Static task
static1
Behavioral task
behavioral1
Sample
0d52c0e688961b70ead79e161eea2ac5_JaffaCakes118.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral2
Sample
0d52c0e688961b70ead79e161eea2ac5_JaffaCakes118.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
General
-
Target
0d52c0e688961b70ead79e161eea2ac5_JaffaCakes118
-
Size
233KB
-
MD5
0d52c0e688961b70ead79e161eea2ac5
-
SHA1
a7dbcf937c59f97179e203f8c88a1831897018a2
-
SHA256
a26d34cd9a1c6344f9312228e53b53cb9bef7c88d8912814140807223a65b791
-
SHA512
bbb1350d53fa6a43e15a39c72ecdab53d6693c6e4871dc4dc13df3e8646af8cd5351b6febfc7b1eb0b60c17eb024e301ed1ed8a0b425d74d0f6838a7eccae74a
-
SSDEEP
3072:hxjEcFB05ZROGGw/Dzoq2BMpHuSJ1OLaRfoihZQFpt0KJZwY6TXEOGroLoSVotNl:XjEcUfOwbz+OpHF626D1dE0OAaouon
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0d52c0e688961b70ead79e161eea2ac5_JaffaCakes118
Files
-
0d52c0e688961b70ead79e161eea2ac5_JaffaCakes118.exe windows:4 windows x86 arch:x86
419dc6d0ba808a0900de85571ed48123
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GetSystemDefaultLangID
SetConsoleTitleA
GetThreadContext
WriteConsoleOutputAttribute
CreateWaitableTimerA
GlobalWire
GetDiskFreeSpaceExA
lstrcmpiA
SetCurrentDirectoryA
ReleaseMutex
Heap32ListNext
PulseEvent
GetMailslotInfo
GetStdHandle
GetCurrentDirectoryW
GetPrivateProfileSectionW
WriteConsoleW
ReadConsoleInputA
GetFullPathNameA
GetExitCodeProcess
VirtualLock
Process32Next
ReadConsoleA
lstrlen
FreeConsole
HeapDestroy
DefineDosDeviceW
EnumSystemCodePagesA
ReadConsoleW
GlobalAddAtomA
lstrcmp
FindFirstFileExW
SetLastError
GetUserDefaultLCID
WriteProcessMemory
VirtualFreeEx
BeginUpdateResourceW
EraseTape
GetTimeFormatW
DeviceIoControl
CreateMailslotW
CreateFileMappingW
OpenEventW
EnumResourceNamesW
GetLargestConsoleWindowSize
GetPrivateProfileSectionNamesW
GetPrivateProfileStructA
GetFileType
VirtualUnlock
CreateThread
FormatMessageW
WriteProfileSectionW
ReadConsoleOutputCharacterA
GetPrivateProfileIntW
GetProfileStringW
GetProcessHeap
GetFileAttributesA
GetLocaleInfoW
RemoveDirectoryA
GetProcessVersion
GetThreadTimes
IsValidLocale
GetConsoleScreenBufferInfo
SetThreadLocale
MoveFileExW
SetPriorityClass
InterlockedCompareExchange
DeleteFileA
UpdateResourceA
Thread32First
GetTempFileNameA
GetProfileIntW
PeekConsoleInputA
DuplicateHandle
CompareStringA
FindFirstFileW
OpenProcess
GetDiskFreeSpaceW
SetConsoleCtrlHandler
FindAtomA
EnumTimeFormatsW
GetNumberFormatA
CreateDirectoryExW
FileTimeToDosDateTime
SetWaitableTimer
WaitForMultipleObjectsEx
WriteFile
lstrcpynA
SetEndOfFile
GetConsoleTitleA
GetProcessTimes
EnumResourceNamesA
SetFileAttributesW
GetPrivateProfileSectionNamesA
GetThreadPriority
OpenSemaphoreA
FlushViewOfFile
FillConsoleOutputCharacterW
EnumDateFormatsExW
ContinueDebugEvent
WriteFileEx
MoveFileA
SetSystemTime
ReadConsoleOutputCharacterW
WaitCommEvent
MultiByteToWideChar
TransactNamedPipe
GetSystemTimeAdjustment
GetThreadPriorityBoost
AddAtomW
LocalFileTimeToFileTime
lstrcat
FileTimeToLocalFileTime
CreateMutexW
SetEnvironmentVariableA
ReadFileEx
GetModuleFileNameW
OpenSemaphoreW
GetVolumeInformationA
RtlZeroMemory
LoadLibraryExW
GetFullPathNameW
HeapLock
CreateEventW
SetConsoleTitleW
FindResourceExW
GlobalSize
SetThreadExecutionState
GlobalUnWire
TlsFree
ConvertDefaultLocale
UnhandledExceptionFilter
FindResourceExA
GetDiskFreeSpaceExW
GetVolumeInformationW
Toolhelp32ReadProcessMemory
SetEvent
ExitThread
GetFileSize
FindNextFileW
VirtualQueryEx
EnumResourceLanguagesW
SetEnvironmentVariableW
OpenEventA
WriteConsoleOutputA
WriteConsoleInputA
WaitForMultipleObjects
WriteConsoleOutputW
CreateNamedPipeW
Sleep
SetComputerNameA
ExpandEnvironmentStringsA
SetVolumeLabelA
GlobalMemoryStatus
Module32First
GetNumberOfConsoleInputEvents
SleepEx
GetExitCodeThread
DeleteFiber
GetEnvironmentVariableA
SystemTimeToTzSpecificLocalTime
GetCalendarInfoW
HeapUnlock
GetComputerNameW
GetNamedPipeHandleStateA
GetStringTypeExA
GlobalFindAtomA
GetTempFileNameW
GetNumberOfConsoleMouseButtons
GetAtomNameA
GetCompressedFileSizeA
LocalUnlock
GetLocalTime
GlobalLock
GetWriteWatch
FindCloseChangeNotification
OpenMutexW
CreateNamedPipeA
SetHandleCount
WriteProfileStringA
WritePrivateProfileSectionW
ResumeThread
SetFileAttributesA
WriteConsoleOutputCharacterA
EnumDateFormatsW
WideCharToMultiByte
EnumResourceLanguagesA
VirtualFree
LocalShrink
GetConsoleCP
CreateConsoleScreenBuffer
SetLocaleInfoA
LocalCompact
lstrcpyA
LeaveCriticalSection
LocalAlloc
GetProcessAffinityMask
GetLogicalDrives
GetConsoleOutputCP
GetComputerNameA
FindResourceA
FoldStringA
HeapCreate
ReadConsoleOutputAttribute
CloseHandle
RemoveDirectoryW
SetLocaleInfoW
GetFileTime
lstrcpy
EnumResourceTypesW
GetDiskFreeSpaceA
GlobalGetAtomNameA
GetLongPathNameW
DebugActiveProcess
GlobalFix
lstrcmpi
CreateFileA
GetConsoleTitleW
GetNamedPipeHandleStateW
WaitNamedPipeA
GlobalAlloc
LoadLibraryW
InitAtomTable
GetConsoleMode
CreateRemoteThread
HeapCompact
SetFileTime
LocalHandle
GetACP
Module32Next
EnumDateFormatsExA
WritePrivateProfileStructW
Heap32ListFirst
GlobalReAlloc
CreateEventA
LocalReAlloc
OpenWaitableTimerW
ReadConsoleOutputW
InitializeCriticalSection
GetWindowsDirectoryA
TerminateThread
WriteProfileSectionA
UnlockFile
DeleteAtom
EnumCalendarInfoExW
GetPrivateProfileSectionA
GetSystemDirectoryA
MulDiv
WriteProfileStringW
EnumDateFormatsA
CommConfigDialogW
HeapValidate
SetTimeZoneInformation
SetConsoleMode
TlsAlloc
GetSystemDirectoryW
RtlFillMemory
ReadConsoleOutputA
GetStartupInfoW
WriteConsoleOutputCharacterW
CreateDirectoryW
EnumResourceTypesA
FoldStringW
GetEnvironmentStringsW
ReleaseSemaphore
UpdateResourceW
FormatMessageA
SignalObjectAndWait
VirtualProtectEx
DefineDosDeviceA
lstrcatW
DeleteFileW
TryEnterCriticalSection
DebugBreak
HeapWalk
SetCurrentDirectoryW
GlobalAddAtomW
GlobalDeleteAtom
AddAtomA
IsDebuggerPresent
GlobalCompact
GetStringTypeW
SearchPathA
LockFileEx
CreateProcessW
CreateProcessA
EnumCalendarInfoExA
VirtualAllocEx
SuspendThread
GetVersion
ReadFileScatter
FreeResource
GetPrivateProfileStructW
MoveFileW
OutputDebugStringA
GlobalUnfix
comdlg32
PageSetupDlgA
shell32
ExtractIconA
ShellAboutA
SHBrowseForFolderW
ShellExecuteExW
SheSetCurDrive
SHUpdateRecycleBinIcon
RealShellExecuteW
SHBrowseForFolder
DragFinish
InternalExtractIconListW
SHLoadInProc
ShellExecuteA
SheGetDirA
ExtractIconW
DragQueryPoint
SHInvokePrinterCommandA
SHBrowseForFolderA
CheckEscapesW
SHQueryRecycleBinA
SHGetDataFromIDListA
SHGetInstanceExplorer
ShellAboutW
DoEnvironmentSubstA
InternalExtractIconListA
SHGetSpecialFolderPathW
SHGetPathFromIDListA
FreeIconList
DragQueryFile
DuplicateIcon
ShellExecuteW
DragQueryFileAorW
SHGetPathFromIDList
gdi32
SetColorAdjustment
GetGlyphOutlineW
ExtSelectClipRgn
CopyMetaFileW
SetViewportExtEx
GetCharWidth32W
GetMetaFileA
GetOutlineTextMetricsA
InvertRgn
CloseFigure
CreateColorSpaceW
TextOutW
ExtEscape
CreateFontIndirectW
SetWorldTransform
RectInRegion
UpdateICMRegKeyA
GetTextCharset
DeleteEnhMetaFile
CreateBitmapIndirect
Chord
GetObjectA
SetBrushOrgEx
CreateRoundRectRgn
CopyMetaFileA
PathToRegion
ModifyWorldTransform
CreateBitmap
GetFontData
GetTextFaceA
ChoosePixelFormat
GetPolyFillMode
SelectClipRgn
SetPixel
EnumICMProfilesA
GetOutlineTextMetricsW
GetKerningPairs
GetTextColor
GetCharABCWidthsFloatA
OffsetWindowOrgEx
GetClipRgn
CreateEnhMetaFileA
TranslateCharsetInfo
PolyTextOutW
Pie
CreateHatchBrush
CreatePenIndirect
AddFontResourceW
CreatePalette
CreateDIBPatternBrushPt
CloseEnhMetaFile
CreateEnhMetaFileW
GetStretchBltMode
GdiSetBatchLimit
SetWindowExtEx
UpdateICMRegKeyW
SetLayout
FixBrushOrgEx
StrokeAndFillPath
CreateICA
gdiPlaySpoolStream
SetMiterLimit
PolylineTo
GetRasterizerCaps
SetPolyFillMode
GetCharABCWidthsW
EqualRgn
CreateSolidBrush
SetFontEnumeration
GetWinMetaFileBits
FillRgn
GetEnhMetaFileW
SetICMMode
CheckColorsInGamut
EnumFontFamiliesA
PolyTextOutA
GetMetaFileW
GetRandomRgn
CreatePen
GetObjectW
SetBitmapBits
StartDocW
SetViewportOrgEx
EnumFontsW
GetEnhMetaFileDescriptionW
CreateHalftonePalette
GdiFlush
CreateDIBSection
IntersectClipRect
GetCurrentPositionEx
WidenPath
Rectangle
SetAbortProc
ExtCreatePen
PolyPolyline
GetICMProfileW
CreatePolygonRgn
GetPixelFormat
UpdateColors
GetBkColor
Polygon
GetICMProfileA
PlayEnhMetaFileRecord
CloseMetaFile
RemoveFontResourceA
DeleteObject
GetTextAlign
Ellipse
ArcTo
GetGlyphOutline
SelectPalette
StartDocA
PolyBezier
CreateRectRgn
SetDIBitsToDevice
EnumFontFamiliesW
GetGlyphOutlineA
EnumEnhMetaFile
ColorMatchToTarget
SetMapMode
RoundRect
GetTextExtentPoint32A
SetWindowOrgEx
GetAspectRatioFilterEx
GetCharWidthFloatA
PlgBlt
CreateColorSpaceA
GetCharABCWidthsFloatW
GetClipBox
GetEnhMetaFileBits
SetTextAlign
GetArcDirection
SetTextJustification
DeviceCapabilitiesExA
SetRectRgn
GetSystemPaletteEntries
ExcludeClipRect
GetCharacterPlacementA
PlayMetaFile
SelectObject
ExtCreateRegion
CombineTransform
ExtTextOutA
CreateDCA
PtInRegion
PolyPolygon
GetEnhMetaFileHeader
GetDCOrgEx
TextOutA
EndPage
SetROP2
CreateFontW
CreateScalableFontResourceW
CreateICW
Arc
GetColorSpace
GetRegionData
CreatePatternBrush
SetICMProfileA
StretchBlt
SetPaletteEntries
ScaleWindowExtEx
GetBrushOrgEx
CancelDC
GetTextMetricsA
GetCurrentObject
SetMetaFileBitsEx
SetColorSpace
LineTo
GetCharWidthA
SetMetaRgn
PlayMetaFileRecord
GetLayout
GetPixel
GetTextCharsetInfo
CreateFontIndirectA
GetCharWidthW
RealizePalette
SetBoundsRect
CreateMetaFileA
DeleteMetaFile
GetColorAdjustment
SetTextColor
SwapBuffers
FloodFill
GetMetaFileBitsEx
AbortPath
GetRgnBox
CopyEnhMetaFileA
GetStockObject
UnrealizeObject
FillPath
DeleteDC
GetTextExtentPointA
AbortDoc
GetROP2
Polyline
CopyEnhMetaFileW
GetDIBColorTable
GetTextExtentPointW
AngleArc
CreateRectRgnIndirect
GetLogColorSpaceW
PolyBezierTo
GetLogColorSpaceA
CreateMetaFileW
GetMapMode
GetCharWidth32A
EnumFontsA
SetPixelV
CreatePolyPolygonRgn
EnableEUDC
GetBitmapBits
GetBitmapDimensionEx
SetICMProfileW
StretchDIBits
LPtoDP
GetPaletteEntries
SetDIBColorTable
SetTextCharacterExtra
OffsetClipRgn
EnumICMProfilesW
ResetDCA
GetWindowExtEx
ExtFloodFill
EndDoc
CreateDCW
GdiPlayDCScript
GdiGetBatchLimit
SetGraphicsMode
RemoveFontResourceW
CreateDIBPatternBrush
AddFontResourceA
GetTextMetricsW
SetWinMetaFileBits
DeviceCapabilitiesExW
GetGraphicsMode
GetCharABCWidthsA
GetWindowOrgEx
ExtTextOutW
OffsetViewportOrgEx
GetDeviceCaps
SelectClipPath
GetEnhMetaFileDescriptionA
SetSystemPaletteUse
GetBkMode
DrawEscape
SetMapperFlags
SetEnhMetaFileBits
GetPath
GetFontLanguageInfo
SetStretchBltMode
SetBitmapDimensionEx
SetArcDirection
CreateEllipticRgnIndirect
GetKerningPairsA
DescribePixelFormat
RectVisible
GetSystemPaletteUse
GetCharWidthFloatW
FlattenPath
Escape
SetMagicColors
ResizePalette
PlayEnhMetaFile
AnimatePalette
EnumMetaFile
SetDIBits
DeleteColorSpace
EnumObjects
EndPath
GetCharacterPlacementW
EnumFontFamiliesExA
CreateEllipticRgn
StrokePath
GetViewportExtEx
GetTextExtentExPointW
GetKerningPairsW
GetDeviceGammaRamp
LineDDA
ResetDCW
CreateDIBitmap
PaintRgn
CreateCompatibleDC
GetNearestColor
SetBkMode
GetObjectType
PtVisible
CreateDiscardableBitmap
GetMiterLimit
SaveDC
GetViewportOrgEx
ScaleViewportExtEx
GetWorldTransform
ColorCorrectPalette
GetMetaRgn
GetTextExtentPoint32W
GetEnhMetaFilePaletteEntries
wininet
FtpFindFirstFileW
InternetCombineUrlW
FindFirstUrlCacheGroup
SetUrlCacheGroupAttributeA
ShowX509EncodedCertificate
GopherOpenFileW
InternetQueryOptionW
InternetInitializeAutoProxyDll
ShowCertificate
FindNextUrlCacheContainerA
UnlockUrlCacheEntryFile
HttpOpenRequestW
GopherCreateLocatorW
InternetDial
FreeUrlCacheSpaceA
FtpGetCurrentDirectoryW
FtpGetFileA
GetUrlCacheGroupAttributeW
InternetSetCookieW
HttpCheckDavCompliance
SetUrlCacheGroupAttributeW
HttpSendRequestExA
IsUrlCacheEntryExpiredW
InternetGetConnectedStateExA
HttpSendRequestW
GopherOpenFileA
InternetAlgIdToStringA
InternetSecurityProtocolToStringW
RetrieveUrlCacheEntryStreamA
InternetTimeFromSystemTimeA
InternetSetOptionExW
InternetGetCertByURLA
FtpRemoveDirectoryW
InternetGetConnectedState
InternetTimeFromSystemTime
FtpSetCurrentDirectoryW
DeleteIE3Cache
InternetSetDialStateA
GopherGetAttributeA
HttpAddRequestHeadersW
UnlockUrlCacheEntryFileW
FtpOpenFileW
SetUrlCacheEntryGroup
FindFirstUrlCacheEntryA
FtpGetFileW
InternetConnectW
RegisterUrlCacheNotification
HttpEndRequestW
FtpOpenFileA
FtpCommandA
InternetGetCookieW
InternetOpenUrlW
InternetDialA
InternetGetConnectedStateExW
InternetAutodial
FtpCommandW
ShowSecurityInfo
InternetAlgIdToStringW
HttpQueryInfoA
HttpSendRequestA
RetrieveUrlCacheEntryFileA
InternetSetDialState
GopherGetAttributeW
InternetFindNextFileW
GetUrlCacheEntryInfoW
HttpAddRequestHeadersA
FtpPutFileW
InternetCloseHandle
FtpDeleteFileA
InternetTimeToSystemTime
InternetFortezzaCommand
InternetSetDialStateW
CreateUrlCacheContainerW
InternetUnlockRequestFile
CommitUrlCacheEntryA
UrlZonesDetach
InternetAttemptConnect
FtpSetCurrentDirectoryA
FindNextUrlCacheEntryExA
InternetConnectA
InternetQueryFortezzaStatus
HttpOpenRequestA
InternetOpenA
FindFirstUrlCacheContainerA
ShowClientAuthCerts
GopherGetLocatorTypeW
FindNextUrlCacheEntryA
FindNextUrlCacheEntryW
CreateUrlCacheGroup
FindNextUrlCacheEntryExW
FtpCreateDirectoryA
CreateUrlCacheContainerA
InternetCanonicalizeUrlW
SetUrlCacheEntryInfoA
GopherFindFirstFileW
SetUrlCacheEntryInfoW
FindFirstUrlCacheEntryExA
InternetGoOnlineA
InternetTimeToSystemTimeA
FtpGetFileSize
FindFirstUrlCacheContainerW
SetUrlCacheEntryGroupW
InternetGetLastResponseInfoW
InternetSetCookieA
InternetConfirmZoneCrossingA
DeleteUrlCacheContainerA
InternetGetCertByURL
InternetOpenUrlA
IsUrlCacheEntryExpiredA
GopherGetLocatorTypeA
InternetCrackUrlA
InternetLockRequestFile
CreateUrlCacheEntryA
InternetDialW
DeleteUrlCacheContainerW
HttpSendRequestExW
FindFirstUrlCacheEntryW
InternetCreateUrlW
InternetGoOnlineW
InternetReadFileExW
InternetConfirmZoneCrossing
DeleteUrlCacheEntryW
FtpFindFirstFileA
UnlockUrlCacheEntryFileA
SetUrlCacheHeaderData
InternetShowSecurityInfoByURLA
FindNextUrlCacheContainerW
FreeUrlCacheSpaceW
CommitUrlCacheEntryW
SetUrlCacheConfigInfoA
GopherCreateLocatorA
DeleteUrlCacheEntryA
RetrieveUrlCacheEntryStreamW
SetUrlCacheEntryGroupA
DeleteUrlCacheGroup
FtpGetCurrentDirectoryA
FtpPutFileA
InternetCheckConnectionW
ReadUrlCacheEntryStream
FindNextUrlCacheGroup
InternetSecurityProtocolToStringA
InternetHangUp
InternetShowSecurityInfoByURLW
FtpDeleteFileW
FtpGetFileEx
InternetWriteFileExA
FindCloseUrlCache
InternetCreateUrlA
GetUrlCacheEntryInfoExA
InternetWriteFile
LoadUrlCacheContent
DetectAutoProxyUrl
InternetSetOptionA
HttpQueryInfoW
FindFirstUrlCacheEntryExW
InternetAutodialHangup
GetUrlCacheEntryInfoExW
InternetShowSecurityInfoByURL
FtpRenameFileW
FtpCreateDirectoryW
InternetFindNextFileA
FtpRemoveDirectoryA
InternetWriteFileExW
InternetSetFilePointer
ResumeSuspendedDownload
GetUrlCacheEntryInfoA
InternetCheckConnectionA
InternetGoOnline
GetUrlCacheHeaderData
HttpEndRequestA
InternetTimeToSystemTimeW
GetUrlCacheConfigInfoA
InternetReadFile
UnlockUrlCacheEntryStream
GopherFindFirstFileA
InternetCrackUrlW
InternetTimeFromSystemTimeW
RetrieveUrlCacheEntryFileW
Sections
.text Size: 91KB - Virtual size: 90KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ