c0567be275cd18f2cc7b2f304d08ac4e_JaffaCakes118

General

Target

c0567be275cd18f2cc7b2f304d08ac4e_JaffaCakes118
Size

16KB
MD5

c0567be275cd18f2cc7b2f304d08ac4e
SHA1

e7bbac2330faba64118c85deefcdb9588047c2b8
SHA256

0a36ea8c9ff4e4d2583e9555e8dab7c9123bd1e2e24c881d9f45bce3806a1ebd
SHA512

4037ff2374d1aad77a8225ac18b11e252ca47dac6efaa6e8af8eee35376b6f481b93a696c236f7402d21eef116b76d905b223e452d4f1993461808e1f2df3d1b
SSDEEP

192:JDN0P/PARnPeOjH+KaQ189mFJDAnhzgTpw3SlTtw7dTuNXYfAYP7ICH93mq:uPADCKaEVFJA1gTpw3SINgYfpP7IoD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0567be275cd18f2cc7b2f304d08ac4e_JaffaCakes118

Files

c0567be275cd18f2cc7b2f304d08ac4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

254c36f26eec7573b8c9e3e7dd48df2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

intl

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_textdomain

libgimp-2.0-0

gimp_drawable_flush
gimp_drawable_get
gimp_image_add_layer
gimp_image_new
gimp_image_set_filename
gimp_install_procedure
gimp_layer_new
gimp_main
gimp_pixel_rgn_init
gimp_pixel_rgn_set_rect
gimp_progress_init_printf
gimp_progress_update
gimp_quit
gimp_register_file_handler_mime
gimp_register_magic_load_handler
gimp_tile_height

libgimpbase-2.0-0

gimp_filename_to_utf8
gimp_locale_directory

libglib-2.0-0

g_free
g_log
g_malloc
g_malloc0
g_open
g_printerr
g_strerror
g_try_realloc

msvcrt

__getmainargs
__p___argc
__p___argv
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_onexit
_setmode
atexit
calloc
exit
memset
perror
signal
_close
_lseek
_read

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

254c36f26eec7573b8c9e3e7dd48df2e

Headers

File Characteristics

Imports

kernel32

intl

libgimp-2.0-0

libgimpbase-2.0-0

libglib-2.0-0

msvcrt

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 1024B - Virtual size: 688B

.bss Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 5KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 688B

.bss
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 5KB