Static task
static1
Behavioral task
behavioral1
Sample
2c95f98e111296912f9158fc78c63a47_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2c95f98e111296912f9158fc78c63a47_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
2c95f98e111296912f9158fc78c63a47_JaffaCakes118
-
Size
328KB
-
MD5
2c95f98e111296912f9158fc78c63a47
-
SHA1
29c8bb1647cfc8d62d4c6a4b32e909d41a03d496
-
SHA256
7f7094eca47ada4fc8a41b37fcce0166aa76f2c6e16d464c287fa1fbf342f923
-
SHA512
47aa27a13ca60990d34c841516786c3905e359a3da267aaa3daa7f9f7ba4e1935bd3600b7f26fcae66366e0e1537400e30acb48a43ac8daa4f9da4a04fee241a
-
SSDEEP
6144:UyQ+4YIRM91yD4xHPHdCrx8wwL+nlqcTcNMW6sWSBikRJS6tF:jmY33yD6HPIrxrlqdim/RJS6X
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2c95f98e111296912f9158fc78c63a47_JaffaCakes118
Files
-
2c95f98e111296912f9158fc78c63a47_JaffaCakes118.exe windows:4 windows x86 arch:x86
5d7426b04343e79807bd2ca47bbcb112
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetConsoleMode
CallNamedPipeW
SetConsoleOutputCP
SizeofResource
CancelIo
MoveFileExW
ExpandEnvironmentStringsW
CreateNamedPipeA
SetCommBreak
CallNamedPipeA
GetCommProperties
EnumCalendarInfoW
FindResourceA
ReadConsoleOutputA
SleepEx
TerminateThread
GlobalHandle
ResumeThread
AreFileApisANSI
SetConsoleMode
ReadProcessMemory
UnhandledExceptionFilter
EnumSystemCodePagesA
GlobalLock
FreeResource
FindFirstChangeNotificationW
GetWindowsDirectoryA
SetConsoleActiveScreenBuffer
OpenFile
GetModuleFileNameW
FatalAppExitA
FindNextFileW
GetTimeFormatW
SetThreadLocale
PrepareTape
TransactNamedPipe
CopyFileA
GetOEMCP
GetLargestConsoleWindowSize
PeekConsoleInputW
GetPrivateProfileSectionNamesA
VirtualProtect
SetEnvironmentVariableW
GetAtomNameA
UnmapViewOfFile
FlushViewOfFile
SetupComm
BackupRead
GetSystemDirectoryA
WriteConsoleOutputW
HeapValidate
ReadFile
CopyFileExW
EnumTimeFormatsW
FindFirstChangeNotificationA
IsBadStringPtrA
GetLongPathNameW
GetTimeFormatA
GetVolumeInformationW
GlobalCompact
GetUserDefaultLangID
GetCurrentThreadId
GetTapePosition
GetVersion
GlobalFindAtomA
GlobalFlags
GetStartupInfoA
EnumCalendarInfoA
GetStringTypeW
GetSystemDefaultLCID
QueryDosDeviceW
AddAtomA
GetFullPathNameA
BackupWrite
WriteProfileStringA
GetHandleInformation
EnumDateFormatsW
GetTempPathA
WaitForMultipleObjects
TlsFree
SetCommMask
DeleteFileA
GetExitCodeProcess
GetTempPathW
SetConsoleScreenBufferSize
GetSystemDirectoryW
GetDateFormatW
FlushFileBuffers
GetProfileIntW
GetPrivateProfileIntA
SetProcessAffinityMask
GetDiskFreeSpaceExW
lstrcpyW
SetConsoleTitleW
VirtualAllocEx
GetCommandLineA
GetVersionExA
CompareStringA
ExitProcess
user32
ReleaseCapture
CharNextExA
CopyImage
EnumDisplaySettingsW
CreatePopupMenu
RedrawWindow
PostMessageW
SetScrollInfo
GetMenuStringW
SetForegroundWindow
SystemParametersInfoA
CloseWindow
GetWindowRgn
SetMenuItemBitmaps
DefDlgProcW
GetKeyboardState
GetThreadDesktop
EnableWindow
InternalGetWindowText
CharLowerW
GetUserObjectInformationA
wsprintfA
InsertMenuItemA
IntersectRect
LoadKeyboardLayoutA
EnumWindows
GetTopWindow
GetMenuInfo
GetDlgItemInt
IsRectEmpty
DefMDIChildProcA
SetMenuItemInfoA
UnregisterClassW
GetScrollBarInfo
GetClassNameW
CharUpperBuffA
OpenClipboard
LoadKeyboardLayoutW
MessageBoxA
RegisterWindowMessageW
OemToCharBuffW
DialogBoxIndirectParamA
UpdateWindow
GetMessageTime
WaitForInputIdle
SendMessageW
BroadcastSystemMessageW
AppendMenuW
gdi32
TextOutA
GetTextExtentExPointW
PolylineTo
UpdateColors
GetTextFaceA
GetEnhMetaFilePaletteEntries
LineDDA
SetROP2
Polygon
GetObjectType
LPtoDP
DescribePixelFormat
SetWorldTransform
CreateDCW
CreateEnhMetaFileA
advapi32
RegSetValueExW
QueryServiceConfigA
CryptDestroyKey
InitializeSecurityDescriptor
LookupAccountSidW
RegQueryInfoKeyW
CryptAcquireContextA
CryptReleaseContext
SetNamedSecurityInfoW
AccessCheckAndAuditAlarmW
ReportEventW
IsValidAcl
RegCreateKeyExW
StartServiceCtrlDispatcherW
GetPrivateObjectSecurity
RegLoadKeyW
RegisterServiceCtrlHandlerA
AbortSystemShutdownW
InitiateSystemShutdownW
RegSetValueA
OpenServiceW
RegEnumKeyExW
SetServiceStatus
GetSecurityDescriptorLength
GetSidLengthRequired
DeleteAce
QueryServiceLockStatusW
OpenSCManagerA
RegisterEventSourceW
GetExplicitEntriesFromAclW
QueryServiceStatus
GetLengthSid
LookupPrivilegeValueW
OpenEventLogW
GetAclInformation
shell32
SHLoadInProc
SHGetPathFromIDListW
SHGetPathFromIDListA
ole32
CoGetCallContext
CoCreateFreeThreadedMarshaler
OleTranslateAccelerator
OleRegGetUserType
oleaut32
VariantChangeType
VariantCopy
comctl32
ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_DrawEx
CreateStatusWindowW
shlwapi
PathIsRootW
StrDupW
StrStrIW
SHCopyKeyA
PathAddBackslashW
PathIsRelativeA
SHCreateStreamOnFileW
UrlCreateFromPathW
PathRemoveBlanksA
PathGetCharTypeW
HashData
SHGetValueW
PathFindOnPathW
PathRenameExtensionW
PathRemoveBackslashA
PathAddBackslashA
setupapi
SetupInstallFromInfSectionW
SetupOpenAppendInfFileA
SetupDiGetDeviceInstanceIdA
SetupCloseLog
SetupDiOpenDeviceInterfaceW
SetupDiSetDeviceInstallParamsA
SetupCloseFileQueue
Sections
.text Size: 284KB - Virtual size: 280KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE