ab2d6e7f8309df9646e77dd647d49b00_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab2d6e7f8309df9646e77dd647d49b00_JaffaCakes118
Size

165KB
MD5

ab2d6e7f8309df9646e77dd647d49b00
SHA1

54984739b23292a3fccf57f2e4ccec6f02033ff2
SHA256

2e6f9794a7033c21cc465aa0459356839613963b33c4e2514d4583de4fc21f7f
SHA512

a40f5d75705eb0c43e680ca9ac175f9edde40c3a979e4a28169b2c6f98d80e075e267de9ecc511bc3fede77e85431334aa5243e46e2ae6297a8df25da24ce115
SSDEEP

3072:UJfvZWjk3ystK+NlE9INX2BMm26nb6MrzNMa/HSF00J8uS22gF7TF8gdNa:yDK+NlEqNXkMm26nb///yeAOoF7TC1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab2d6e7f8309df9646e77dd647d49b00_JaffaCakes118

Files

ab2d6e7f8309df9646e77dd647d49b00_JaffaCakes118
.exe .pdf windows:4 windows x86 arch:x86 polyglot

6a11a4ccf0b3f861e942f4e00da781a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libgimpui-2.0-0

gimp_export_image
gimp_ui_init
gimp_window_set_transient

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

_getpid
__getmainargs
__p___argc
__p___argv
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_errno
_iob
_onexit
_setmode
atexit
ctime
fclose
fflush
fgets
fread
fseek
ftell
fwrite
getc
memcpy
memset
putc
signal
sscanf
strcmp
strlen
strncmp
strncpy
strrchr
strstr
time
ungetc

libgimp-2.0-0

gimp_display_new
gimp_drawable_detach
gimp_drawable_flush
gimp_drawable_get
gimp_drawable_get_image
gimp_drawable_get_name
gimp_drawable_has_alpha
gimp_drawable_set_name
gimp_drawable_type
gimp_image_add_layer
gimp_image_clean_all
gimp_image_delete
gimp_image_get_active_drawable
gimp_image_get_colormap
gimp_image_get_resolution
gimp_image_get_unit
gimp_image_height
gimp_image_new
gimp_image_set_colormap
gimp_image_set_filename
gimp_image_set_resolution
gimp_image_undo_disable
gimp_image_undo_enable
gimp_image_width
gimp_install_procedure
gimp_layer_new
gimp_layer_new_from_drawable
gimp_main
gimp_pixel_rgn_get_rect
gimp_pixel_rgn_get_row
gimp_pixel_rgn_init
gimp_pixel_rgn_set_rect
gimp_procedural_db_get_data
gimp_procedural_db_set_data
gimp_progress_init_printf
gimp_progress_update
gimp_register_file_handler_mime
gimp_register_magic_load_handler
gimp_register_save_handler
gimp_register_thumbnail_loader
gimp_tile_height

libgimpbase-2.0-0

gimp_filename_to_utf8
gimp_locale_directory
gimp_unit_get_factor

libgimpwidgets-2.0-0

gimp_dialog_get_type
gimp_dialog_new
gimp_dialog_run
gimp_double_adjustment_update
gimp_frame_new
gimp_help_set_help_data
gimp_int_adjustment_update
gimp_int_radio_group_new
gimp_page_selector_get_selected_range
gimp_page_selector_get_target
gimp_page_selector_get_type
gimp_page_selector_new
gimp_page_selector_select_all
gimp_page_selector_set_n_pages
gimp_page_selector_set_target
gimp_radio_button_update
gimp_spin_button_new
gimp_standard_help_func
gimp_table_attach_aligned
gimp_toggle_button_update

libglib-2.0-0

g_ascii_dtostr
g_ascii_strdown
g_error_free
g_file_error_from_errno
g_file_error_quark
g_fopen
g_free
g_get_tmp_dir_utf8
g_getenv_utf8
g_log
g_malloc
g_malloc0
g_path_get_basename
g_ptr_array_add
g_ptr_array_free
g_ptr_array_new
g_realloc
g_return_if_fail_warning
g_set_error
g_spawn_sync_utf8
g_strdup
g_strdup_printf
g_strerror
g_strfreev
g_unlink

libgobject-2.0-0

g_object_get_data
g_object_set_data
g_signal_connect_data
g_type_check_instance_cast

libgtk-win32-2.0-0

gtk_adjustment_get_type
gtk_adjustment_set_value
gtk_box_get_type
gtk_box_pack_start
gtk_check_button_new_with_label
gtk_check_button_new_with_mnemonic
gtk_combo_box_get_active
gtk_combo_box_get_type
gtk_combo_box_insert_text
gtk_combo_box_new_text
gtk_combo_box_set_active
gtk_container_add
gtk_container_get_type
gtk_container_set_border_width
gtk_dialog_get_type
gtk_dialog_set_alternative_button_order
gtk_entry_get_text
gtk_entry_get_type
gtk_entry_new
gtk_entry_set_text
gtk_hbox_new
gtk_spin_button_get_type
gtk_spin_button_get_value
gtk_spin_button_set_value
gtk_table_get_type
gtk_table_new
gtk_table_set_col_spacings
gtk_table_set_row_spacings
gtk_toggle_button_get_active
gtk_toggle_button_get_type
gtk_toggle_button_set_active
gtk_vbox_new
gtk_widget_destroy
gtk_widget_get_type
gtk_widget_set_sensitive
gtk_widget_set_size_request
gtk_widget_show
gtk_window_activate_default
gtk_window_get_type

intl

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_fprintf
libintl_gettext
libintl_sprintf
libintl_textdomain

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6a11a4ccf0b3f861e942f4e00da781a1

Headers

File Characteristics

Imports

libgimpui-2.0-0

kernel32

msvcrt

libgimp-2.0-0

libgimpbase-2.0-0

libgimpwidgets-2.0-0

libglib-2.0-0

libgobject-2.0-0

libgtk-win32-2.0-0

intl

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 512B - Virtual size: 272B

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: - Virtual size: 9KB

.idata Size: 7KB - Virtual size: 6KB

.sdata Size: 72KB - Virtual size: 72KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 512B - Virtual size: 272B

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: - Virtual size: 9KB

.idata
Size: 7KB - Virtual size: 6KB

.sdata
Size: 72KB - Virtual size: 72KB