96fef8f1b426bdbd359c37929ef3acb2_JaffaCakes118

General

Target

96fef8f1b426bdbd359c37929ef3acb2_JaffaCakes118
Size

109KB
MD5

96fef8f1b426bdbd359c37929ef3acb2
SHA1

6759ca2b2cb451199c22b4b79b016e93aa47e5ff
SHA256

c89263c5102a01f5d07dcdb619c5051b301a1c95225ad027f6b6c315a3abfbbf
SHA512

675506b12c599fe45df48b484c76b457122ff33312da578f418589cb1de124ec1a55fd7bf66972fb2739c29f729d1d31ca149b5b7aeaf6651f119643bacaf366
SSDEEP

3072:0+JDPQOyghA20lxr+oGCf8YY7ZiGNa9Elz/0hiTO:L5HyghA28pliiGNQElz4iy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96fef8f1b426bdbd359c37929ef3acb2_JaffaCakes118

Files

96fef8f1b426bdbd359c37929ef3acb2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7cf726c569d3be7879a83036c858c08c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gpteperf

PathProcessCommand
PifMgr_CloseProperties
SdbSetPermLayerKeys
ImmGetVirtualKey
ImmSetActiveContext
SdbReadBYTETag
ImmReSizeIMCC
CtfImmGenerateMessage
ImmDisableTextFrameService
SdbCreateMsiTransformFile
SdbReadDWORDTagRef
CtfAImmIsIME
PifMgr_SetProperties
SdbGetMsiPackageInformation
FreeIconList
CtfAImmActivate
SdbQueryDataEx
ImmRegisterClient
CtfImmIsCiceroEnabled
SdbEnumMsiTransforms
ImmIsIME
GetPermLayers
PrintersGetCommand_RunDLLA
ImmRequestMessageA
ILIsParent
RestartDialog
ImmProcessKey
OpenRegStream
RegenerateUserEnvironment
ImmLockImeDpi
SdbGetBinaryTagData
ExtractAssociatedIconA

kernel32

HeapSize
HeapCreate
GetProcessHeaps
LocalAlloc
WriteFileGather
RegisterWaitForInputIdle
DecodePointer
CreateFileA
WriteFileEx
GetModuleHandleA
GetSystemInfo
GetSystemTimeAsFileTime
EncodePointer
HeapReAlloc
GetThreadPriority
HeapQueryInformation
OpenThread
SetFilePointer
ReadFile
CreateFileMappingA
HeapFree
GetCurrentProcessId
WaitForMultipleObjects
FreeEnvironmentStringsA
MapViewOfFile
HeapAlloc
GetProcessHeap
SetThreadExecutionState
GetFileAttributesExA
GetEnvironmentStringsA
HeapDestroy
UnmapViewOfFile
GetFileTime

Sections

.text
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cf726c569d3be7879a83036c858c08c

Headers

DLL Characteristics

File Characteristics

Imports

gpteperf

kernel32

Sections

.text Size: 86KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 19KB - Virtual size: 20KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 86KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 1KB - Virtual size: 4KB