Static task
static1
Behavioral task
behavioral1
Sample
23d5960d892ac7a1a31c611ba403b365_JaffaCakes118.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral2
Sample
23d5960d892ac7a1a31c611ba403b365_JaffaCakes118.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
23d5960d892ac7a1a31c611ba403b365_JaffaCakes118
-
Size
375KB
-
MD5
23d5960d892ac7a1a31c611ba403b365
-
SHA1
77f95cc8f394c93677baada5247875703ff82807
-
SHA256
e900da85f8745950bb3fbcb6a98fe1693c939774685adef661b73e6de94a74e9
-
SHA512
b048c662f169f731f17b61f77b9c3cc688957aa375b4cc97474dcd12eec6eb401c239284534fcd79f8cc78be8db0fd2e04d41fe85a41655ff515a6a28fb3d970
-
SSDEEP
6144:PsGQFAfAtK0xl6iqQh6E55odMEE5Tgj0AUuu1S2fBB+7nUswJE4onQnBBGzUeNA3:UGcAfAlxlJph6E50E5goTuP2f67nzwJY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 23d5960d892ac7a1a31c611ba403b365_JaffaCakes118
Files
-
23d5960d892ac7a1a31c611ba403b365_JaffaCakes118.exe windows:4 windows x86 arch:x86
4022fbcf43c2e85763711aca08e45e89
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GetConsoleTitleA
OpenFileMappingA
WaitForMultipleObjectsEx
GetDiskFreeSpaceExW
WriteConsoleA
IsDebuggerPresent
SetConsoleCP
GetUserDefaultLCID
ReadConsoleInputA
CreateNamedPipeA
CreateTapePartition
MoveFileExA
SystemTimeToTzSpecificLocalTime
ReadConsoleOutputW
SearchPathA
GetModuleHandleW
SetThreadLocale
GetLogicalDriveStringsW
WriteProfileSectionW
LocalLock
LoadLibraryExW
lstrlenW
ConnectNamedPipe
GetCurrencyFormatA
GlobalHandle
FileTimeToLocalFileTime
CreateMutexW
Toolhelp32ReadProcessMemory
SearchPathW
InitAtomTable
LocalFlags
GetTempFileNameA
GlobalUnWire
RtlZeroMemory
GetLocaleInfoW
FindNextFileA
GetStringTypeW
GetFileType
WriteProcessMemory
GetTimeZoneInformation
VirtualProtectEx
WideCharToMultiByte
GetCurrentThread
SetLastError
LeaveCriticalSection
CreateSemaphoreA
DeleteCriticalSection
LoadLibraryExA
SetConsoleMode
GetVersionExW
GetDateFormatA
FindResourceExA
GetStartupInfoA
FindFirstFileW
InitializeCriticalSection
lstrcpyn
GetCompressedFileSizeA
GetAtomNameA
SleepEx
GetPrivateProfileSectionNamesA
lstrcpy
SetConsoleWindowInfo
GetACP
GetProcessTimes
ResumeThread
GetAtomNameW
VirtualFree
GetQueuedCompletionStatus
FindResourceExW
GlobalFindAtomW
CompareStringA
WriteConsoleOutputAttribute
SetComputerNameA
WritePrivateProfileStructW
GetDiskFreeSpaceExA
VirtualQueryEx
EnumSystemLocalesA
GlobalSize
MoveFileW
FindFirstChangeNotificationA
FindFirstChangeNotificationW
MultiByteToWideChar
CreateThread
GetFileAttributesA
Sleep
PeekConsoleInputW
GlobalMemoryStatus
GetPrivateProfileSectionA
TlsFree
GetComputerNameA
SetVolumeLabelW
WinExec
LocalHandle
SetEnvironmentVariableA
IsValidCodePage
GetSystemPowerStatus
DefineDosDeviceA
GetCurrentDirectoryW
GetConsoleMode
GetComputerNameW
ReleaseMutex
OpenSemaphoreA
ReadFile
GetSystemDefaultLCID
lstrlen
WriteConsoleOutputA
lstrcmpi
ReadConsoleOutputCharacterA
GlobalFix
CreateMailslotW
WaitForSingleObject
WriteConsoleOutputCharacterW
GetConsoleTitleW
Process32Next
GetFileInformationByHandle
CreateFileA
FindAtomA
TlsSetValue
CopyFileExA
ResetWriteWatch
SetConsoleTitleW
DebugActiveProcess
GetDriveTypeA
SetEnvironmentVariableW
GetProfileStringW
GetShortPathNameA
EnumResourceTypesW
UpdateResourceW
WaitNamedPipeA
GetConsoleCursorInfo
CreatePipe
GetTempPathW
GetPrivateProfileSectionNamesW
GetStringTypeExA
GetStdHandle
EnumResourceLanguagesA
GetExitCodeProcess
GetNamedPipeHandleStateA
SetVolumeLabelA
lstrcmpiW
SystemTimeToFileTime
EnumCalendarInfoA
Thread32Next
FlushViewOfFile
GetTimeFormatW
SetConsoleOutputCP
WritePrivateProfileSectionW
OpenWaitableTimerW
CreateWaitableTimerA
SetSystemTimeAdjustment
GetSystemDirectoryW
SetConsoleCtrlHandler
ExitThread
GetLocaleInfoA
BeginUpdateResourceW
GlobalAddAtomA
SetThreadExecutionState
SetHandleCount
HeapDestroy
GetNumberOfConsoleInputEvents
ResetEvent
lstrcatA
LocalFree
GlobalLock
SetThreadIdealProcessor
TransmitCommChar
LockFileEx
lstrcat
HeapWalk
CreateConsoleScreenBuffer
CommConfigDialogA
GetNumberFormatW
PulseEvent
OpenProcess
ReleaseSemaphore
FormatMessageA
lstrcmpiA
ExpandEnvironmentStringsA
GetHandleInformation
EnumSystemLocalesW
VirtualLock
FillConsoleOutputCharacterA
EnumDateFormatsExA
FillConsoleOutputCharacterW
GetThreadSelectorEntry
SetLocalTime
ReadConsoleOutputCharacterW
EraseTape
OpenEventA
GetStringTypeExW
GetEnvironmentVariableA
GetLargestConsoleWindowSize
GetPrivateProfileIntA
GetStartupInfoW
LoadResource
SetThreadAffinityMask
WaitForMultipleObjects
GetVersion
GetDiskFreeSpaceW
TryEnterCriticalSection
ReadDirectoryChangesW
lstrcpynW
EnumResourceNamesW
WaitCommEvent
OpenMutexA
GlobalCompact
Module32Next
SetComputerNameW
GetTimeFormatA
lstrcpynA
GetNumberFormatA
GetLongPathNameA
GetVolumeInformationW
WritePrivateProfileStringW
lstrcmpW
GetCurrentDirectoryA
GlobalFree
InitializeCriticalSectionAndSpinCount
UnmapViewOfFile
FindClose
OpenEventW
CloseHandle
GetVersionExA
GetTempPathA
CompareFileTime
WritePrivateProfileStructA
WriteConsoleOutputCharacterA
WriteProfileStringA
GetDiskFreeSpaceA
GetLongPathNameW
GetPriorityClass
WriteConsoleInputW
GetStringTypeA
LockResource
GetProfileSectionA
GetCalendarInfoA
GetProcessHeap
InterlockedDecrement
EnumTimeFormatsA
CreateDirectoryExW
WritePrivateProfileSectionA
GlobalDeleteAtom
TlsGetValue
ReadConsoleInputW
HeapCompact
ReadFileEx
AddAtomW
SetConsoleScreenBufferSize
GetFileAttributesW
SetFileAttributesW
SetSystemTime
WriteConsoleW
ReadConsoleOutputAttribute
FlushConsoleInputBuffer
VirtualFreeEx
FindFirstFileExW
WriteProfileStringW
CreateDirectoryW
GetMailslotInfo
SetCriticalSectionSpinCount
wininet
FtpPutFileEx
UnlockUrlCacheEntryStream
FindNextUrlCacheEntryExW
InternetAttemptConnect
InternetReadFileExW
DeleteUrlCacheGroup
FindFirstUrlCacheEntryW
CommitUrlCacheEntryA
InternetGetConnectedStateExA
GetUrlCacheConfigInfoW
InternetConfirmZoneCrossing
SetUrlCacheGroupAttributeA
SetUrlCacheHeaderData
InternetTimeToSystemTimeW
GopherCreateLocatorW
InternetInitializeAutoProxyDll
ReadUrlCacheEntryStream
RegisterUrlCacheNotification
InternetConfirmZoneCrossingA
GopherOpenFileW
HttpQueryInfoW
InternetCrackUrlW
FindFirstUrlCacheEntryExA
InternetLockRequestFile
InternetOpenW
FtpGetFileA
InternetCombineUrlW
InternetSecurityProtocolToStringW
HttpEndRequestA
FindNextUrlCacheContainerW
InternetDial
InternetCreateUrlA
SetUrlCacheConfigInfoA
FtpCommandW
InternetCheckConnectionA
InternetSetDialState
FindFirstUrlCacheEntryExW
LoadUrlCacheContent
InternetWriteFileExW
InternetConnectW
FindNextUrlCacheGroup
DeleteIE3Cache
InternetSecurityProtocolToStringA
GopherFindFirstFileW
FtpRenameFileW
DeleteUrlCacheEntryW
InternetSetOptionW
FindNextUrlCacheEntryW
InternetOpenUrlW
FtpRemoveDirectoryA
UnlockUrlCacheEntryFile
InternetGetConnectedStateExW
DeleteUrlCacheEntry
FtpPutFileW
DeleteUrlCacheContainerA
InternetCombineUrlA
InternetReadFile
FtpFindFirstFileW
InternetTimeFromSystemTimeA
CreateUrlCacheContainerW
GetUrlCacheHeaderData
InternetWriteFile
GetUrlCacheEntryInfoW
FtpFindFirstFileA
InternetAlgIdToStringA
InternetUnlockRequestFile
FtpRenameFileA
InternetSetFilePointer
InternetGetConnectedStateEx
GopherCreateLocatorA
InternetQueryFortezzaStatus
FreeUrlCacheSpaceW
FindFirstUrlCacheContainerW
InternetCreateUrlW
FtpOpenFileW
FtpCreateDirectoryW
InternetConnectA
HttpQueryInfoA
DetectAutoProxyUrl
FtpDeleteFileW
InternetShowSecurityInfoByURLA
SetUrlCacheEntryGroupW
HttpSendRequestExA
ShowClientAuthCerts
FtpPutFileA
FindFirstUrlCacheContainerA
InternetShowSecurityInfoByURL
InternetGetLastResponseInfoA
RunOnceUrlCache
RetrieveUrlCacheEntryStreamA
HttpOpenRequestW
InternetGetConnectedState
FtpRemoveDirectoryW
InternetQueryOptionA
CreateUrlCacheGroup
InternetWriteFileExA
FtpCommandA
InternetOpenA
InternetReadFileExA
SetUrlCacheEntryInfoW
CreateUrlCacheEntryW
InternetGetCookieA
InternetGoOnlineW
InternetQueryOptionW
InternetCloseHandle
InternetFortezzaCommand
FindNextUrlCacheEntryExA
FindCloseUrlCache
GetUrlCacheEntryInfoA
FtpOpenFileA
FtpGetCurrentDirectoryW
FtpGetFileSize
GetUrlCacheEntryInfoExW
InternetFindNextFileA
IncrementUrlCacheHeaderData
RetrieveUrlCacheEntryFileA
InternetSetCookieA
FtpDeleteFileA
FtpSetCurrentDirectoryA
UpdateUrlCacheContentPath
DeleteUrlCacheEntryA
HttpAddRequestHeadersA
GopherGetLocatorTypeW
FtpGetCurrentDirectoryA
GopherGetAttributeA
FindFirstUrlCacheEntryA
InternetGetCertByURL
InternetSetDialStateW
FtpGetFileW
InternetConfirmZoneCrossingW
DeleteUrlCacheContainerW
HttpEndRequestW
ShowSecurityInfo
UnlockUrlCacheEntryFileA
InternetGoOnlineA
GopherFindFirstFileA
SetUrlCacheGroupAttributeW
InternetShowSecurityInfoByURLW
ShowCertificate
InternetGetCookieW
UnlockUrlCacheEntryFileW
HttpCheckDavCompliance
SetUrlCacheEntryGroup
InternetSetDialStateA
InternetDialW
RetrieveUrlCacheEntryFileW
InternetCanonicalizeUrlA
user32
SetRectEmpty
ShowCursor
GetIconInfo
ChangeClipboardChain
RegisterClipboardFormatW
OpenClipboard
PaintDesktop
GetWindowRgn
GetProcessDefaultLayout
SetClipboardData
DeferWindowPos
CreateDesktopW
DrawTextW
RegisterHotKey
GetMenuStringA
SetFocus
WINNLSGetEnableStatus
OemToCharBuffW
GetSysColor
CharToOemBuffA
SetClassWord
LoadMenuW
LoadIconA
SubtractRect
MessageBeep
DeleteMenu
LoadCursorA
GetClassInfoExW
EmptyClipboard
FrameRect
GetInputDesktop
EndDialog
GetSysColorBrush
GetWindowPlacement
SetLastErrorEx
MessageBoxIndirectW
CreateDialogIndirectParamA
AppendMenuW
SetScrollPos
TabbedTextOutA
SetCursorPos
CreateIconFromResourceEx
GetGuiResources
ClipCursor
ShowOwnedPopups
DdeInitializeA
GetCursor
CreateAcceleratorTableA
DdeClientTransaction
CharNextExA
MessageBoxIndirectA
DrawStateW
GetWindowTextLengthA
CharToOemW
HideCaret
GetDialogBaseUnits
FindWindowExW
SetMenuDefaultItem
OpenIcon
GetDCEx
GetUpdateRgn
SetPropW
wsprintfW
SetShellWindow
PostMessageW
CharPrevA
SetUserObjectInformationW
CountClipboardFormats
ReplyMessage
SwapMouseButton
GetMessageA
CreateCaret
LookupIconIdFromDirectoryEx
IsIconic
ValidateRgn
EndTask
BringWindowToTop
GetDlgCtrlID
GetMenuState
ChangeDisplaySettingsExW
IsRectEmpty
LoadAcceleratorsA
EnumDesktopsW
CharLowerA
DefWindowProcW
TranslateAcceleratorA
DrawMenuBar
AnyPopup
MessageBoxA
GetKeyboardState
GetClipCursor
MonitorFromPoint
CopyImage
LoadKeyboardLayoutA
GetWindowTextLengthW
GetClassNameA
TranslateMDISysAccel
VkKeyScanW
InsertMenuW
GetThreadDesktop
CloseWindow
CreateDialogParamA
OffsetRect
GetScrollInfo
SetUserObjectInformationA
IsCharAlphaW
AppendMenuA
CreateMDIWindowA
RealGetWindowClass
GetMenuItemInfoA
CreateDialogParamW
DialogBoxParamW
CharPrevW
DlgDirListComboBoxA
DdeNameService
DdeConnectList
CopyAcceleratorTableA
SendIMEMessageExA
GetComboBoxInfo
CharNextW
DestroyMenu
DdeGetData
DefDlgProcA
CreateWindowStationW
WaitMessage
EnumChildWindows
IsWindowEnabled
CreateMDIWindowW
SetKeyboardState
ValidateRect
MapWindowPoints
DialogBoxParamA
EnumThreadWindows
SendNotifyMessageA
CharUpperBuffA
GetMenuContextHelpId
UnregisterHotKey
GetForegroundWindow
GetPropA
GetClassInfoW
DrawTextExA
GetWindowModuleFileNameA
DdeReconnect
CreateWindowExA
MonitorFromRect
DdeUninitialize
DdeAddData
SetDlgItemTextW
LoadKeyboardLayoutW
GetShellWindow
GetMonitorInfoW
GetClipboardViewer
ReuseDDElParam
EnableScrollBar
GetMenuInfo
GetWindow
MsgWaitForMultipleObjectsEx
ExcludeUpdateRgn
ScrollDC
WINNLSGetIMEHotkey
SetScrollInfo
MessageBoxExW
CharToOemBuffW
GetScrollPos
EnumPropsExA
CopyAcceleratorTableW
SetCaretBlinkTime
GetUserObjectInformationA
EqualRect
GetDesktopWindow
MsgWaitForMultipleObjects
GetWindowModuleFileNameW
EnumWindowStationsW
ShowWindow
InSendMessage
GetDlgItemInt
CreateIcon
DlgDirListComboBoxW
GetWindowInfo
ChildWindowFromPointEx
DlgDirListA
SetMessageQueue
WaitForInputIdle
IsCharAlphaNumericW
IntersectRect
wvsprintfA
InvalidateRgn
CharUpperBuffW
DrawIconEx
WinHelpA
DrawCaption
EnableWindow
ImpersonateDdeClientWindow
DrawStateA
LoadAcceleratorsW
LoadCursorFromFileW
DestroyCaret
DdeGetLastError
GetMessageTime
PtInRect
LoadBitmapW
CreateWindowExW
TrackPopupMenu
AnimateWindow
VkKeyScanExW
IsWindowUnicode
ReleaseDC
GrayStringW
ChildWindowFromPoint
DdeFreeStringHandle
DdeSetQualityOfService
DdeCreateStringHandleA
GetWindowLongA
DestroyAcceleratorTable
BeginPaint
ChangeDisplaySettingsA
CreatePopupMenu
MonitorFromWindow
IsDialogMessageW
SetSysColors
SetWindowTextA
SetWinEventHook
RegisterClipboardFormatA
GetMenuDefaultItem
DefFrameProcW
SetDoubleClickTime
UnhookWindowsHookEx
GetParent
SetProcessDefaultLayout
SendDlgItemMessageW
SendDlgItemMessageA
DdeCmpStringHandles
GetMessagePos
MenuItemFromPoint
RegisterDeviceNotificationA
OpenWindowStationA
LockWindowUpdate
SetCapture
GetClientRect
LoadImageA
DdeSetUserHandle
ToAsciiEx
GrayStringA
SetForegroundWindow
GetSystemMenu
GetUserObjectInformationW
DestroyCursor
LoadCursorW
PostMessageA
DdeQueryNextServer
RegisterClassExW
DrawTextA
VkKeyScanExA
OemToCharA
MapVirtualKeyExW
InsertMenuA
CharNextA
MessageBoxExA
SetActiveWindow
DlgDirListW
WINNLSEnableIME
OemToCharBuffA
SetMenuContextHelpId
GetNextDlgGroupItem
DdePostAdvise
EnumClipboardFormats
TrackPopupMenuEx
SetWindowLongW
GetClipboardFormatNameW
EnumWindowStationsA
GetLastActivePopup
EnumDisplaySettingsExW
OpenDesktopW
Sections
.text Size: 99KB - Virtual size: 98KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 262KB - Virtual size: 261KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ