Static task
static1
Behavioral task
behavioral1
Sample
f4811b370ca11cd3106c5a83ee790994_JaffaCakes118.exe
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral2
Sample
f4811b370ca11cd3106c5a83ee790994_JaffaCakes118.exe
Resource
win10v2004-20240412-en
windows10-2004-x64
General
-
Target
f4811b370ca11cd3106c5a83ee790994_JaffaCakes118
-
Size
245KB
-
MD5
f4811b370ca11cd3106c5a83ee790994
-
SHA1
f220488a2d6bf18ae405de655c0b02f886d31f07
-
SHA256
2342ed61024160dc070dee01437eec3f62c12d5e036d0ebfe6af1db7da2c4885
-
SHA512
02ec4797f6ee7d5c40852dd0bfe9777c572527208b48067f9b99a59da0254f10e606fb04dcc5409c65d6ebcac9325b004397e305228f401db2bc3c38daf03f75
-
SSDEEP
6144:NE/38R0UvEfOHXA8Qtf1fjvHRDNjuzb1tHjM5m7/9QQxO:NSMRhvEGHXARTzHRDNj819jWi9QQxO
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f4811b370ca11cd3106c5a83ee790994_JaffaCakes118
Files
-
f4811b370ca11cd3106c5a83ee790994_JaffaCakes118.exe windows:4 windows x86 arch:x86
89d09df6fd16166d49b5f78fad295f4a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
WaitForSingleObjectEx
GlobalUnfix
LocalHandle
SetEnvironmentVariableW
GetStringTypeA
SetConsoleScreenBufferSize
CreateRemoteThread
AddAtomW
SearchPathW
EnumCalendarInfoW
GetTimeFormatA
EnumResourceNamesW
EnumResourceLanguagesA
LocalUnlock
LocalAlloc
VirtualProtect
Heap32Next
GetNamedPipeHandleStateW
GetComputerNameW
GetDriveTypeA
CommConfigDialogW
WriteProfileSectionW
GetLocaleInfoA
lstrcat
SetVolumeLabelA
OutputDebugStringA
SetFileAttributesA
SetThreadIdealProcessor
HeapCreate
GetLocaleInfoW
GetDriveTypeW
DosDateTimeToFileTime
SetComputerNameA
GetSystemTimeAdjustment
SetEvent
GlobalReAlloc
LoadLibraryExA
GetTempPathW
GlobalHandle
CreateFileA
RtlMoveMemory
VirtualUnlock
lstrcatW
DefineDosDeviceW
ReadDirectoryChangesW
UnmapViewOfFile
GetDiskFreeSpaceExW
DeleteFileA
UnhandledExceptionFilter
lstrlenW
SetThreadExecutionState
lstrcmp
FindResourceA
GlobalLock
WriteProfileStringW
WriteConsoleA
GetFileAttributesA
WriteProcessMemory
DefineDosDeviceA
SetCurrentDirectoryW
CreateThread
FindFirstChangeNotificationW
GetConsoleCursorInfo
Heap32First
SetThreadContext
EnumDateFormatsExA
GetFileAttributesExA
FillConsoleOutputCharacterA
GetCurrentDirectoryW
IsValidLocale
FindAtomA
FoldStringA
FileTimeToDosDateTime
UnlockFileEx
WriteConsoleInputA
EnumSystemCodePagesA
MapViewOfFile
GetLongPathNameA
CreateProcessA
SignalObjectAndWait
GetTimeFormatW
Heap32ListNext
CreateMailslotA
GetFileType
GetNumberOfConsoleInputEvents
GetPriorityClass
GetCurrentThread
lstrcpy
ReadConsoleA
DebugBreak
GetVersionExW
GetConsoleMode
DuplicateHandle
LoadModule
OpenProcess
ReadConsoleOutputCharacterA
LocalFileTimeToFileTime
PeekConsoleInputA
UnlockFile
GetProfileStringW
FindNextFileW
ReadFileEx
ExitThread
HeapCompact
CreateTapePartition
GetEnvironmentVariableW
GetSystemTime
FindResourceExW
HeapUnlock
GetProfileIntW
GetProcessShutdownParameters
BeginUpdateResourceA
InterlockedDecrement
SetThreadPriority
GetEnvironmentVariableA
CloseHandle
SetLocaleInfoW
OpenSemaphoreW
FlushConsoleInputBuffer
OpenWaitableTimerA
FindAtomW
GetCalendarInfoA
FindResourceExA
GlobalAddAtomW
LoadLibraryW
SetConsoleTitleA
EnumCalendarInfoExW
EnumResourceTypesW
WriteFileEx
WriteFileGather
GetVersionExA
RtlFillMemory
SetComputerNameW
lstrcpyW
ReadProcessMemory
lstrcpynA
GetCommandLineA
SetSystemTime
Sleep
GetCurrencyFormatA
lstrcmpW
GetPrivateProfileSectionW
lstrlenA
GetProfileStringA
GetPrivateProfileIntW
lstrcmpiW
lstrcpyn
ConvertDefaultLocale
UpdateResourceA
GetShortPathNameW
SetThreadAffinityMask
MoveFileExW
GetDiskFreeSpaceA
ReadConsoleOutputCharacterW
GetFullPathNameW
GetLogicalDriveStringsW
MoveFileW
CreateMutexA
ReleaseMutex
Thread32First
MultiByteToWideChar
GetLastError
ReadFileScatter
SetCurrentDirectoryA
Toolhelp32ReadProcessMemory
SetEndOfFile
ExpandEnvironmentStringsA
FindFirstChangeNotificationA
GetThreadContext
FlushViewOfFile
GlobalFree
GetStringTypeExW
FlushInstructionCache
EnumCalendarInfoExA
SetWaitableTimer
SetConsoleCP
SetConsoleWindowInfo
InitializeCriticalSectionAndSpinCount
GlobalWire
CreateDirectoryW
CreateToolhelp32Snapshot
CreateNamedPipeW
GetCompressedFileSizeA
SetConsoleCtrlHandler
LocalFree
EnumResourceTypesA
SleepEx
GetCommandLineW
EnumDateFormatsW
FindResourceW
FindFirstFileExA
SuspendThread
SetFileTime
lstrcatA
GetAtomNameA
GetFileSize
DeleteFiber
OpenEventW
CreateDirectoryExA
InitializeCriticalSection
WritePrivateProfileStringW
GetConsoleTitleA
WriteConsoleOutputA
lstrcmpi
EscapeCommFunction
GetPrivateProfileStructW
CreateWaitableTimerW
GetShortPathNameA
GetFileAttributesW
GetDiskFreeSpaceW
Module32First
GetSystemDefaultLangID
FormatMessageA
DeviceIoControl
RemoveDirectoryA
Module32Next
VirtualQueryEx
WritePrivateProfileStructA
SetConsoleMode
BeginUpdateResourceW
CreatePipe
DeleteAtom
GetACP
GlobalFindAtomW
SetConsoleCursorPosition
FillConsoleOutputAttribute
FoldStringW
GetExitCodeProcess
GetVolumeInformationW
FileTimeToSystemTime
GetStartupInfoA
OutputDebugStringW
GetModuleFileNameW
UpdateResourceW
GetMailslotInfo
EnumResourceLanguagesW
GetStartupInfoW
IsValidCodePage
ReadConsoleW
TlsSetValue
SetThreadLocale
GetStringTypeExA
SetConsoleActiveScreenBuffer
GlobalFix
EnumCalendarInfoA
FindNextFileA
DisableThreadLibraryCalls
GetSystemInfo
GetProfileSectionW
EnumSystemLocalesA
WaitNamedPipeW
CreateNamedPipeA
lstrcpynW
SearchPathA
GetSystemPowerStatus
ReadConsoleInputA
DeleteFileW
GetProfileIntA
FreeEnvironmentStringsW
LocalCompact
SetFileAttributesW
GetTempPathA
CreateProcessW
CreateFileMappingA
GetModuleHandleW
lstrcmpA
GetStringTypeW
SetCriticalSectionSpinCount
GetLocalTime
GlobalFlags
FormatMessageW
TlsAlloc
GetNamedPipeHandleStateA
GetSystemDirectoryW
EnumTimeFormatsW
CreateFileMappingW
SetConsoleOutputCP
GlobalGetAtomNameW
GetVersion
ReadConsoleOutputW
MoveFileExA
HeapWalk
GetVolumeInformationA
TlsFree
WriteConsoleW
GetLogicalDrives
GetEnvironmentStringsW
WriteProfileStringA
SetThreadPriorityBoost
SystemTimeToTzSpecificLocalTime
CreateConsoleScreenBuffer
OpenFile
EnumSystemCodePagesW
MoveFileA
LocalShrink
lstrlen
GetProcAddress
TransmitCommChar
SetConsoleTitleW
VirtualFree
ResetWriteWatch
GetFileAttributesExW
GetAtomNameW
ConnectNamedPipe
GlobalAlloc
AddAtomA
FindCloseChangeNotification
TerminateThread
GetNumberOfConsoleMouseButtons
CompareFileTime
WriteConsoleInputW
GetSystemDirectoryA
GetThreadTimes
PulseEvent
FindFirstFileExW
ContinueDebugEvent
ExpandEnvironmentStringsW
HeapDestroy
CopyFileA
GetProcessPriorityBoost
DeleteCriticalSection
FlushFileBuffers
RtlZeroMemory
LocalLock
GlobalUnlock
RemoveDirectoryW
ReadFile
GlobalSize
LoadLibraryExW
ResetEvent
GetConsoleOutputCP
GetProcessVersion
GlobalMemoryStatus
LoadResource
CreateMailslotW
TryEnterCriticalSection
GetProcessHeap
ResumeThread
HeapLock
FillConsoleOutputCharacterW
GlobalAddAtomA
GlobalGetAtomNameA
HeapSize
GetConsoleTitleW
LocalSize
WaitForSingleObject
GetPrivateProfileSectionNamesW
GetWindowsDirectoryW
LockFile
WinExec
IsDebuggerPresent
GetSystemDefaultLCID
GlobalDeleteAtom
GetConsoleScreenBufferInfo
ReleaseSemaphore
GetTempFileNameA
SetPriorityClass
WriteFile
GetStdHandle
GetPrivateProfileStringA
FindFirstFileA
DebugActiveProcess
GetTempFileNameW
SetLocaleInfoA
MulDiv
SetLocalTime
GetExitCodeThread
GetLongPathNameW
WideCharToMultiByte
WriteConsoleOutputCharacterW
ReadConsoleInputW
WritePrivateProfileSectionA
GetPrivateProfileStringW
GetLogicalDriveStringsA
LockFileEx
GetFileTime
WaitForMultipleObjects
HeapValidate
CreateEventA
WritePrivateProfileStringA
WritePrivateProfileSectionW
VirtualLock
FindFirstFileW
OpenFileMappingW
FreeResource
GetFileInformationByHandle
Heap32ListFirst
GetThreadPriority
OpenSemaphoreA
OpenFileMappingA
LocalReAlloc
CopyFileExA
CreateDirectoryExW
ReadConsoleOutputA
WaitCommEvent
GetDateFormatW
GetLargestConsoleWindowSize
CreateMutexW
DisconnectNamedPipe
GetCalendarInfoW
Thread32Next
WaitNamedPipeA
TlsGetValue
EnumDateFormatsA
GetCompressedFileSizeW
CommConfigDialogA
lstrcpyA
WriteConsoleOutputAttribute
WriteConsoleOutputW
GetCurrencyFormatW
GetHandleInformation
SetConsoleTextAttribute
GetThreadSelectorEntry
FindNextChangeNotification
InitAtomTable
OpenMutexW
FreeEnvironmentStringsA
LocalFlags
ReadConsoleOutputAttribute
SetLastError
EnumSystemLocalesW
GetTimeZoneInformation
SetTimeZoneInformation
CreateSemaphoreW
EnterCriticalSection
FileTimeToLocalFileTime
WriteConsoleOutputCharacterA
InterlockedCompareExchange
GetUserDefaultLCID
GetDiskFreeSpaceExA
GetConsoleCP
GetQueuedCompletionStatus
GetPrivateProfileSectionNamesA
GetPrivateProfileStructA
GetPrivateProfileSectionA
LeaveCriticalSection
GlobalUnWire
FreeLibrary
GetNumberFormatW
comdlg32
ReplaceTextW
GetFileTitleA
ChooseColorA
FindTextA
PrintDlgA
PageSetupDlgW
ReplaceTextA
ChooseFontA
PrintDlgW
GetSaveFileNameA
GetOpenFileNameA
GetSaveFileNameW
LoadAlterBitmap
GetOpenFileNameW
shell32
SHGetDataFromIDListW
SHGetMalloc
SHGetSpecialFolderPathA
ShellExecuteW
FreeIconList
DragQueryFileAorW
SHAppBarMessage
ShellExecuteExA
FindExecutableA
CommandLineToArgvW
ExtractIconA
RealShellExecuteExA
ShellExecuteEx
SHGetDesktopFolder
SHFreeNameMappings
ShellAboutW
FindExecutableW
ShellExecuteExW
SHGetPathFromIDList
SHBrowseForFolderA
ExtractAssociatedIconA
SHBrowseForFolderW
SHQueryRecycleBinA
SheGetDirA
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetPathFromIDListA
RealShellExecuteA
ExtractIconExA
ExtractAssociatedIconW
ExtractAssociatedIconExA
SheSetCurDrive
ExtractAssociatedIconExW
SHFormatDrive
DoEnvironmentSubstW
gdi32
GetPolyFillMode
ExtTextOutW
GetCharacterPlacementW
GetLogColorSpaceW
PolyBezier
GetKerningPairs
GdiGetBatchLimit
GetSystemPaletteEntries
PathToRegion
CreateFontIndirectA
GetCharABCWidthsFloatA
GetClipRgn
IntersectClipRect
GetCharABCWidthsW
GetViewportOrgEx
DescribePixelFormat
PtInRegion
GetDeviceCaps
GetTextExtentPointA
GetRegionData
GetObjectW
CreateEnhMetaFileA
GetPixelFormat
GetCharWidth32A
GetEnhMetaFileDescriptionW
RectInRegion
CreateScalableFontResourceA
SetMagicColors
GetDIBColorTable
SetAbortProc
LineDDA
MoveToEx
TranslateCharsetInfo
gdiPlaySpoolStream
ResetDCW
Rectangle
StartDocA
PolyBezierTo
SetViewportExtEx
ExtCreateRegion
DeleteMetaFile
TextOutW
GetCharWidthFloatW
EnumObjects
GetTextExtentExPointW
SaveDC
GetCharWidthFloatA
UpdateICMRegKeyA
SetPaletteEntries
CreateDCW
Polygon
Ellipse
GetTextColor
DeviceCapabilitiesExA
PolyPolyline
PaintRgn
ResizePalette
GetTextAlign
GetPixel
OffsetRgn
wininet
FindNextUrlCacheContainerA
InternetGetCertByURLA
FtpOpenFileA
FtpDeleteFileA
InternetSetOptionExA
FtpGetCurrentDirectoryA
InternetGetConnectedStateEx
FindFirstUrlCacheEntryA
InternetCheckConnectionW
InternetShowSecurityInfoByURLA
DeleteUrlCacheEntryW
InternetOpenW
InternetErrorDlg
InternetCloseHandle
UnlockUrlCacheEntryFile
SetUrlCacheEntryGroup
InternetWriteFileExA
InternetGetConnectedStateExA
RetrieveUrlCacheEntryStreamA
FtpDeleteFileW
SetUrlCacheEntryInfoA
FtpSetCurrentDirectoryW
InternetOpenA
InternetLockRequestFile
InternetReadFileExW
CreateUrlCacheGroup
InternetQueryFortezzaStatus
DeleteUrlCacheEntryA
InternetQueryDataAvailable
InternetConfirmZoneCrossing
GopherGetLocatorTypeA
RetrieveUrlCacheEntryStreamW
FtpGetFileA
DetectAutoProxyUrl
InternetAttemptConnect
InternetTimeToSystemTimeW
HttpSendRequestW
InternetTimeFromSystemTime
FtpGetFileEx
CreateUrlCacheEntryA
GopherCreateLocatorW
FindNextUrlCacheEntryExW
FtpPutFileEx
InternetTimeToSystemTime
HttpSendRequestExA
GopherGetAttributeW
InternetTimeFromSystemTimeA
FtpRemoveDirectoryW
InternetTimeFromSystemTimeW
InternetGoOnline
HttpAddRequestHeadersW
CreateUrlCacheContainerA
FindFirstUrlCacheGroup
InternetUnlockRequestFile
FtpSetCurrentDirectoryA
DeleteUrlCacheContainerW
GopherFindFirstFileW
FindNextUrlCacheEntryW
SetUrlCacheHeaderData
FindFirstUrlCacheEntryExW
FtpRenameFileW
InternetSetDialState
GopherFindFirstFileA
GetUrlCacheEntryInfoW
SetUrlCacheGroupAttributeA
IncrementUrlCacheHeaderData
InternetAutodial
ShowClientAuthCerts
InternetCombineUrlA
InternetAlgIdToStringW
InternetFortezzaCommand
InternetDial
DeleteUrlCacheGroup
GopherGetLocatorTypeW
DeleteIE3Cache
InternetCrackUrlW
RetrieveUrlCacheEntryFileA
IsUrlCacheEntryExpiredA
FtpPutFileW
InternetGetConnectedStateExW
InternetReadFile
LoadUrlCacheContent
HttpCheckDavCompliance
InternetSetOptionExW
GetUrlCacheGroupAttributeW
FindNextUrlCacheEntryA
SetUrlCacheEntryGroupA
UrlZonesDetach
UnlockUrlCacheEntryStream
InternetSetCookieA
InternetInitializeAutoProxyDll
InternetSecurityProtocolToStringA
GopherGetAttributeA
InternetHangUp
InternetGetCookieA
GetUrlCacheEntryInfoA
InternetGoOnlineW
InternetSetOptionW
GopherOpenFileW
FtpRemoveDirectoryA
InternetShowSecurityInfoByURLW
HttpSendRequestA
FtpFindFirstFileW
FtpCreateDirectoryA
InternetSetFilePointer
FindFirstUrlCacheEntryExA
InternetSetOptionA
UnlockUrlCacheEntryFileA
CreateUrlCacheContainerW
FtpFindFirstFileA
InternetAlgIdToStringA
DeleteUrlCacheContainerA
InternetOpenUrlA
FindFirstUrlCacheContainerW
UnlockUrlCacheEntryFileW
FindFirstUrlCacheContainerA
SetUrlCacheEntryGroupW
FindCloseUrlCache
HttpQueryInfoW
InternetCreateUrlW
InternetCanonicalizeUrlW
InternetGoOnlineA
IsUrlCacheEntryExpiredW
InternetSetDialStateW
InternetCanonicalizeUrlA
HttpOpenRequestW
InternetShowSecurityInfoByURL
InternetFindNextFileW
InternetCombineUrlW
InternetDialA
FtpGetFileSize
ResumeSuspendedDownload
InternetSetDialStateA
HttpAddRequestHeadersA
FtpCommandA
GetUrlCacheEntryInfoExW
InternetConfirmZoneCrossingW
GopherOpenFileA
InternetConnectW
IsHostInProxyBypassList
HttpSendRequestExW
InternetWriteFile
RetrieveUrlCacheEntryFileW
GetUrlCacheConfigInfoA
InternetGetCertByURL
InternetGetLastResponseInfoA
GetUrlCacheEntryInfoExA
HttpEndRequestA
FtpCommandW
SetUrlCacheConfigInfoW
FtpGetCurrentDirectoryW
CommitUrlCacheEntryW
InternetOpenUrlW
InternetTimeToSystemTimeA
CreateUrlCacheEntryW
GetUrlCacheGroupAttributeA
HttpQueryInfoA
HttpEndRequestW
UpdateUrlCacheContentPath
InternetCreateUrlA
FtpCreateDirectoryW
ShowSecurityInfo
CommitUrlCacheEntryA
FindNextUrlCacheGroup
SetUrlCacheConfigInfoA
InternetAutodialHangup
FindNextUrlCacheContainerW
RunOnceUrlCache
SetUrlCacheGroupAttributeW
FtpGetFileW
InternetWriteFileExW
ShowCertificate
FtpRenameFileA
InternetGetConnectedState
ReadUrlCacheEntryStream
SetUrlCacheEntryInfoW
RegisterUrlCacheNotification
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryExA
InternetConnectA
InternetReadFileExA
InternetConfirmZoneCrossingA
GetUrlCacheConfigInfoW
InternetQueryOptionA
FreeUrlCacheSpaceW
InternetCrackUrlA
GopherCreateLocatorA
InternetCheckConnectionA
InternetSecurityProtocolToStringW
InternetQueryOptionW
InternetFindNextFileA
HttpOpenRequestA
FreeUrlCacheSpaceA
FtpPutFileA
GetUrlCacheHeaderData
InternetGetCookieW
InternetDialW
Sections
.text Size: 125KB - Virtual size: 125KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 102KB - Virtual size: 101KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ