dcf89c21f41294f4be0220c603d3b0b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dcf89c21f41294f4be0220c603d3b0b5_JaffaCakes118
Size

10KB
MD5

dcf89c21f41294f4be0220c603d3b0b5
SHA1

1b25ba8e1a1a6f39a028123f26fc228053d9bebf
SHA256

4ff192c311d3bdaa155e819fa0a5341fa3934b6a590971e30358c3f2a95022ba
SHA512

5f7187799e2abbf41768de2db26395f39665ab4dbc51e5d6d3ebffc8e9d987e445183b321c1de660b475716149f1860de2dfc02c477e656f7d733046eb6e795f
SSDEEP

192:XHNehbsym2EguQJJuLtVSh1hdzrRS/jSC3VW6KOY8EDo87:XHsblCXQfUtErLHRSbSkVkOdqz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcf89c21f41294f4be0220c603d3b0b5_JaffaCakes118

Files

dcf89c21f41294f4be0220c603d3b0b5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9ecbf41a233d1c76b32a62c28aaf9fdb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qtcore4

?reallocate@QVectorData@@SAPAU1@PAU1@HHH@Z
?qFree@@YAXPAX@Z
?qWinMain@@YAXPAUHINSTANCE__@@0PADHAAHAAV?$QVector@PAD@@@Z
?detach@QByteArray@@QAEXXZ
?toLocal8Bit@QString@@QBE?AVQByteArray@@XZ
?fromWCharArray@QString@@SA?AV1@PBGH@Z
?qMemSet@@YAPAXPAXHI@Z
?allocate@QVectorData@@SAPAU1@HH@Z
?qBadAlloc@@YAXXZ
?free@QVectorData@@SAXPAU1@H@Z
??1QPluginLoader@@UAE@XZ
??6@YA?AVQDebug@@V0@PBVQObject@@@Z
?instance@QPluginLoader@@QAEPAVQObject@@XZ
?currentPath@QDir@@SA?AVQString@@XZ
?qDebug@@YA?AVQDebug@@XZ
??6QDebug@@QAEAAV0@ABVQString@@@Z
??1QDebug@@QAE@XZ
?free@QString@@CAXPAUData@1@@Z
?fromAscii_helper@QString@@CAPAUData@1@PBDH@Z
??0QPluginLoader@@QAE@ABVQString@@PAVQObject@@@Z
?load@QPluginLoader@@QAE_NXZ
??6QDebug@@QAEAAV0@PBD@Z
??6QDebug@@QAEAAV0@_N@Z
?errorString@QPluginLoader@@QBE?AVQString@@XZ
??1QString@@QAE@XZ

qtgui4

??0QApplication@@QAE@AAHPAPADH@Z
??1QApplication@@UAE@XZ

msvcr100

__CxxFrameHandler3
_amsg_exit
__getmainargs
_cexit
_exit
memcpy
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_lock
_onexit
_except_handler4_common
_invoke_watson
_controlfp_s
_CxxThrowException
??3@YAXPAX@Z
_XcptFilter
__dllonexit

kernel32

InterlockedExchange
InterlockedCompareExchange
HeapSetInformation
Sleep
GetCommandLineW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EncodePointer
GetStartupInfoW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ecbf41a233d1c76b32a62c28aaf9fdb

Headers

DLL Characteristics

File Characteristics

Imports

qtcore4

qtgui4

msvcr100

kernel32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 956B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 1024B - Virtual size: 674B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 956B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1024B - Virtual size: 674B