b944c7b9c8fbfd94e42554e1e4f5222d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b944c7b9c8fbfd94e42554e1e4f5222d_JaffaCakes118
Size

266KB
MD5

b944c7b9c8fbfd94e42554e1e4f5222d
SHA1

3e6ad3cd56de935aa81f0f0e4087046dc59ac471
SHA256

ebd1122108891d8af3a748d395c12eb0939c49595039df94194da6f28eda88f3
SHA512

b2752101b61d39ff9a9bacf45c512cabaf57bf5fc41e2667db1644964520b80f6c677b4d0273e0c7ee4458959db861209268ce1f1415010b2da780bfa82959a8
SSDEEP

6144:IDWAkOCCHyUg8Emj+u+4+NTQ+NOhDhVh+crcd9v8ZEcrw8bhBZ7H0OmTyN3yLZFd:IYCHKi1bJst

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b944c7b9c8fbfd94e42554e1e4f5222d_JaffaCakes118

Files

b944c7b9c8fbfd94e42554e1e4f5222d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50651cad3866a88e086571cd4cec4fd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

qtcore4

_Z17qt_message_output9QtMsgTypePKc
_Z5qFreePv
_ZN10QByteArray11shared_nullE
_ZN10QByteArray7reallocEi
_ZN10QByteArrayC1EPKc
_ZN11QTextStreamD1Ev
_ZN11QTextStreamlsERK7QString
_ZN11QTextStreamlsEc
_ZN7QString11shared_nullE
_ZN7QString16fromAscii_helperEPKci
_ZN7QString4freeEPNS_4DataE
_ZN7QStringaSERKS_
_ZN8QVariantD1Ev
_ZNK7QString11toLocal8BitEv
_ZNK7QString3argERKS_iRK5QChar

qtdbus4

_ZN12QDBusMessageD1Ev
_ZN14QDBusInterfaceC1ERK7QStringS2_S2_RK15QDBusConnectionP7QObject
_ZN14QDBusInterfaceD1Ev
_ZN15QDBusConnection10sessionBusEv
_ZN15QDBusConnectionD1Ev
_ZN22QDBusAbstractInterface4callERK7QStringRK8QVariantS5_S5_S5_S5_S5_S5_S5_
_ZNK10QDBusError4nameEv
_ZNK10QDBusError4typeEv
_ZNK10QDBusError7messageEv
_ZNK22QDBusAbstractInterface7isValidEv
_ZNK22QDBusAbstractInterface9lastErrorEv

kernel32

CloseHandle
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeLibrary
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
_winmajor
abort
atexit
calloc
fputc
fputs
free
fwrite
malloc
memcpy
realloc
signal
sprintf
strcmp
strcpy
vfprintf

libgcc_s_dw2-1

_Unwind_DeleteException
_Unwind_GetDataRelBase
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__deregister_frame_info
__emutls_get_address
__register_frame_info

libkdecore

_Z12kDebugStream9QtMsgTypeiPKciS1_
_Z5ki18nPKc
_ZN10KAboutData9addAuthorERK16KLocalizedStringS2_RK10QByteArrayS5_
_ZN10KAboutDataC1ERK10QByteArrayS2_RK16KLocalizedStringS2_S5_NS_10LicenseKeyES5_S5_S2_S2_
_ZN10KAboutDataD1Ev
_ZN12KCmdLineArgs10parsedArgsERK10QByteArray
_ZN12KCmdLineArgs17addCmdLineOptionsERK15KCmdLineOptionsRK16KLocalizedStringRK10QByteArrayS8_
_ZN12KCmdLineArgs4initEiPPcPK10KAboutData6QFlagsINS_13StdCmdLineArgEE
_ZN12KCmdLineArgs5usageERK10QByteArray
_ZN15KCmdLineOptions3addERK10QByteArrayRK16KLocalizedStringS2_
_ZN15KCmdLineOptionsC1Ev
_ZN15KCmdLineOptionsD1Ev
_ZN16KLocalizedStringC1Ev
_ZN16KLocalizedStringD1Ev
_ZNK12KCmdLineArgs3argEi
_ZNK12KCmdLineArgs5countEv
_ZNK12KCmdLineArgs5isSetERK10QByteArray
_ZNK12KCmdLineArgs9getOptionERK10QByteArray
_ZNK16KLocalizedString4subsERK7QStringiRK5QChar
_ZNK16KLocalizedString8toStringEv

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 268B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/71
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/83
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/96
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/107
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/118
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50651cad3866a88e086571cd4cec4fd8

Headers

File Characteristics

Imports

qtcore4

qtdbus4

kernel32

msvcrt

libgcc_s_dw2-1

libkdecore

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: 19KB - Virtual size: 18KB

.rdata Size: 7KB - Virtual size: 6KB

/4 Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 268B

.idata Size: 4KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

/14 Size: 1KB - Virtual size: 1KB

/29 Size: 3KB - Virtual size: 3KB

/45 Size: 71KB - Virtual size: 71KB

/57 Size: 11KB - Virtual size: 10KB

/71 Size: 12KB - Virtual size: 12KB

/83 Size: 4KB - Virtual size: 4KB

/96 Size: 2KB - Virtual size: 1KB

/107 Size: 25KB - Virtual size: 24KB

/118 Size: 6KB - Virtual size: 6KB

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 19KB - Virtual size: 18KB

.rdata
Size: 7KB - Virtual size: 6KB

/4
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 268B

.idata
Size: 4KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

/14
Size: 1KB - Virtual size: 1KB

/29
Size: 3KB - Virtual size: 3KB

/45
Size: 71KB - Virtual size: 71KB

/57
Size: 11KB - Virtual size: 10KB

/71
Size: 12KB - Virtual size: 12KB

/83
Size: 4KB - Virtual size: 4KB

/96
Size: 2KB - Virtual size: 1KB

/107
Size: 25KB - Virtual size: 24KB

/118
Size: 6KB - Virtual size: 6KB