d2eb7674f16a6d630d51e92e0320025d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d2eb7674f16a6d630d51e92e0320025d_JaffaCakes118
Size

76KB
MD5

d2eb7674f16a6d630d51e92e0320025d
SHA1

6e426180f3b41796e6a1565011d0e32f0b4f4891
SHA256

81434c9f5d31703a38503f0ce179a30a7fe1baf8a347588a621ecbd55f261ecb
SHA512

6712bba4b8d2b3f92cbc4b92373d151e6291cef14d600cf13bfec244dd383a6b6aa1da40b92401eff564688bd371da3ddf9ca6bce4a9aeb50032949128cc61bb
SSDEEP

1536:pRW9G/SVXQ/58oPBFpFZxsj2EpBWyt8onEEkYyhPbwkT3ST472OKgN:pRWcSVXQB8oPj/wL0m8ondTwST4aOKgN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2eb7674f16a6d630d51e92e0320025d_JaffaCakes118

Files

d2eb7674f16a6d630d51e92e0320025d_JaffaCakes118
.dll .ps1 windows:5 windows x86 arch:x86 polyglot

ed16fbf3e28bb5b0c47288d8d4bf8f18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

qtcore4

?append2@QListData@@QAEPAPAXABU1@@Z
?append@QListData@@QAEPAPAXXZ
?detach@QListData@@QAEPAUData@1@H@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?qFree@@YAXPAX@Z
?changeGuard@QMetaObject@@SAXPAPAVQObject@@PAV2@@Z
?removeGuard@QMetaObject@@SAXPAPAVQObject@@@Z
?shared_null@QListData@@2UData@1@A
??1QTextCodec@@MAE@XZ
??0QTextCodec@@IAE@XZ
??1QTextCodecPlugin@@UAE@XZ
?create@QTextCodecPlugin@@EAEPAVQTextCodec@@ABVQString@@@Z
?keys@QTextCodecPlugin@@EBE?AVQStringList@@XZ
?disconnectNotify@QObject@@MAEXPBD@Z
?connectNotify@QObject@@MAEXPBD@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?qt_metacall@QTextCodecPlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QTextCodecPlugin@@UAEPAXPBD@Z
?metaObject@QTextCodecPlugin@@UBEPBUQMetaObject@@XZ
??0QTextCodecPlugin@@QAE@PAVQObject@@@Z
?shared_null@QByteArray@@0UData@1@A
?resize@QByteArray@@QAEXH@Z
?detach@QByteArray@@QAEXXZ
??1QByteArray@@QAE@XZ
?shared_null@QString@@0UData@1@A
??YQString@@QAEAAV0@VQChar@@@Z
??0QChar@@QAE@UQLatin1Char@@@Z
??1QString@@QAE@XZ
??0QByteArray@@QAE@PBD@Z

msvcr90

__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
__CxxFrameHandler3
??3@YAXPAX@Z
memcpy
_CxxThrowException
??2@YAPAXI@Z
_unlock

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

qt_plugin_instance
qt_plugin_query_verification_data

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed16fbf3e28bb5b0c47288d8d4bf8f18

Headers

DLL Characteristics

File Characteristics

Imports

qtcore4

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB