27bbea76ec20bd68847618aa11e2ba3a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27bbea76ec20bd68847618aa11e2ba3a_JaffaCakes118
Size

228KB
MD5

27bbea76ec20bd68847618aa11e2ba3a
SHA1

7c8dc35fe4565b66c7f1a2bf5297809f6e645d1e
SHA256

09eca5241c6b6556d14a1042ae058a788d7b91f2270e014f5b2068629bb3dd5a
SHA512

5713d0ca1692c0720ddac275535a9213f797ebd899961f3c7a1cdb951a1217a75d6979678c1b540f1d05bacca4c09fb80ca75e8f6c62614d9063281967be143f
SSDEEP

6144:d2zWqBKAG53lG3h3y7VrYoVPyrER2SEy5pp:kzD8j5IA2yPywRXEy5X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27bbea76ec20bd68847618aa11e2ba3a_JaffaCakes118

Files

27bbea76ec20bd68847618aa11e2ba3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f85bae2ce20c98360618afc642e2e956

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\ML\SAMSUNG\PCSuite Projects\NetworkingWizard\$$$\OpenEntry\Release\OpenEntry.pdb

Imports

kernel32

ConvertDefaultLocale
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GetCurrentThreadId
GetCurrentThread
SizeofResource
LockResource
LoadResource
CloseHandle
GetVersion
InterlockedIncrement
InterlockedDecrement
GlobalFree
GlobalUnlock
GlobalFlags
RaiseException
InitializeCriticalSection
DeleteCriticalSection
LocalAlloc
LocalFree
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetVersionExA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
SetErrorMode
ExitProcess
RtlUnwind
TerminateProcess
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
IsBadWritePtr
SetUnhandledExceptionFilter
GetOEMCP
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
LCMapStringA
SetStdHandle
EnumResourceLanguagesW
SetLastError
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
FreeLibrary
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
GetLastError
HeapAlloc
HeapFree

rasdlg

RasDialDlgW

comctl32

ord17

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantClear
VariantChangeType
VariantInit

advapi32

RegCloseKey

user32

AdjustWindowRectEx
GetMenu
GetClientRect
SetForegroundWindow
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetForegroundWindow
DestroyMenu
GetMenuCheckMarkDimensions
CallNextHookEx
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetParent
GetLastActivePopup
IsWindowEnabled
SetCursor
PostQuitMessage
ShowWindow
GetDlgItem
GetSystemMetrics
GetSysColorBrush
GetMenuItemID
GetSubMenu
GetSysColor
ReleaseDC
GetDC
UnhookWindowsHookEx
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetMenuItemCount
GetCapture
ClientToScreen
SetMenuItemBitmaps
GetFocus
GetMenuState
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
EnableMenuItem
CheckMenuItem

gdi32

DeleteObject
SaveDC
RestoreDC
GetClipBox
SetMapMode
SetTextColor
SetBkColor
GetDeviceCaps
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RectVisible
PtVisible
CreateBitmap

winspool.drv

ClosePrinter

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f85bae2ce20c98360618afc642e2e956

Headers

File Characteristics

PDB Paths

Imports

kernel32

rasdlg

comctl32

shlwapi

oleaut32

advapi32

user32

gdi32

winspool.drv

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 96KB - Virtual size: 96KB