Static task
static1
Behavioral task
behavioral1
Sample
f37a13624ce7e4ce386d64f2698d1b16_JaffaCakes118.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
f37a13624ce7e4ce386d64f2698d1b16_JaffaCakes118.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
f37a13624ce7e4ce386d64f2698d1b16_JaffaCakes118
-
Size
415KB
-
MD5
f37a13624ce7e4ce386d64f2698d1b16
-
SHA1
27e82aaa3c56f3a3074100b42628c21f2931ec3b
-
SHA256
d4d0bd5054747a54779679c7aeacad8862b724abd1934694153fbc4fd1822351
-
SHA512
eadb4b013f8aaef92999fce1b3d6f3bab9e3cf59888667fdcf7dd5ca92468a40f43f2fb6dfcd9ddb428f472ac3c9740ed8a4ecd541199fc88cddb72022e52806
-
SSDEEP
12288:OjqlSoT+miswN6BbYx5YUByqpVNN/4dKNsEn:NSoTisxBUBdpxiK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f37a13624ce7e4ce386d64f2698d1b16_JaffaCakes118
Files
-
f37a13624ce7e4ce386d64f2698d1b16_JaffaCakes118.exe windows:4 windows x86 arch:x86
2f189877fde4002ec7978791e1709ffc
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
WaitNamedPipeA
GetWriteWatch
MultiByteToWideChar
FindNextFileA
GetLogicalDriveStringsA
DeleteFileA
FindResourceExW
FindResourceW
GlobalAddAtomW
GetDiskFreeSpaceExW
DisableThreadLibraryCalls
GetLargestConsoleWindowSize
Heap32Next
GetProfileIntA
EnumResourceTypesW
GetThreadContext
ReadProcessMemory
EnumTimeFormatsA
CreateNamedPipeA
lstrcmp
GetProcessTimes
GetEnvironmentVariableW
GlobalUnfix
GetFileAttributesExW
CreateSemaphoreW
GetWindowsDirectoryW
VirtualFree
lstrcpynA
SetEndOfFile
lstrlen
GetPrivateProfileStringW
EscapeCommFunction
WriteConsoleA
GetThreadLocale
FileTimeToSystemTime
LeaveCriticalSection
GetConsoleTitleA
CreateDirectoryExA
GetVersionExA
MapViewOfFile
Process32Next
SetConsoleOutputCP
SetThreadContext
GetFullPathNameW
lstrcatW
FillConsoleOutputAttribute
GetExitCodeThread
EnumCalendarInfoExA
SetFilePointer
Thread32Next
WriteProfileStringA
SetConsoleWindowInfo
GetVersionExW
SetThreadExecutionState
GetTempPathA
WaitForSingleObject
GetProcessPriorityBoost
GetProcessHeaps
ConnectNamedPipe
ReadConsoleA
GetUserDefaultLCID
CreateWaitableTimerW
SetLocaleInfoW
LocalAlloc
GetAtomNameW
VirtualProtect
GlobalUnWire
SuspendThread
GlobalSize
LocalCompact
SetConsoleActiveScreenBuffer
GetTempFileNameA
GetStringTypeA
EnumResourceNamesA
GetSystemInfo
FindNextFileW
CreateWaitableTimerA
WriteConsoleOutputCharacterA
Heap32ListFirst
GetThreadPriority
FlushInstructionCache
SetConsoleCursorInfo
FindNextChangeNotification
GlobalGetAtomNameW
OpenFileMappingA
GetLongPathNameW
EnumTimeFormatsW
SetConsoleCursorPosition
SetCurrentDirectoryW
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
ReadConsoleOutputW
OpenFileMappingW
OpenMutexA
SetConsoleTextAttribute
SetLocalTime
FindClose
WritePrivateProfileStringW
TlsFree
ConvertDefaultLocale
GetFullPathNameA
SetThreadIdealProcessor
GetEnvironmentVariableA
OpenSemaphoreA
PeekConsoleInputW
GetCompressedFileSizeA
FreeEnvironmentStringsW
GetPrivateProfileStringA
ExpandEnvironmentStringsW
LoadLibraryExW
FindAtomA
ReadConsoleInputA
WaitForDebugEvent
GetThreadTimes
MoveFileA
EnumSystemLocalesW
GetDriveTypeW
GetLongPathNameA
ExpandEnvironmentStringsA
Thread32First
GetPrivateProfileIntW
GetProfileIntW
GetPrivateProfileStructW
ResetWriteWatch
HeapWalk
LocalFlags
ExitThread
GetHandleInformation
ReadConsoleOutputCharacterA
WriteProfileStringW
SetFileTime
GetCurrentDirectoryW
FillConsoleOutputCharacterA
GetConsoleCursorInfo
FindCloseChangeNotification
GetProfileStringW
GetProcessVersion
Heap32ListNext
SetConsoleCtrlHandler
GetFileAttributesW
FindFirstFileExW
GetEnvironmentStrings
SearchPathW
CommConfigDialogA
GetMailslotInfo
CompareFileTime
lstrcmpA
CreateToolhelp32Snapshot
FindResourceA
Module32Next
GetCalendarInfoW
GetWindowsDirectoryA
GetPrivateProfileStructA
GetExitCodeProcess
GetSystemPowerStatus
ReadFile
DebugBreak
GetConsoleCP
GetCompressedFileSizeW
SearchPathA
CreateNamedPipeW
SetConsoleScreenBufferSize
GetFileTime
WritePrivateProfileSectionW
VirtualProtectEx
EnumCalendarInfoA
GetTimeFormatW
SetHandleCount
HeapSize
CreateRemoteThread
GlobalWire
lstrcpynW
GetAtomNameA
DebugActiveProcess
LoadModule
GetProcAddress
GetNumberFormatA
GetEnvironmentStringsA
RemoveDirectoryW
GetSystemDefaultLangID
GlobalAddAtomA
CreateEventW
FreeLibraryAndExitThread
UnhandledExceptionFilter
EnumDateFormatsExA
GetPrivateProfileIntA
ContinueDebugEvent
WaitForSingleObjectEx
DuplicateHandle
AllocConsole
SetWaitableTimer
MoveFileW
GetThreadPriorityBoost
ReleaseSemaphore
GlobalFlags
lstrlenW
Toolhelp32ReadProcessMemory
MulDiv
ReadConsoleOutputAttribute
CreatePipe
GetNamedPipeInfo
FreeLibrary
WaitNamedPipeW
InitializeCriticalSection
CreateFileMappingA
lstrcmpi
GetPrivateProfileSectionNamesA
DeleteFiber
GetConsoleTitleW
GetACP
SetEnvironmentVariableA
LocalLock
HeapCompact
SetEvent
OpenWaitableTimerA
SetTimeZoneInformation
CopyFileA
GetProcessAffinityMask
SetComputerNameA
FlushConsoleInputBuffer
GlobalCompact
GetNamedPipeHandleStateW
GetTempPathW
Module32First
GetSystemDirectoryW
MoveFileExW
WriteConsoleW
OpenFile
GetProfileStringA
RtlZeroMemory
GetProfileSectionA
TlsSetValue
SetComputerNameW
GetThreadSelectorEntry
FindFirstFileExA
SetSystemTime
ResetEvent
RemoveDirectoryA
GetStartupInfoW
CloseHandle
GetLocalTime
GlobalUnlock
OpenSemaphoreW
GetComputerNameA
FindFirstChangeNotificationA
RtlFillMemory
SetEnvironmentVariableW
DisconnectNamedPipe
EnumDateFormatsA
ReadFileScatter
WriteProfileSectionA
FoldStringA
VirtualQueryEx
FreeEnvironmentStringsA
TlsAlloc
GetPriorityClass
GetCurrentDirectoryA
GetSystemTime
FlushViewOfFile
GetCommandLineA
GetCurrencyFormatW
EnumResourceTypesA
InterlockedCompareExchange
ReleaseMutex
GetDateFormatW
SetSystemTimeAdjustment
GetNumberOfConsoleMouseButtons
LocalSize
lstrcpyW
CreateSemaphoreA
GlobalHandle
EnumSystemCodePagesW
EnumCalendarInfoW
GlobalMemoryStatus
WriteFileEx
FormatMessageW
VirtualAllocEx
lstrcmpiW
TerminateThread
GetDriveTypeA
OutputDebugStringA
SetFileAttributesW
PeekNamedPipe
MoveFileExA
lstrlenA
GetProcessHeap
GlobalFree
lstrcatA
WinExec
SetCurrentDirectoryA
GetVersion
GlobalFix
GetStringTypeExA
DeleteFileW
GetModuleFileNameW
GetNumberOfConsoleInputEvents
GlobalAlloc
EnumSystemLocalesA
GetConsoleScreenBufferInfo
LocalHandle
CreateDirectoryW
VirtualUnlock
EnumResourceNamesW
SetPriorityClass
GetNamedPipeHandleStateA
GetShortPathNameW
FoldStringW
GetDiskFreeSpaceExA
GetShortPathNameA
WriteProcessMemory
CompareStringA
FileTimeToLocalFileTime
GetVolumeInformationA
FormatMessageA
SetThreadPriorityBoost
CreateThread
WaitForMultipleObjects
GetFileType
Sleep
UnlockFile
WriteConsoleOutputA
FindAtomW
SetThreadPriority
Heap32First
CopyFileExA
LocalUnlock
SetLocaleInfoA
CreateProcessA
WriteFile
UnlockFileEx
FreeConsole
AddAtomA
EnumResourceLanguagesA
DefineDosDeviceW
GetLogicalDrives
WriteConsoleInputA
GetDiskFreeSpaceW
GetNumberFormatW
GlobalGetAtomNameA
GetPrivateProfileSectionA
GetQueuedCompletionStatus
SetThreadAffinityMask
GetLocaleInfoW
OpenWaitableTimerW
DosDateTimeToFileTime
PulseEvent
TransactNamedPipe
GetVolumeInformationW
SetConsoleCP
HeapCreate
EnumCalendarInfoExW
GetEnvironmentStringsW
DeleteAtom
SetConsoleTitleA
WriteProfileSectionW
WriteConsoleOutputAttribute
CreateTapePartition
GetLastError
WritePrivateProfileStructA
HeapLock
GetFileAttributesA
SetThreadLocale
InterlockedExchangeAdd
SetCriticalSectionSpinCount
GetDateFormatA
ReadConsoleInputW
IsValidLocale
OpenMutexW
GetCommandLineW
FindFirstFileA
OpenEventW
EnumSystemCodePagesA
GetSystemDirectoryA
GetCalendarInfoA
WritePrivateProfileSectionA
EnumDateFormatsW
comdlg32
GetOpenFileNameA
GetFileTitleA
GetOpenFileNameW
ChooseFontW
ChooseColorW
ChooseFontA
PageSetupDlgA
GetSaveFileNameW
PrintDlgW
shell32
SheSetCurDrive
SHGetSpecialFolderLocation
SHQueryRecycleBinA
ShellAboutA
SHFileOperation
SHGetDataFromIDListW
DragAcceptFiles
DragQueryPoint
DragQueryFileA
SHGetPathFromIDListW
ExtractIconEx
SHGetFileInfoA
SHBrowseForFolderA
SHGetDataFromIDListA
SHGetMalloc
SHAppBarMessage
RealShellExecuteExA
ShellExecuteExW
SHBrowseForFolderW
SHFreeNameMappings
SheChangeDirA
FindExecutableA
RealShellExecuteExW
ExtractIconExA
SHFormatDrive
advapi32
RegDeleteValueA
CryptEnumProvidersA
CryptContextAddRef
RegSaveKeyA
RegQueryValueExA
LookupPrivilegeNameW
StartServiceA
LookupPrivilegeValueW
LookupPrivilegeValueA
CryptVerifySignatureA
CryptDeriveKey
LookupAccountNameA
RegDeleteKeyA
CryptEnumProviderTypesA
RegOpenKeyA
RegEnumKeyExA
CryptGetProvParam
RegOpenKeyExW
LookupPrivilegeDisplayNameA
RevertToSelf
CryptGetDefaultProviderW
InitiateSystemShutdownA
RegCreateKeyExW
RegOpenKeyW
CryptGetKeyParam
RegRestoreKeyA
StartServiceW
RegQueryMultipleValuesA
CryptSetProviderW
wininet
DeleteUrlCacheContainerW
InternetDialA
InternetTimeToSystemTimeW
CommitUrlCacheEntryA
InternetQueryDataAvailable
FindNextUrlCacheEntryA
InternetWriteFile
InternetSecurityProtocolToStringA
GopherCreateLocatorW
HttpSendRequestExW
HttpCheckDavCompliance
InternetCombineUrlA
HttpAddRequestHeadersA
DeleteUrlCacheEntryW
FtpDeleteFileA
GetUrlCacheConfigInfoW
RetrieveUrlCacheEntryFileW
IsUrlCacheEntryExpiredW
InternetConfirmZoneCrossing
InternetSetOptionA
FtpFindFirstFileW
InternetCloseHandle
FindFirstUrlCacheContainerA
FtpPutFileW
InternetFortezzaCommand
GopherGetAttributeA
RetrieveUrlCacheEntryStreamW
CreateUrlCacheEntryA
InternetOpenUrlA
IsHostInProxyBypassList
InternetGetCookieW
ShowSecurityInfo
UnlockUrlCacheEntryStream
FindFirstUrlCacheEntryW
InternetGetConnectedState
CommitUrlCacheEntryW
HttpEndRequestW
InternetQueryFortezzaStatus
FtpCommandA
InternetSetDialStateW
GopherGetLocatorTypeA
InternetAttemptConnect
SetUrlCacheEntryGroupW
InternetOpenW
GetUrlCacheEntryInfoW
SetUrlCacheConfigInfoW
HttpOpenRequestW
InternetAlgIdToStringW
FtpGetCurrentDirectoryW
GopherOpenFileA
CreateUrlCacheGroup
HttpQueryInfoA
FtpSetCurrentDirectoryA
RegisterUrlCacheNotification
InternetQueryOptionW
InternetOpenUrlW
FindFirstUrlCacheContainerW
SetUrlCacheGroupAttributeA
InternetDial
InternetAutodialHangup
SetUrlCacheGroupAttributeW
FtpGetFileSize
SetUrlCacheConfigInfoA
InternetGetLastResponseInfoA
FindNextUrlCacheContainerW
SetUrlCacheEntryGroup
InternetCrackUrlW
FtpSetCurrentDirectoryW
InternetSetOptionExA
InternetQueryOptionA
RetrieveUrlCacheEntryStreamA
SetUrlCacheHeaderData
GetUrlCacheEntryInfoExA
SetUrlCacheEntryGroupA
FtpPutFileEx
FindNextUrlCacheEntryExW
InternetTimeFromSystemTimeA
ShowCertificate
InternetUnlockRequestFile
InternetSetDialStateA
FtpDeleteFileW
FtpRenameFileW
InternetFindNextFileA
FindFirstUrlCacheEntryExW
InternetAutodial
InternetWriteFileExA
HttpOpenRequestA
FindNextUrlCacheEntryW
FtpRenameFileA
InternetCreateUrlW
ShowClientAuthCerts
InternetCheckConnectionW
FtpCommandW
InternetSetOptionW
InternetCanonicalizeUrlW
GopherCreateLocatorA
HttpSendRequestA
CreateUrlCacheContainerA
InternetGetLastResponseInfoW
GetUrlCacheHeaderData
FtpRemoveDirectoryA
InternetOpenA
SetUrlCacheEntryInfoA
GopherOpenFileW
InternetGetCookieA
InternetCanonicalizeUrlA
IncrementUrlCacheHeaderData
ResumeSuspendedDownload
InternetConnectA
InternetTimeFromSystemTime
HttpAddRequestHeadersW
InternetGoOnline
FtpRemoveDirectoryW
CreateUrlCacheEntryW
InternetSetCookieW
DeleteUrlCacheContainerA
InternetCombineUrlW
FindNextUrlCacheContainerA
FtpCreateDirectoryA
ShowX509EncodedCertificate
FtpGetCurrentDirectoryA
InternetGetCertByURLA
DeleteUrlCacheGroup
InternetSetFilePointer
FtpCreateDirectoryW
GopherFindFirstFileW
InternetSetDialState
InternetWriteFileExW
FtpOpenFileA
InternetConfirmZoneCrossingA
FreeUrlCacheSpaceA
InternetHangUp
InternetReadFileExA
InternetGoOnlineA
SetUrlCacheEntryInfoW
InternetCreateUrlA
DeleteIE3Cache
GetUrlCacheEntryInfoExW
InternetInitializeAutoProxyDll
RetrieveUrlCacheEntryFileA
HttpSendRequestExA
UpdateUrlCacheContentPath
FindNextUrlCacheGroup
InternetSecurityProtocolToStringW
FindCloseUrlCache
UnlockUrlCacheEntryFileW
InternetGoOnlineW
FtpPutFileA
GopherFindFirstFileA
FtpFindFirstFileA
InternetShowSecurityInfoByURLW
FtpGetFileW
InternetGetConnectedStateExW
InternetShowSecurityInfoByURLA
InternetDialW
LoadUrlCacheContent
InternetGetConnectedStateExA
InternetCheckConnectionA
FindFirstUrlCacheGroup
InternetReadFileExW
DetectAutoProxyUrl
UnlockUrlCacheEntryFile
HttpQueryInfoW
GopherGetAttributeW
FreeUrlCacheSpaceW
HttpEndRequestA
InternetSetCookieA
InternetConnectW
InternetTimeFromSystemTimeW
FtpGetFileA
FtpOpenFileW
FindFirstUrlCacheEntryExA
InternetFindNextFileW
GetUrlCacheGroupAttributeW
InternetGetCertByURL
InternetConfirmZoneCrossingW
InternetTimeToSystemTime
GetUrlCacheConfigInfoA
DeleteUrlCacheEntryA
CreateUrlCacheContainerW
UnlockUrlCacheEntryFileA
InternetReadFile
FindNextUrlCacheEntryExA
UrlZonesDetach
FindFirstUrlCacheEntryA
InternetTimeToSystemTimeA
HttpSendRequestW
InternetGetConnectedStateEx
InternetErrorDlg
GetUrlCacheEntryInfoA
IsUrlCacheEntryExpiredA
InternetSetOptionExW
ReadUrlCacheEntryStream
GetUrlCacheGroupAttributeA
InternetCrackUrlA
DeleteUrlCacheEntry
InternetAlgIdToStringA
GopherGetLocatorTypeW
user32
LoadAcceleratorsA
DrawCaption
FreeDDElParam
CreateDialogParamA
MapVirtualKeyExW
GetLastActivePopup
DrawTextExW
SetUserObjectInformationA
SetClipboardData
ActivateKeyboardLayout
CopyAcceleratorTableW
DlgDirListW
DdeDisconnectList
VkKeyScanExW
GetCursorPos
LoadBitmapW
UnhookWindowsHook
RegisterDeviceNotificationW
GetOpenClipboardWindow
BlockInput
PostThreadMessageA
EnumPropsA
DialogBoxIndirectParamW
TileWindows
ModifyMenuA
InSendMessageEx
SetCapture
LoadCursorFromFileA
GetUpdateRgn
IsMenu
GetMenuItemID
MenuItemFromPoint
CreateDialogParamW
SetScrollInfo
InvalidateRect
EnumPropsExA
DispatchMessageA
GetClassLongW
SendInput
ClientToScreen
DdeSetUserHandle
GetMenuItemCount
GetWindowModuleFileNameA
OpenDesktopW
ChangeMenuA
DdeQueryStringW
MessageBoxA
EnableWindow
InsertMenuItemA
LoadIconA
SwapMouseButton
EqualRect
DrawMenuBar
WINNLSGetIMEHotkey
DlgDirSelectExA
SendMessageA
GetScrollBarInfo
SetProcessDefaultLayout
CreatePopupMenu
GetMenuDefaultItem
InternalGetWindowText
GetClassInfoExW
EnumDisplaySettingsExW
CallMsgFilterA
TabbedTextOutA
EnumPropsExW
EndTask
CharNextExA
IsWindowUnicode
DrawFrameControl
DdeGetData
FillRect
DdeDisconnect
SendNotifyMessageW
SystemParametersInfoW
DdeNameService
DefWindowProcW
TranslateAcceleratorW
SetSysColors
MapVirtualKeyExA
SetThreadDesktop
GetInputDesktop
SetMenu
GetClipboardFormatNameA
VkKeyScanW
VkKeyScanA
SetFocus
WindowFromDC
DlgDirListA
GetDlgItem
GetClassInfoW
MessageBeep
SendNotifyMessageA
GetScrollPos
EndPaint
LoadImageA
IsClipboardFormatAvailable
GetClassLongA
DefMDIChildProcW
GetNextDlgGroupItem
RemoveMenu
IsWindow
SetDebugErrorLevel
DdeClientTransaction
PaintDesktop
ChildWindowFromPoint
wvsprintfA
ScrollWindow
SetScrollRange
GrayStringA
ChangeDisplaySettingsExW
PeekMessageA
LoadMenuA
GetMenuCheckMarkDimensions
GetMenuStringW
CreateAcceleratorTableW
RemovePropW
GetDialogBaseUnits
PackDDElParam
GetProcessWindowStation
CreateIcon
InsertMenuItemW
IsDialogMessage
TranslateMessage
SetScrollPos
CheckRadioButton
DdeUnaccessData
AnyPopup
VkKeyScanExA
DdeFreeStringHandle
UnregisterHotKey
GetCursorInfo
DefDlgProcA
DrawStateA
InsertMenuW
GetDoubleClickTime
LoadCursorW
CharUpperA
IsWindowVisible
UnhookWindowsHookEx
PostMessageW
SetMenuDefaultItem
GetKeyboardLayoutNameW
CharToOemBuffA
GetThreadDesktop
EndDialog
LoadKeyboardLayoutA
UpdateWindow
GetUserObjectInformationW
EnumDisplaySettingsA
ExcludeUpdateRgn
FindWindowExW
UnionRect
CopyIcon
RegisterWindowMessageA
GetClientRect
AdjustWindowRectEx
MessageBoxIndirectA
SetLastErrorEx
TrackMouseEvent
WaitForInputIdle
GetMenuItemInfoA
IsCharLowerW
CreateWindowExA
DialogBoxIndirectParamA
LoadCursorA
SwitchToThisWindow
SetMessageExtraInfo
PeekMessageW
TileChildWindows
GetDesktopWindow
DdeQueryNextServer
GetCaretBlinkTime
EnumDisplaySettingsW
CloseWindow
OpenDesktopA
RegisterClassExA
GetComboBoxInfo
GetClipboardFormatNameW
CloseClipboard
UnhookWinEvent
CopyImage
ReleaseCapture
IsCharAlphaW
Sections
.text Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 295KB - Virtual size: 295KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE