c:\_MyProjects\Playroom\Unicode Debug\Playroom.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
30954c0ee173588093de84c6f9bf2780_JaffaCakes118.exe
Resource
win7-20240705-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
30954c0ee173588093de84c6f9bf2780_JaffaCakes118.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
30954c0ee173588093de84c6f9bf2780_JaffaCakes118
-
Size
2.4MB
-
MD5
30954c0ee173588093de84c6f9bf2780
-
SHA1
de93070e78e4de559ac65588595a58e9b1faca14
-
SHA256
92b646526115c6efb10fafff18228a7f544a19acc865fc5976ac0d1cb8025bd7
-
SHA512
3d9307a672f77cd78a0386e6a3290fb28ada679706c02c95cfdb8d6cd54b25536fb33e1964ee1cc16fa74509304bbddd76d0114334016ec36fd438d3783863cf
-
SSDEEP
49152:c33vdhx7sYoLv20MI6MLSr48nKSDZ3uhlgbwB:c33Hx7sYoSu6TnPZHwB
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 30954c0ee173588093de84c6f9bf2780_JaffaCakes118
Files
-
30954c0ee173588093de84c6f9bf2780_JaffaCakes118.exe windows:5 windows x86 arch:x86
f7917a987bfa1037804d46469c6572fa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mfc90ud
ord8333
ord1114
ord959
ord835
ord520
ord7991
ord4605
ord4235
ord8020
ord1409
ord3857
ord1277
ord1470
ord5356
ord8044
ord4228
ord5960
ord4504
ord4705
ord4858
ord3791
ord8243
ord5571
ord7604
ord8199
ord6090
ord1539
ord8332
ord8944
ord3624
ord5118
ord5604
ord443
ord8321
ord8059
ord4845
ord8062
ord4171
ord8213
ord6237
ord3401
ord6062
ord6216
ord6057
ord5817
ord8002
ord5816
ord7990
ord8003
ord5819
ord1123
ord5396
ord3625
ord8005
ord5607
ord5821
ord1630
ord1031
ord1066
ord5064
ord1501
ord3533
ord1515
ord8108
ord9127
ord8145
ord3622
ord3694
ord1641
ord5815
ord7981
ord8340
ord4617
ord5163
ord3855
ord8345
ord5822
ord3632
ord8335
ord4612
ord5158
ord1034
ord1069
ord6199
ord8294
ord2457
ord3852
ord9376
ord1668
ord293
ord297
ord7794
ord1600
ord9396
ord4779
ord1127
ord3612
ord5086
ord2889
ord2887
ord3964
ord607
ord4882
ord4509
ord7028
ord6406
ord1425
ord815
ord820
ord491
ord496
ord7989
ord1090
ord6194
ord8035
ord8030
ord8032
ord1089
ord871
ord2076
ord596
ord1156
ord1877
ord7805
ord9387
ord3972
ord1078
ord1635
ord3499
ord3254
ord267
ord2285
ord5279
ord6501
ord6152
ord1601
ord8926
ord5673
ord9073
ord9347
ord8888
ord8588
ord8595
ord2389
ord5715
ord7527
ord4445
ord6098
ord6859
ord7273
ord7285
ord5089
ord5670
ord2696
ord1860
ord3143
ord4191
ord8242
ord3369
ord2928
ord5608
ord1253
ord5193
ord723
ord3365
ord2493
ord354
ord7239
ord4672
ord5479
ord7201
ord5258
ord359
ord7588
ord3568
ord3573
ord3550
ord1217
ord6435
ord2949
ord6258
ord2169
ord2741
ord9354
ord2028
ord6737
ord2241
ord811
ord6851
ord3891
ord6880
ord6678
ord6864
ord7283
ord8433
ord1377
ord3739
ord5919
ord8338
ord5765
ord494
ord8489
ord3417
ord6197
ord4615
ord5161
ord8252
ord3415
ord8084
ord5218
ord9070
ord9373
ord4369
ord3848
ord3975
ord6439
ord3523
ord5531
ord6436
ord2242
ord2738
ord9160
ord5646
ord4045
ord1375
ord8083
ord6095
ord8679
ord3845
ord3231
ord4423
ord4424
ord3890
ord8488
ord3413
ord9097
ord427
ord4912
ord768
ord6855
ord6425
ord8829
ord5226
ord5405
ord898
ord648
ord8551
ord2291
ord8754
ord4573
ord8930
ord8815
ord8507
ord8947
ord9149
ord5112
ord5091
ord287
ord296
ord8932
ord9076
ord4712
ord5100
ord9063
ord3476
ord9050
ord5636
ord5662
ord6097
ord8889
ord8793
ord8988
ord8366
ord8929
ord3421
ord5092
ord8064
ord8080
ord2224
ord7496
ord4446
ord6099
ord6548
ord7281
ord6745
ord7996
ord1111
ord9249
ord1112
ord8007
ord8753
ord4572
ord926
ord1128
ord5135
ord1255
ord685
ord6104
ord4181
ord8895
ord9089
ord8890
ord6227
ord9382
ord8239
ord352
ord6125
ord874
ord3182
ord8241
ord602
ord5328
ord486
ord2272
ord2953
ord6261
ord5262
ord728
ord365
ord2951
ord6260
ord2168
ord8251
ord3416
ord4360
ord4005
ord4059
ord8541
ord8063
ord9041
ord6096
ord4102
ord4438
ord1077
ord1079
ord5440
ord3383
ord3395
ord1474
ord1116
ord1879
ord3351
ord7576
ord933
ord5930
ord696
ord1638
ord5079
ord5082
ord5075
ord8919
ord8921
ord8917
ord3221
ord6282
ord5349
ord4025
ord4031
ord4724
ord376
ord9105
ord8320
ord5435
ord3883
ord7189
ord2255
ord7275
ord7415
ord8405
ord6351
ord3781
ord896
ord6106
ord6302
ord3481
ord3367
ord2477
ord646
ord8211
ord2472
ord4642
ord6565
ord6798
ord6879
ord6893
ord6895
ord6897
ord7113
ord7117
ord7400
ord6923
ord1080
ord1081
ord1007
ord1091
ord7983
ord4974
ord8288
ord1814
ord3086
ord5354
ord1812
ord3084
ord5818
ord8334
ord5397
ord8045
ord819
ord495
ord697
ord934
ord8021
ord1075
ord1050
ord8516
ord8517
ord356
ord4874
ord1754
ord3006
ord725
ord5058
ord2474
ord9313
ord3320
ord600
ord9151
ord9002
ord1251
ord9017
ord2314
ord2473
ord5921
ord6083
ord1622
ord1380
ord1072
ord1037
ord1024
ord1059
ord1157
ord987
ord2479
ord504
ord6079
ord7845
ord5230
ord8429
ord8898
ord1187
ord2987
ord8803
ord9215
ord2091
ord9159
ord6955
ord6971
ord6976
ord6983
ord6989
ord6655
ord1092
ord7498
ord4972
ord8286
ord1144
ord1250
ord8231
ord2484
ord6412
ord1254
ord8339
ord8034
ord4616
ord5162
ord6198
ord8837
ord7514
ord8841
ord2225
ord6531
ord6361
ord1190
ord2732
ord3521
ord3480
ord949
ord939
ord948
ord2988
ord2786
ord1083
ord1088
ord6212
ord9068
ord5667
ord7848
ord5830
ord3627
ord8004
msvcr90d
malloc
_wtol
modf
log10
wcscspn
wcsncmp
iswalnum
iswprint
strlen
strncpy
strcpy
towupper
sin
wcstok
strcmp
_vsnwprintf
memmove
_wassert
memchr
swscanf
wcsrchr
localeconv
calloc
wcscat
iswlower
iswupper
iswspace
signal
_errno
_wcslwr
_wcsnset
_itow_s
fwrite
memset
__iob_func
exit
realloc
_wtof
_invalid_parameter
_wgetcwd
_wsplitpath
_wmakepath
toupper
_wfindfirst64i32
_waccess
_findclose
_wfindnext64i32
atan2
cos
vswprintf_s
sqrt
_CrtDbgReportW
fabs
pow
floor
fmod
iswdigit
wcstod
_localtime64_s
isdigit
iswalpha
wcscat_s
_vswprintf
wcscpy
wcsstr
free
wcsspn
_wcsdup
wcscoll
_wcsicoll
_time64
_localtime64
memcmp
wcsftime
_wcsicmp
wcschr
_wcsnicmp
_wtoi
wcscpy_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
swprintf_s
atol
atof
wcsncpy
labs
abs
bsearch
memcpy
qsort
wcscmp
wcslen
__RTDynamicCast
_purecall
towlower
_wsetlocale
_snprintf_s
_CrtDbgReport
_vsnprintf_s
_vsnwprintf_s
_snwprintf_s
wcsncpy_s
strcpy_s
_recalloc
ceil
_mktime64
_gmtime64_s
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
__CxxFrameHandler3
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
_invoke_watson
_controlfp_s
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_CRT_RTC_INITW
_initterm_e
_initterm
_CrtSetCheckCount
_wcmdln
_cexit
_XcptFilter
_exit
__wgetmainargs
_amsg_exit
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
atan
memmove_s
exp
log
kernel32
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceW
GlobalSize
GetTickCount
GetNumberFormatW
GetPrivateProfileStringW
WritePrivateProfileStringW
LocalFree
GetLastError
GlobalReAlloc
MultiByteToWideChar
GetThreadLocale
lstrcpyW
GetUserDefaultLCID
GetSystemTime
DeleteFileW
GetPrivateProfileIntW
CopyFileW
CloseHandle
GetFileSize
CreateFileW
GetFileAttributesW
FreeResource
GetModuleFileNameW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoW
IsDebuggerPresent
RaiseException
DebugBreak
lstrlenA
GetProcAddress
LoadLibraryA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapFree
HeapAlloc
GetProcessHeap
VirtualQuery
FreeLibrary
GlobalLock
GlobalUnlock
GlobalFree
InterlockedDecrement
InterlockedIncrement
MulDiv
GetVersion
LoadLibraryW
SetEvent
OpenEventA
OutputDebugStringA
OutputDebugStringW
FileTimeToSystemTime
LocalAlloc
FileTimeToLocalFileTime
LocalFileTimeToFileTime
VirtualAlloc
UnmapViewOfFile
GetSystemInfo
MapViewOfFile
CreateFileMappingA
GetCurrentThread
OpenFileMappingA
GetLocaleInfoW
WideCharToMultiByte
FormatMessageW
lstrlenW
CreateDirectoryW
user32
GetFocus
IsChild
SetFocus
SendMessageW
FillRect
GetClassNameW
MessageBeep
SetWindowLongW
CreateWindowExW
EndDeferWindowPos
BeginDeferWindowPos
GetDlgCtrlID
DeferWindowPos
DestroyCursor
SetCursor
RegisterWindowMessageW
IsWindowVisible
OpenClipboard
CreateCaret
DestroyCaret
PostQuitMessage
AdjustWindowRectEx
ReleaseCapture
SetTimer
KillTimer
GetDesktopWindow
ReleaseDC
GetDC
GetDCEx
CharLowerW
SystemParametersInfoW
GetDialogBaseUnits
GetSysColorBrush
SetWindowTextW
GetWindowTextW
GetTopWindow
GetWindow
CharUpperW
LoadStringW
MessageBoxW
IsWindow
GetCursorPos
SetWindowPos
GetKeyState
GetClipboardData
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
CloseClipboard
GetOpenClipboardWindow
GetSysColor
LoadCursorW
wsprintfW
SubtractRect
UnionRect
IntersectRect
OffsetRect
RegisterClipboardFormatW
UnregisterClassW
GetClassInfoW
RegisterClassW
DefWindowProcW
PeekMessageW
TranslateMessage
DispatchMessageW
PostMessageW
CallWindowProcW
InflateRect
GetSystemMetrics
CopyRect
IsRectEmpty
PtInRect
SetRect
DrawEdge
EqualRect
SetRectEmpty
gdi32
GetObjectW
GetTextMetricsW
SelectObject
SetMapMode
SetWindowExtEx
SetViewportExtEx
GetTextExtentPoint32W
GetStockObject
CreateFontIndirectW
StretchDIBits
DeleteObject
CreateICW
EnumFontFamiliesExW
EnumFontFamiliesW
GetDeviceCaps
DeleteDC
GetTextExtentPointW
advapi32
SetThreadToken
RevertToSelf
OpenThreadToken
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegCloseKey
shell32
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
oledlg
OleUIInsertObjectW
ole32
OleSave
OleCreateFromData
OleGetClipboard
OleConvertIStorageToOLESTREAM
CreateStreamOnHGlobal
OleConvertOLESTREAMToIStorage
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
ProgIDFromCLSID
CLSIDFromProgID
OleSetClipboard
OleFlushClipboard
CoCreateInstance
OleRun
CoInitialize
oleaut32
SysAllocString
SafeArrayCreate
SafeArrayDestroy
SafeArrayAccessData
SafeArrayUnaccessData
VarUdateFromDate
SysFreeString
VarBstrFromDate
VarDateFromStr
VarR8FromStr
DosDateTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VarDateFromUdate
SystemTimeToVariantTime
GetErrorInfo
VariantInit
SetErrorInfo
CreateErrorInfo
VariantClear
msvcp90d
?_Swap_aux@_Container_base_secure@std@@QAEXAAV12@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
?max_size@?$allocator@_W@std@@QBEIXZ
??0?$allocator@_W@std@@QAE@ABV01@@Z
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
??0?$allocator@_W@std@@QAE@XZ
?endl@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@AAV21@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?getline@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@PA_WH_W@Z
?get@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@AA_W@Z
?eof@ios_base@std@@QBE_NXZ
?bad@ios_base@std@@QBE_NXZ
?_Debug_message@std@@YAXPB_W0I@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
?_DebugHeapTag_func@std@@YAABU_DebugHeapTag_t@1@XZ
??2facet@locale@std@@SAPAXIABU_DebugHeapTag_t@2@PADH@Z
??0_Locimp@locale@std@@AAE@ABV012@@Z
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0_DebugHeapString@std@@QAE@PBD@Z
??1_Container_base_secure@std@@QAE@XZ
?_Orphan_all@_Container_base_secure@std@@QBEXXZ
??0_Container_base_secure@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??_D?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?close@?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
?eof@?$char_traits@_W@std@@SAGXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@_W@std@@SAIPB_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
??4_DebugHeapString@std@@QAEAAV01@ABV01@@Z
??1_DebugHeapString@std@@QAE@XZ
??3facet@locale@std@@SAXPAXABU_DebugHeapTag_t@2@PADH@Z
??1?$codecvt@_WDH@std@@MAE@XZ
?do_length@?$codecvt@_WDH@std@@MBEHABHPBD1I@Z
?do_out@?$codecvt@_WDH@std@@MBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??2facet@locale@std@@SAPAXI@Z
?classic@locale@std@@SAABV12@XZ
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
??1locale@std@@QAE@XZ
?open@?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAEXPB_WHH@Z
??3facet@locale@std@@SAXPAX@Z
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?_Swap_all@_Container_base_secure@std@@QBEXAAV12@@Z
comctl32
ord17
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 283KB - Virtual size: 282KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 27KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 110KB - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ