MdCallBack
_LPenHelper
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
33595543b046e80cd8548498e39510e9_JaffaCakes118.exe
Resource
win7-20240704-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
33595543b046e80cd8548498e39510e9_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
33595543b046e80cd8548498e39510e9_JaffaCakes118
-
Size
5.3MB
-
MD5
33595543b046e80cd8548498e39510e9
-
SHA1
2fdc3024f633a61f4fa368017bcdace18a0ef0f4
-
SHA256
5c3131b96f7c355b2de230f5dfa16a350943339bf51fb797e568a0685a0c34e4
-
SHA512
ec4858abe5a28fdbc42c3f918b661abda7db7acbea69a41f5ff7be7a3fb7c02b1bba99106f87b18b8afd55d8f35e87b97d56ea2975b5b86d6e28b1a6f0e3fa9e
-
SSDEEP
98304:bbm/wd4+gYsKDcBnyT2ZL/bzwgR6EqJYLsVafeDIVdCthNZZA4iOyefpLJu:PMU4+gY5YBnNZL/XX6ELL2LDq4jfBy
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 33595543b046e80cd8548498e39510e9_JaffaCakes118
Files
-
33595543b046e80cd8548498e39510e9_JaffaCakes118.exe windows:4 windows x86 arch:x86
2dee88daefca23a70ae112e26ea486f5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
mso97
ord390
ord403
ord977
ord456
ord978
ord730
ord475
ord379
ord702
ord716
ord41
ord680
ord683
ord916
ord615
ord681
ord695
ord842
ord847
ord493
ord893
ord822
ord520
ord692
ord467
ord981
ord986
ord868
ord450
ord579
ord577
ord707
ord708
ord775
ord314
ord721
ord472
ord471
ord464
ord83
ord333
ord77
ord415
ord712
ord409
ord698
ord639
ord380
ord813
ord694
ord487
ord593
ord709
ord710
ord430
ord435
ord693
ord746
ord387
ord717
ord720
ord255
ord422
ord423
ord426
ord772
ord99
ord100
ord572
ord668
ord263
ord751
ord738
ord570
ord744
ord389
ord731
ord646
ord501
ord631
ord886
ord348
ord747
ord634
ord632
ord699
ord956
ord936
ord114
ord815
ord386
ord652
ord510
ord914
ord497
ord258
ord491
ord740
ord988
ord460
ord550
ord295
ord684
ord347
ord957
ord960
ord933
ord929
ord750
ord844
ord925
ord276
ord931
ord821
ord481
ord599
ord446
ord329
ord264
ord724
ord644
ord364
ord663
ord417
ord432
ord431
ord440
ord368
ord438
ord604
ord620
ord609
ord336
ord874
ord606
ord311
ord748
ord786
ord443
ord628
ord784
ord529
ord851
ord850
ord479
ord408
ord537
ord635
ord571
ord768
ord770
ord626
ord891
ord624
ord618
ord385
ord603
ord608
ord607
ord785
ord436
ord418
ord56
ord265
ord323
ord345
ord564
ord935
ord71
ord95
ord105
ord115
ord86
ord76
ord82
ord84
ord34
ord335
ord369
ord601
ord555
ord605
ord556
ord174
ord200
ord160
ord150
ord478
ord498
ord45
ord93
ord783
ord15
ord101
ord107
ord64
ord337
ord804
ord173
ord165
ord177
ord98
ord727
ord591
ord172
ord171
ord170
ord151
ord167
ord166
ord67
ord18
ord769
ord103
ord79
ord168
ord58
ord324
ord245
ord244
ord111
ord164
ord161
ord108
ord222
ord48
ord110
ord80
ord104
ord831
ord106
ord485
ord839
ord43
ord42
ord44
ord54
ord57
ord97
ord911
ord880
ord59
ord47
ord49
ord805
ord285
ord68
ord470
ord594
ord332
ord728
ord284
ord13
ord895
ord781
ord896
ord653
ord883
ord349
ord910
ord913
ord835
ord305
ord796
ord551
ord299
ord688
ord689
ord346
ord651
ord855
ord666
ord630
ord560
ord629
ord779
ord833
ord685
ord294
ord887
ord836
ord50
ord87
ord923
ord573
ord46
ord9
ord38
ord40
ord17
ord37
ord21
ord66
ord73
ord742
ord810
ord141
ord504
ord445
ord830
ord138
ord410
ord378
ord811
ord947
ord741
ord650
ord377
ord857
ord388
ord532
ord739
ord585
ord514
ord507
ord846
ord400
ord575
ord787
ord974
ord793
ord576
ord777
ord451
ord476
ord296
ord10
ord670
ord496
ord595
ord802
ord473
ord412
ord463
ord273
ord841
ord344
ord547
ord36
ord404
ord525
ord29
ord91
ord28
ord145
ord27
ord144
ord342
ord856
ord468
ord232
ord590
ord221
ord322
ord656
ord14
ord466
ord396
ord301
ord825
ord826
ord664
ord598
ord667
ord803
ord889
ord381
ord726
ord661
ord934
ord480
ord725
ord636
ord383
ord406
ord453
ord394
ord293
ord756
ord292
ord894
ord113
ord321
ord500
ord993
ord499
ord788
ord589
ord373
ord313
ord722
ord382
ord81
ord495
ord85
ord657
ord592
ord129
ord350
ord69
ord133
ord130
ord132
ord906
ord131
ord903
ord567
ord907
ord904
ord312
ord566
ord674
ord448
ord425
ord759
ord971
ord424
ord175
ord800
ord574
ord89
ord318
ord490
ord729
ord442
ord459
ord557
ord697
ord834
xlintl32
ord11
ord140
ord16
ord7
ord3
ord2
ord6
ord5
ord14
ord15
ord17
ord23
ord122
ord20
ord121
ord4
advapi32
RegEnumValueW
RegEnumKeyW
RegQueryValueW
GetUserNameW
GetFileSecurityW
SetFileSecurityW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegCloseKey
SetFileSecurityA
GetFileSecurityA
RegQueryValueA
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyA
GetUserNameA
gdi32
GdiComment
SelectPalette
GetBitmapBits
GetTextExtentExPointW
TextOutW
GetPixel
SetTextAlign
TextOutA
CreateFontW
ExtTextOutA
ExtTextOutW
GetCharWidthA
GetTextExtentPointA
GetOutlineTextMetricsA
StartDocA
ResetDCA
GetTextMetricsA
GetTextFaceA
GetObjectA
EnumFontFamiliesA
CreateMetaFileA
CreateICA
CreateFontA
CreateFontIndirectA
CreateEnhMetaFileA
CreateDCA
CopyMetaFileA
CopyEnhMetaFileA
GetOutlineTextMetricsW
GetObjectType
SetEnhMetaFileBits
CreateDIBitmap
CopyMetaFileW
CopyEnhMetaFileW
GetEnhMetaFileBits
InvertRgn
SetStretchBltMode
StretchDIBits
ResetDCW
CreateDCW
CreateICW
EndPage
StartPage
AbortDoc
EndDoc
StartDocW
SetAbortProc
ExtEscape
EnumObjects
SetMapperFlags
GetCurrentObject
GetTextExtentPointW
GetCharWidthW
UnrealizeObject
PaintRgn
OffsetRgn
CreateRoundRectRgn
Rectangle
RoundRect
GetSystemPaletteEntries
CreatePalette
GetDeviceCaps
RealizePalette
SetDIBits
GdiFlush
CreateDIBSection
Polyline
CreateEnhMetaFileW
CloseEnhMetaFile
EnumEnhMetaFile
PlayEnhMetaFile
PlayEnhMetaFileRecord
PlayMetaFileRecord
GetMetaFileBitsEx
SetWinMetaFileBits
GetEnhMetaFileHeader
GetWinMetaFileBits
SetMetaFileBitsEx
CreateMetaFileW
EnumMetaFile
CloseMetaFile
DeleteMetaFile
DeleteEnhMetaFile
CreateRectRgnIndirect
CreateRectRgn
Escape
CreatePolygonRgn
StretchBlt
CreateCompatibleDC
DeleteDC
Pie
Arc
Ellipse
Polygon
PatBlt
LineTo
GetCurrentPositionEx
MoveToEx
GetTextColor
GetBkColor
GetDIBits
CreateBitmap
BitBlt
CreateCompatibleBitmap
GetWindowOrgEx
CreateFontIndirectW
CreateDIBPatternBrush
SetBitmapBits
CreatePatternBrush
CreateHatchBrush
CreateBrushIndirect
ExtCreatePen
CreatePen
GetNearestColor
FixBrushOrgEx
SetBrushOrgEx
SetROP2
SetBkMode
GetTextFaceW
GetNearestPaletteIndex
GetPaletteEntries
GetClipBox
ExcludeClipRect
SetRectRgn
CombineRgn
GetRgnBox
IntersectClipRect
RestoreDC
SaveDC
GetTextMetricsW
GetObjectW
LPtoDP
DPtoLP
SetWindowOrgEx
CreateSolidBrush
GetStockObject
GetMapMode
GetWindowExtEx
GetViewportExtEx
SetMapMode
EnumFontFamiliesW
SetWindowExtEx
SetViewportExtEx
DeleteObject
SetTextColor
SetBkColor
SelectObject
SelectClipRgn
kernel32
ExitProcess
UnhandledExceptionFilter
RtlUnwind
GetCommandLineA
VirtualFree
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
lstrcmpW
MultiByteToWideChar
IsValidCodePage
DeleteCriticalSection
LeaveCriticalSection
TerminateThread
SetThreadPriority
InitializeCriticalSection
EnterCriticalSection
LoadLibraryExA
FreeResource
GetFullPathNameW
SetLastError
EnumSystemLocalesW
GetSystemTime
GetTempPathW
GetTempFileNameW
EnumSystemLocalesA
GetLocaleInfoW
Sleep
CreateThread
QueryPerformanceCounter
LockResource
QueryPerformanceFrequency
GlobalDeleteAtom
GlobalGetAtomNameW
SetHandleCount
GlobalAddAtomW
SetFileAttributesA
SetCurrentDirectoryA
SetEnvironmentVariableA
MoveFileA
SearchPathA
GlobalGetAtomNameA
GlobalAddAtomA
LoadLibraryA
GetVolumeInformationA
GetTempPathA
GetWindowsDirectoryA
GetShortPathNameA
GetProfileStringA
GetTempFileNameA
GetProfileIntA
GetModuleFileNameA
GetFullPathNameA
GetModuleHandleA
GetDriveTypeA
GetCurrentDirectoryA
GetFileAttributesA
FindNextFileA
FindFirstFileA
FindResourceA
CreateFileA
DeleteFileA
GetLocaleInfoA
GetACP
lstrcmpA
lstrcmpiA
GetOEMCP
GetProfileStringW
GetUserDefaultLCID
GlobalHandle
FreeLibrary
lstrcmpiW
FileTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
GetLocalTime
FindResourceW
LocalFileTimeToFileTime
GetProfileIntW
GetShortPathNameW
LoadResource
GetVersionExW
GetTickCount
SetErrorMode
SetEnvironmentVariableW
GetModuleFileNameW
SetCurrentDirectoryW
GetVersion
SearchPathW
GetWindowsDirectoryW
CloseHandle
ReadFile
CreateFileW
FindClose
FindFirstFileW
WriteFile
SetFileAttributesW
GetFileAttributesW
FindNextFileW
DeleteFileW
GetLastError
SetFilePointer
GetCurrentDirectoryW
UnlockFile
MoveFileW
GetVolumeInformationW
SetFileTime
LockFile
GetFileSize
GlobalReAlloc
GetFileTime
GetDriveTypeW
GetModuleHandleW
GlobalSize
GlobalLock
GlobalUnlock
GlobalAlloc
MulDiv
WinExec
GlobalFree
GetCurrentThreadId
GetVersionExA
GetProcAddress
GetCurrentProcessId
LoadLibraryW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
GetCPInfo
GetEnvironmentStringsW
GetStdHandle
HeapCreate
GetFileType
GetStringTypeA
GetStringTypeW
HeapAlloc
LCMapStringA
HeapFree
FlushFileBuffers
LCMapStringW
SetStdHandle
GetStartupInfoA
ole32
SetConvertStg
OleConvertOLESTREAMToIStorage
CoFileTimeNow
CoIsOle1Class
CreateItemMoniker
OleGetIconOfClass
ReadFmtUserTypeStg
StringFromCLSID
GetClassFile
StringFromGUID2
OleCreate
OleCreateFromFile
OleCreateLinkToFile
OleSaveToStream
OleLoad
CoCreateGuid
OleSave
CoInitialize
CreateStreamOnHGlobal
CLSIDFromString
OleQueryCreateFromData
CoUninitialize
CoRegisterMessageFilter
OleTranslateAccelerator
OleIsCurrentClipboard
OleCreateFromData
WriteClassStm
OleConvertIStorageToOLESTREAM
OleGetClipboard
OleSetClipboard
OleFlushClipboard
WriteClassStg
WriteFmtUserTypeStg
CoGetMalloc
GetRunningObjectTable
CreateFileMoniker
StgSetTimes
ReadClassStg
CoDisconnectObject
CreateGenericComposite
OleIsRunning
ProgIDFromCLSID
ReleaseStgMedium
MkParseDisplayName
CreateBindCtx
OleCreateLink
OleCreateLinkFromData
OleRun
CLSIDFromProgID
StgOpenStorage
StgCreateDocfile
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTreatAsClass
CoGetClassObject
ReadClassStm
IsAccelerator
OleSetMenuDescriptor
CoRegisterClassObject
CoRevokeClassObject
CreateOleAdviseHolder
CreateDataAdviseHolder
OleLoadFromStream
OleQueryLinkFromData
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleSetContainedObject
GetHGlobalFromILockBytes
CoCreateInstance
CoLockObjectExternal
StgIsStorageFile
user32
ShowCursor
MessageBeep
GetParent
CharUpperW
GetForegroundWindow
DestroyAcceleratorTable
GetActiveWindow
CreateAcceleratorTableA
CreateAcceleratorTableW
SetMenu
GetMessagePos
DestroyIcon
CharLowerW
CharUpperA
CharLowerBuffW
GetWindowDC
GetDoubleClickTime
DrawIcon
CallNextHookEx
GetIconInfo
GetCursor
IsChild
LoadCursorFromFileW
DrawFrameControl
IsZoomed
ToAscii
MapVirtualKeyW
MapVirtualKeyA
IsCharUpperW
ArrangeIconicWindows
SetCursorPos
MoveWindow
GetClipboardFormatNameW
RegisterWindowMessageW
GetMessageTime
SetActiveWindow
WindowFromPoint
SetParent
GetMenu
GetDialogBaseUnits
IsWindowUnicode
PackDDElParam
UnpackDDElParam
FreeDDElParam
WinHelpW
PostMessageA
PostMessageW
WinHelpA
VkKeyScanA
SystemParametersInfoA
SetWindowTextA
SetWindowLongA
SetClassLongA
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassExA
LoadIconA
LoadCursorFromFileA
LoadCursorA
CreateWindowExW
ReleaseDC
GetDC
RegisterClassW
LoadIconW
LoadCursorW
GetSystemMetrics
MessageBoxW
SetMessageQueue
GetSysColor
SetForegroundWindow
ShowWindow
SetWindowPlacement
GetWindowPlacement
IsIconic
GetWindow
GetWindowLongW
SendMessageW
SetWindowLongW
DefWindowProcW
DefWindowProcA
EndDeferWindowPos
DeferWindowPos
SetWindowPos
ScreenToClient
GetWindowRect
PtInRect
UnhookWindowsHookEx
SetWindowsHookExA
SetWindowsHookExW
SystemParametersInfoW
IntersectRect
IsRectEmpty
FillRect
RegisterClassExW
AdjustWindowRectEx
GetClientRect
SetFocus
ClientToScreen
ShowCaret
HideCaret
GetSystemMenu
PeekMessageW
PeekMessageA
EndPaint
BeginPaint
UnionRect
SetRect
InvalidateRect
GetTopWindow
GetWindowTextW
SetWindowTextW
GetUpdateRgn
InvalidateRgn
ExcludeUpdateRgn
ValidateRect
ValidateRgn
SetCapture
ReleaseCapture
GetCapture
ScrollDC
EnableWindow
IsWindowEnabled
DestroyWindow
IsWindow
UpdateWindow
DispatchMessageA
DispatchMessageW
FlashWindow
GetClassLongW
GetFocus
BeginDeferWindowPos
GetUpdateRect
SetClassLongW
IsWindowVisible
DrawTextW
InSendMessage
VkKeyScanW
GetKeyState
TranslateMessage
WaitMessage
GetAsyncKeyState
KillTimer
GetMessageW
GetMessageA
SetTimer
GetInputState
SetKeyboardState
GetKeyboardState
PostQuitMessage
GetCursorPos
RegisterClipboardFormatW
SetCursor
EmptyClipboard
GetClipboardData
CharNextW
OpenIcon
FindWindowW
GetWindowThreadProcessId
CreateMenu
DestroyMenu
DrawMenuBar
GetMenuItemID
GetMenuItemCount
DeleteMenu
RemoveMenu
GetSubMenu
GetMenuState
EnableMenuItem
GetClassNameW
SetWindowWord
EnumThreadWindows
SetScrollPos
GetWindowWord
CallWindowProcW
CallWindowProcA
GetDlgItem
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollInfo
CloseClipboard
CharUpperBuffA
IsClipboardFormatAvailable
SetClipboardData
OpenClipboard
GetClipboardOwner
EnumClipboardFormats
OffsetRect
SendMessageA
InflateRect
GetMessageExtraInfo
CreateCaret
DestroyCaret
SetCaretPos
CharLowerBuffA
GetClassNameA
GetClipboardFormatNameA
CreateWindowExA
DrawTextA
FindWindowA
GetClassLongA
GetWindowTextA
GetWindowLongA
IsCharUpperA
Exports
Exports
Sections
.text Size: 5.2MB - Virtual size: 5.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 20KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 20KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 72KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE