringD1Ev
_ZN18KServiceTypeTrader4selfEv
_ZNK12KCmdLineArgs9getOptionERK10QByteArray
_ZNK12KSycocaEntry13propertyNamesEv
_ZNK12KSycocaEntry8propertyERK7QString
_ZNK15KMimeTypeTrader5queryERK7QStringS2_S2_
_ZNK18KServiceTypeTrader5queryERK7QStringS2_

libkdeui

_ZN12KApplicationC1Eb
_ZN12KApplicationD1Ev

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 268B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/71
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/83
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/96
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/107
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/118
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

959833161a438aa8d2347f3d396a0528

Headers

File Characteristics

Imports

qtcore4

kernel32

msvcrt

libgcc_s_dw2-1

libkdecore

libkdeui

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 19KB - Virtual size: 18KB

.rdata Size: 7KB - Virtual size: 6KB

/4 Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 268B

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

/14 Size: 1KB - Virtual size: 1KB

/29 Size: 4KB - Virtual size: 3KB

/45 Size: 74KB - Virtual size: 73KB

/57 Size: 12KB - Virtual size: 11KB

/71 Size: 13KB - Virtual size: 12KB

/83 Size: 4KB - Virtual size: 4KB

/96 Size: 2KB - Virtual size: 1KB

/107 Size: 25KB - Virtual size: 25KB

/118 Size: 6KB - Virtual size: 6KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 19KB - Virtual size: 18KB

.rdata
Size: 7KB - Virtual size: 6KB

/4
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 268B

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

/14
Size: 1KB - Virtual size: 1KB

/29
Size: 4KB - Virtual size: 3KB

/45
Size: 74KB - Virtual size: 73KB

/57
Size: 12KB - Virtual size: 11KB

/71
Size: 13KB - Virtual size: 12KB

/83
Size: 4KB - Virtual size: 4KB

/96
Size: 2KB - Virtual size: 1KB

/107
Size: 25KB - Virtual size: 25KB

/118
Size: 6KB - Virtual size: 6KB