Static task
static1
Behavioral task
behavioral1
Sample
34f7ce69ece9d20cfc456350f3a97ae6_JaffaCakes118.exe
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral2
Sample
34f7ce69ece9d20cfc456350f3a97ae6_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
General
-
Target
34f7ce69ece9d20cfc456350f3a97ae6_JaffaCakes118
-
Size
395KB
-
MD5
34f7ce69ece9d20cfc456350f3a97ae6
-
SHA1
98cb8bcde8d416a5d98977c606769558cc247614
-
SHA256
55700f15e3aa21a3b208c4ad5bb0f59f3873c9fc3cae3c9a3881f5794d223f58
-
SHA512
3cdf8c6532d26d049539d29aea8979d56e70fe88e30bdc3a616aa92b99491aadba00059fb3fc9bc8b8d970139b3474d828b44608d192b4d5ed3074a49aa0c260
-
SSDEEP
6144:JF8GI0qgLHmuGABjkhLVjo2n9X7UO/3EGd2H36gQhQFRcpQobJ:TIessSLVjl9X7Urw2qYcDJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 34f7ce69ece9d20cfc456350f3a97ae6_JaffaCakes118
Files
-
34f7ce69ece9d20cfc456350f3a97ae6_JaffaCakes118.exe windows:4 windows x86 arch:x86
12bcb61a4cd101386a6293e1b69b56d4
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
FillConsoleOutputAttribute
HeapLock
GetThreadTimes
ExitThread
DefineDosDeviceA
LockResource
GetDriveTypeW
lstrcpynW
EnumResourceLanguagesW
UpdateResourceA
ReadProcessMemory
InitAtomTable
SetCurrentDirectoryW
ConnectNamedPipe
GetTimeFormatA
WaitForMultipleObjectsEx
GetFileTime
SetEnvironmentVariableA
EnumTimeFormatsW
SetConsoleCursorPosition
LocalFlags
OpenMutexW
SetLocalTime
GetConsoleMode
FileTimeToSystemTime
VirtualProtect
CopyFileExA
VirtualProtectEx
GetNamedPipeInfo
GetCommandLineW
GetCurrentThread
GetCompressedFileSizeA
EnumSystemLocalesA
Module32Next
GetLocaleInfoA
WriteConsoleOutputAttribute
EnumCalendarInfoA
GetCommandLineA
EnumDateFormatsExA
InterlockedIncrement
CreateDirectoryA
SetVolumeLabelW
UpdateResourceW
FreeEnvironmentStringsA
WriteConsoleOutputW
GlobalSize
OpenFileMappingA
LocalLock
lstrcpynA
lstrcmpA
GetHandleInformation
MapViewOfFileEx
CreateFileMappingW
CreateDirectoryExW
CreateDirectoryW
WriteFileEx
UnlockFileEx
EnterCriticalSection
GetPrivateProfileStringA
PeekConsoleInputW
SetThreadIdealProcessor
EnumCalendarInfoExW
lstrcpy
IsDebuggerPresent
EnumCalendarInfoW
VirtualLock
SetThreadPriority
GetNumberOfConsoleMouseButtons
ReadConsoleOutputA
FlushViewOfFile
SetCurrentDirectoryA
GetNumberOfConsoleInputEvents
TlsFree
GlobalFix
GetStdHandle
FindCloseChangeNotification
GetLogicalDrives
lstrcmpiA
CompareStringA
lstrcat
CompareFileTime
LeaveCriticalSection
LocalAlloc
DeleteAtom
OpenWaitableTimerA
Sleep
GetPrivateProfileStructA
FindClose
FindFirstFileExW
FindFirstFileExA
Thread32Next
CreateConsoleScreenBuffer
GetDiskFreeSpaceExA
GetPrivateProfileSectionNamesA
SetComputerNameA
GetEnvironmentVariableA
GetExitCodeProcess
WriteFileGather
TryEnterCriticalSection
MultiByteToWideChar
HeapDestroy
GetLocaleInfoW
GetProcessHeap
WriteConsoleOutputA
LockFileEx
CreateEventW
ReadConsoleW
GlobalAddAtomW
ReadConsoleInputW
CreateNamedPipeW
SetConsoleMode
GetProcessHeaps
TerminateThread
GetShortPathNameA
GetUserDefaultLangID
GetPrivateProfileSectionNamesW
SetEnvironmentVariableW
SetSystemTime
SignalObjectAndWait
FileTimeToDosDateTime
GetModuleHandleW
FormatMessageW
WritePrivateProfileStructW
OpenEventW
GetConsoleCursorInfo
CloseHandle
ReadConsoleOutputAttribute
Heap32ListFirst
CreateToolhelp32Snapshot
FreeLibraryAndExitThread
WinExec
GlobalMemoryStatus
WriteConsoleOutputCharacterW
GetModuleFileNameW
SetFileTime
FileTimeToLocalFileTime
GlobalGetAtomNameA
WritePrivateProfileStringA
DuplicateHandle
PulseEvent
SetConsoleCP
GetDiskFreeSpaceW
GetTimeZoneInformation
SetLocaleInfoW
EnumResourceTypesA
EnumResourceTypesW
WaitForDebugEvent
GetTempFileNameW
SetThreadPriorityBoost
SetFileAttributesA
GetAtomNameW
OpenSemaphoreW
FlushFileBuffers
SetConsoleOutputCP
MoveFileA
PeekConsoleInputA
GetFileAttributesA
RemoveDirectoryA
VirtualFreeEx
ReadFile
GetTempPathW
GlobalFindAtomA
WritePrivateProfileSectionA
EscapeCommFunction
GetThreadContext
IsValidLocale
LocalFileTimeToFileTime
GetCurrentDirectoryA
GetVolumeInformationA
ExpandEnvironmentStringsA
GlobalUnlock
MoveFileExA
AddAtomW
GetThreadPriority
LocalShrink
lstrcmpW
DeviceIoControl
HeapCreate
FindAtomW
GetProcessTimes
SetWaitableTimer
SetConsoleTitleW
HeapValidate
GetComputerNameA
GetCalendarInfoA
UnlockFile
CreateWaitableTimerW
FillConsoleOutputCharacterW
GetEnvironmentVariableW
GetFileInformationByHandle
DeleteCriticalSection
ResetWriteWatch
TlsAlloc
GlobalUnfix
ExpandEnvironmentStringsW
WaitForSingleObject
PeekNamedPipe
SetHandleCount
ReadConsoleInputA
GetLongPathNameA
VirtualUnlock
CreateMutexA
VirtualQueryEx
GetProfileStringA
SetTimeZoneInformation
SetConsoleTitleA
HeapWalk
CreateThread
GetProcessAffinityMask
GetThreadSelectorEntry
GetCurrencyFormatA
GlobalDeleteAtom
SetConsoleWindowInfo
CreateMailslotA
Heap32First
InitializeCriticalSection
SetFileAttributesW
FreeEnvironmentStringsW
FreeLibrary
OpenEventA
EnumResourceNamesA
GlobalLock
GetTempFileNameA
GetACP
UnhandledExceptionFilter
Toolhelp32ReadProcessMemory
GetPrivateProfileStringW
Process32Next
GetPrivateProfileIntA
ResetEvent
CreateSemaphoreW
WideCharToMultiByte
CreateSemaphoreA
GetStartupInfoW
lstrcpyW
WaitCommEvent
SetConsoleTextAttribute
ReadConsoleOutputCharacterW
GetLargestConsoleWindowSize
GetFileSize
EnumDateFormatsW
lstrlen
DeleteFileW
CreateProcessA
ReadConsoleOutputCharacterA
LoadResource
LoadLibraryExW
GetProfileSectionA
DeleteFiber
GetDriveTypeA
SetFilePointer
GetEnvironmentStringsA
RtlMoveMemory
GetDiskFreeSpaceA
GetSystemInfo
ReadConsoleA
SleepEx
LoadModule
GlobalFree
SetThreadExecutionState
HeapUnlock
SetThreadContext
GetProfileStringW
GetVersion
WaitForSingleObjectEx
GetUserDefaultLCID
SearchPathW
FindFirstFileA
GetWindowsDirectoryW
FindFirstFileW
GlobalFindAtomW
GetLongPathNameW
FindAtomA
ContinueDebugEvent
GetConsoleCP
SetEndOfFile
FreeConsole
SetThreadLocale
lstrcpyn
DisconnectNamedPipe
ReadFileScatter
GetAtomNameA
GetLogicalDriveStringsW
CreatePipe
MoveFileW
CreateNamedPipeA
WaitNamedPipeA
OutputDebugStringA
ConvertDefaultLocale
AllocConsole
GetStringTypeExW
CommConfigDialogA
GlobalCompact
ResumeThread
BeginUpdateResourceW
WriteConsoleInputW
GlobalAddAtomA
LocalFree
LocalCompact
GetTempPathA
GetPrivateProfileSectionA
WriteProfileStringA
GetProcessShutdownParameters
DosDateTimeToFileTime
GetDateFormatW
GetEnvironmentStrings
ReadConsoleOutputW
CommConfigDialogW
GetStringTypeA
GetFileType
FindResourceExA
GetPrivateProfileSectionW
WriteConsoleOutputCharacterA
VirtualAllocEx
FindNextChangeNotification
GlobalWire
GetVersionExA
InterlockedCompareExchange
SetConsoleActiveScreenBuffer
FlushConsoleInputBuffer
GetStringTypeW
FoldStringA
EnumSystemCodePagesW
WriteProfileSectionA
ReadDirectoryChangesW
TransmitCommChar
SetCriticalSectionSpinCount
OpenProcess
lstrcpyA
LocalReAlloc
WriteConsoleA
SetPriorityClass
GetNumberFormatW
DebugActiveProcess
GetWriteWatch
ReleaseMutex
GetPrivateProfileIntW
EnumSystemCodePagesA
GetSystemTime
LocalSize
GetLastError
GetNamedPipeHandleStateW
GetConsoleOutputCP
SystemTimeToTzSpecificLocalTime
GlobalHandle
EraseTape
FindResourceExW
GetStringTypeExA
ReleaseSemaphore
CreateMailslotW
GetThreadPriorityBoost
SuspendThread
GetNamedPipeHandleStateA
DefineDosDeviceW
InterlockedExchangeAdd
GetFileAttributesExW
RtlZeroMemory
Heap32ListNext
DebugBreak
CreateTapePartition
SetConsoleScreenBufferSize
HeapCompact
WriteFile
GlobalUnWire
OpenFile
SetVolumeLabelA
FindResourceW
HeapSize
WriteConsoleInputA
lstrcmp
FormatMessageA
LockFile
CreateDirectoryExA
GetConsoleTitleW
WritePrivateProfileSectionW
GetEnvironmentStringsW
CreateFileA
EnumTimeFormatsA
DisableThreadLibraryCalls
SetConsoleCtrlHandler
FillConsoleOutputCharacterA
GlobalGetAtomNameW
GetMailslotInfo
LocalUnlock
LocalHandle
GlobalReAlloc
TransactNamedPipe
WaitNamedPipeW
GetWindowsDirectoryA
GetSystemTimeAdjustment
FlushInstructionCache
SetEvent
GetFileAttributesW
GetCurrentDirectoryW
GetSystemPowerStatus
InterlockedDecrement
Heap32Next
EnumDateFormatsA
GetProcAddress
WriteConsoleW
SystemTimeToFileTime
InitializeCriticalSectionAndSpinCount
GetStartupInfoA
CreateProcessW
EnumResourceLanguagesA
OpenWaitableTimerW
SetLocaleInfoA
GetNumberFormatA
SearchPathA
WaitForMultipleObjects
GetExitCodeThread
EnumCalendarInfoExA
GetCurrencyFormatW
GetSystemDirectoryA
FindNextFileW
GetTimeFormatW
lstrcatW
lstrlenW
CreateFileW
GetFullPathNameA
GetCalendarInfoW
GetConsoleTitleA
TlsGetValue
BeginUpdateResourceA
FindFirstChangeNotificationA
MulDiv
FoldStringW
VirtualFree
GlobalAlloc
GetComputerNameW
GetPrivateProfileStructW
GetProfileIntW
FreeResource
SetSystemTimeAdjustment
Module32First
GetCompressedFileSizeW
Thread32First
GetProcessPriorityBoost
WritePrivateProfileStringW
MoveFileExW
GetSystemDirectoryW
WriteProfileSectionW
FindFirstChangeNotificationW
GetSystemDefaultLangID
SetComputerNameW
OpenSemaphoreA
IsValidCodePage
GetFullPathNameW
GetVersionExW
WriteProfileStringW
GetLogicalDriveStringsA
LoadLibraryW
CreateMutexW
GetSystemDefaultLCID
OutputDebugStringW
SetConsoleCursorInfo
UnmapViewOfFile
EnumDateFormatsExW
CreateEventA
GetProfileSectionW
LoadLibraryExA
CreateFileMappingA
lstrcmpi
GetLocalTime
RtlFillMemory
CreateWaitableTimerA
DeleteFileA
ReadFileEx
GetThreadLocale
GetConsoleScreenBufferInfo
lstrcmpiW
RemoveDirectoryW
EnumSystemLocalesW
GlobalFlags
GetProcessVersion
GetProfileIntA
SetLastError
OpenMutexA
GetVolumeInformationW
AddAtomA
WritePrivateProfileStructA
comdlg32
ReplaceTextA
PrintDlgA
ChooseColorW
LoadAlterBitmap
GetOpenFileNameA
FindTextW
GetSaveFileNameW
GetFileTitleA
ReplaceTextW
ChooseFontW
PageSetupDlgA
PrintDlgW
ChooseFontA
ChooseColorA
GetSaveFileNameA
user32
EnumPropsW
LoadCursorW
EnumDisplayDevicesW
GetMenu
GetClipboardViewer
InflateRect
SetClassLongW
LoadKeyboardLayoutA
SetTimer
GetGuiResources
CheckMenuRadioItem
MapVirtualKeyExW
GetCursorInfo
DdeCreateStringHandleW
CheckDlgButton
GetSystemMenu
GetWindowTextA
GetProcessWindowStation
FindWindowA
CharNextExA
GetKBCodePage
VkKeyScanA
GetMenuStringA
RegisterDeviceNotificationA
DlgDirSelectComboBoxExW
SendMessageTimeoutA
FindWindowExW
MessageBeep
IsCharLowerA
BlockInput
DdeInitializeA
SendIMEMessageExA
IsClipboardFormatAvailable
SystemParametersInfoA
DestroyMenu
DdeGetLastError
RegisterClassExW
CreateAcceleratorTableW
MapVirtualKeyA
GetScrollInfo
GetMenuCheckMarkDimensions
WinHelpW
SetDoubleClickTime
GetClassInfoExA
GetAncestor
GetMessageTime
ToUnicode
GetDoubleClickTime
SystemParametersInfoW
GetCursorPos
RemovePropA
CopyImage
advapi32
LogonUserW
CryptHashData
RegRestoreKeyW
RegDeleteValueA
StartServiceW
CryptDecrypt
RegEnumValueW
CryptEnumProvidersA
CryptGetKeyParam
CryptSignHashW
RegEnumKeyW
RegConnectRegistryA
CryptContextAddRef
CryptSetKeyParam
RegCreateKeyExA
RegDeleteKeyW
LookupPrivilegeNameA
CryptAcquireContextW
RegReplaceKeyA
CryptEnumProviderTypesA
RegQueryValueW
RegSetValueA
CryptReleaseContext
CryptDestroyHash
DuplicateToken
RegDeleteValueW
CryptSetProviderExA
RegQueryValueA
CryptEnumProviderTypesW
CryptSetProviderA
DuplicateTokenEx
CryptGenKey
LookupAccountNameA
CryptSetHashParam
RegFlushKey
CryptGetHashParam
RegQueryMultipleValuesW
RegCreateKeyExW
RegEnumKeyExA
CryptCreateHash
CryptGenRandom
RegSetValueW
LookupSecurityDescriptorPartsW
CryptExportKey
RegDeleteKeyA
CryptEncrypt
RegQueryInfoKeyA
ReportEventW
CryptDuplicateHash
RegSaveKeyA
AbortSystemShutdownW
RegOpenKeyExW
CryptDeriveKey
RegEnumValueA
RegOpenKeyExA
RegOpenKeyA
GetUserNameA
CryptGetProvParam
CryptVerifySignatureA
CreateServiceW
RegSetValueExW
CryptVerifySignatureW
LookupAccountSidW
CryptDestroyKey
RegOpenKeyW
RegRestoreKeyA
RegCreateKeyW
RegLoadKeyA
CryptSignHashA
StartServiceA
RegSetKeySecurity
InitializeSecurityDescriptor
RegCreateKeyA
LookupPrivilegeDisplayNameW
CryptAcquireContextA
CryptGetDefaultProviderA
InitiateSystemShutdownA
CryptHashSessionKey
LookupAccountNameW
RegConnectRegistryW
CryptImportKey
LookupAccountSidA
RegReplaceKeyW
RegEnumKeyA
RegQueryMultipleValuesA
RegQueryValueExA
RevertToSelf
RegEnumKeyExW
RegSaveKeyW
LookupPrivilegeDisplayNameA
ReportEventA
CryptDuplicateKey
Sections
.text Size: 115KB - Virtual size: 115KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 262KB - Virtual size: 262KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ