Static task
static1
Behavioral task
behavioral1
Sample
380d61054f341d0a9369a738979f4b36_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
380d61054f341d0a9369a738979f4b36_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
General
-
Target
380d61054f341d0a9369a738979f4b36_JaffaCakes118
-
Size
438KB
-
MD5
380d61054f341d0a9369a738979f4b36
-
SHA1
394156aaf84f186a8ab9bdafc7e4377fde54be46
-
SHA256
b2e5310927ce240e4a638aacbb3f2d1089ee2d2272bc702d66dd3863d8d6b1f2
-
SHA512
d764afc8d2e3b76c97e808cbef486a84e3c3cc717346c07a3b3297bbdc356c8ef4b73988e48fa1b5852d626777b45924ff981e26aec82cb1fa6371d3d42d642b
-
SSDEEP
12288:Uhf8GBpbsu8JQ60U/klsGH5s/288NB+CsSgoTSIqYsu02wdT:ww2rNBeknqYsj2wdT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 380d61054f341d0a9369a738979f4b36_JaffaCakes118
Files
-
380d61054f341d0a9369a738979f4b36_JaffaCakes118.exe windows:4 windows x86 arch:x86
dcfed7619c9f8d99866fe0fc2d38a30b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
Module32Next
SetConsoleScreenBufferSize
InitializeCriticalSectionAndSpinCount
MapViewOfFileEx
MoveFileExA
FindAtomA
GetAtomNameW
GlobalLock
WaitForSingleObject
FindFirstFileW
GetTempPathW
TerminateThread
CloseHandle
GlobalReAlloc
SetConsoleCursorInfo
LocalAlloc
CreateRemoteThread
GlobalUnfix
GetStartupInfoA
FindFirstFileExA
EnumDateFormatsExA
SetThreadPriority
DeleteCriticalSection
SetThreadAffinityMask
Heap32ListNext
IsValidLocale
FormatMessageA
WriteConsoleOutputAttribute
LocalCompact
EnumSystemCodePagesA
WaitForSingleObjectEx
WinExec
VirtualFreeEx
GlobalAlloc
GetCurrencyFormatA
GetSystemInfo
GetThreadContext
SetThreadExecutionState
GetDateFormatW
GetWriteWatch
WritePrivateProfileSectionA
SetConsoleOutputCP
GetSystemTimeAdjustment
EnumCalendarInfoA
LoadModule
ReadConsoleOutputCharacterW
GetProfileSectionA
CreateThread
GetNumberFormatW
GetFileAttributesA
SetFileTime
ReleaseMutex
SetVolumeLabelA
TlsFree
OpenMutexA
GetTempPathA
SignalObjectAndWait
GetStdHandle
CreateFileA
GetExitCodeThread
GetFileType
GetPrivateProfileStringW
DisconnectNamedPipe
TlsGetValue
GetThreadPriorityBoost
SetConsoleCursorPosition
FreeResource
GetVolumeInformationW
GetUserDefaultLCID
MultiByteToWideChar
FindNextFileA
RtlFillMemory
WriteConsoleInputW
CreateProcessA
GetCalendarInfoW
FreeLibrary
GetEnvironmentStringsA
Process32Next
LockFileEx
OpenMutexW
GetProfileIntW
GlobalAddAtomW
CreateMailslotW
GetShortPathNameA
MoveFileW
EnumResourceLanguagesA
LocalLock
GetCompressedFileSizeA
SetConsoleTitleA
FindAtomW
EnumCalendarInfoExA
GetConsoleMode
GetDiskFreeSpaceExA
GetEnvironmentVariableW
GetStringTypeW
WriteConsoleInputA
WriteFile
GetTempFileNameA
lstrcpynW
GlobalCompact
GetLocaleInfoA
HeapLock
GetVersionExA
GetMailslotInfo
GetNumberOfConsoleInputEvents
OpenFileMappingA
GlobalFindAtomA
EnumResourceNamesA
OpenEventA
lstrlenA
CreateFileW
FillConsoleOutputCharacterW
FindFirstFileA
ReadConsoleA
ReadFileEx
ReadProcessMemory
CreateEventW
lstrcpyA
LocalHandle
SetThreadPriorityBoost
GetLogicalDrives
GetNamedPipeHandleStateW
SetConsoleCP
LocalReAlloc
DeleteAtom
GetVersion
GlobalFree
PeekConsoleInputW
GetShortPathNameW
SetEvent
GetDiskFreeSpaceA
GetACP
FreeEnvironmentStringsA
SystemTimeToTzSpecificLocalTime
EscapeCommFunction
GetCurrentDirectoryA
GetFileSize
GetProcessPriorityBoost
IsValidCodePage
LocalUnlock
GetThreadLocale
ExitThread
OpenFile
CompareStringA
GetFullPathNameA
FreeConsole
GetSystemDefaultLangID
ReadConsoleInputA
SystemTimeToFileTime
TlsAlloc
TryEnterCriticalSection
GetPrivateProfileStructA
FlushConsoleInputBuffer
GetModuleFileNameW
GetLogicalDriveStringsW
LeaveCriticalSection
DuplicateHandle
GetDiskFreeSpaceW
GetCurrentThread
AddAtomW
GetSystemDirectoryW
UnhandledExceptionFilter
OpenWaitableTimerW
GetFileAttributesExA
GetCurrentDirectoryW
InterlockedExchangeAdd
EnumResourceTypesW
Toolhelp32ReadProcessMemory
GetCurrencyFormatW
RemoveDirectoryW
ExpandEnvironmentStringsA
ReadConsoleInputW
CreateMailslotA
CreateWaitableTimerW
GetCommandLineW
SetLastError
WriteConsoleOutputW
UpdateResourceA
GlobalGetAtomNameW
FoldStringW
GetPrivateProfileStringA
GetSystemTime
lstrcpyn
EnumSystemLocalesA
CompareFileTime
DebugBreak
GetProfileSectionW
SetHandleCount
SetVolumeLabelW
GetNumberOfConsoleMouseButtons
GetWindowsDirectoryW
WritePrivateProfileStringW
OpenFileMappingW
OutputDebugStringA
GetVolumeInformationA
HeapUnlock
GetPrivateProfileStructW
GlobalHandle
SetConsoleTextAttribute
GetSystemDirectoryA
ResetWriteWatch
GetConsoleCP
GetSystemDefaultLCID
HeapDestroy
SuspendThread
GetProfileStringW
GetProcessShutdownParameters
DefineDosDeviceW
GetPrivateProfileSectionW
lstrlen
FindCloseChangeNotification
Heap32First
GetQueuedCompletionStatus
ReleaseSemaphore
GetEnvironmentStrings
VirtualProtectEx
ReadFileScatter
GetLocaleInfoW
CreateMutexA
CopyFileA
UnmapViewOfFile
ResumeThread
SetThreadIdealProcessor
SetCurrentDirectoryA
HeapCompact
GlobalWire
FreeEnvironmentStringsW
GetFileTime
GetProcessAffinityMask
SetConsoleActiveScreenBuffer
lstrcmpiW
LoadResource
VirtualAllocEx
EnumTimeFormatsA
FindResourceW
WaitForDebugEvent
EnumCalendarInfoExW
GetNamedPipeHandleStateA
GetAtomNameA
GlobalAddAtomA
GlobalGetAtomNameA
SetSystemTimeAdjustment
InitAtomTable
InterlockedDecrement
CreateNamedPipeA
GetConsoleScreenBufferInfo
GetExitCodeProcess
VirtualQueryEx
MoveFileExW
GetStringTypeExA
SetLocalTime
WriteConsoleA
CreateMutexW
WriteProfileStringW
LoadLibraryW
GetFileAttributesW
LoadLibraryExW
DeleteFileA
GetEnvironmentStringsW
FormatMessageW
EnumSystemLocalesW
SetSystemTime
FileTimeToLocalFileTime
SleepEx
CreateWaitableTimerA
GetCalendarInfoA
WriteConsoleOutputCharacterW
GetDateFormatA
GetEnvironmentVariableA
VirtualLock
FreeLibraryAndExitThread
GetTimeFormatA
GetLongPathNameA
SetThreadContext
WritePrivateProfileSectionW
GetPrivateProfileIntA
CreateDirectoryExW
WritePrivateProfileStructW
OpenProcess
VirtualFree
FindFirstChangeNotificationW
FindFirstFileExW
ReadConsoleOutputA
LocalFileTimeToFileTime
lstrcpyW
WriteProfileStringA
GetPriorityClass
VirtualUnlock
CreateProcessW
GetPrivateProfileIntW
GetCommandLineA
Thread32First
SetComputerNameA
CreateTapePartition
EnumResourceTypesA
lstrcpy
CreateConsoleScreenBuffer
EnumDateFormatsW
SetCurrentDirectoryW
WriteFileGather
CreatePipe
GlobalFindAtomW
CreateDirectoryExA
GetStringTypeExW
WaitForMultipleObjects
FindNextFileW
LocalSize
GetUserDefaultLangID
BeginUpdateResourceA
comdlg32
ReplaceTextW
GetSaveFileNameW
GetFileTitleA
GetOpenFileNameW
ReplaceTextA
GetOpenFileNameA
ChooseFontA
FindTextA
wininet
SetUrlCacheEntryGroup
InternetSetCookieW
CreateUrlCacheContainerA
DetectAutoProxyUrl
GetUrlCacheConfigInfoA
CommitUrlCacheEntryW
InternetGetConnectedStateEx
RunOnceUrlCache
InternetConnectW
SetUrlCacheEntryGroupA
FtpCreateDirectoryW
FindNextUrlCacheContainerW
GetUrlCacheGroupAttributeW
InternetQueryOptionA
FtpDeleteFileA
InternetCanonicalizeUrlA
ResumeSuspendedDownload
advapi32
RevertToSelf
RegDeleteValueA
LookupAccountSidA
RegSetValueExW
RegQueryValueA
CryptEnumProvidersW
LookupAccountNameW
CryptExportKey
DuplicateToken
RegConnectRegistryA
RegDeleteKeyW
LookupPrivilegeValueA
RegEnumKeyExW
CryptSignHashA
RegQueryInfoKeyW
RegQueryValueExW
CryptSignHashW
RegSaveKeyW
RegRestoreKeyA
LogonUserW
RegEnumValueW
LookupPrivilegeDisplayNameW
InitiateSystemShutdownA
CryptVerifySignatureA
RegConnectRegistryW
CryptGetProvParam
CryptGetDefaultProviderA
CryptReleaseContext
RegEnumValueA
RegCreateKeyW
CryptEnumProviderTypesW
RegSetValueExA
RegCreateKeyExA
CryptSetProviderExW
CryptDestroyHash
CreateServiceW
RegOpenKeyA
CryptAcquireContextA
RegQueryValueExA
CryptCreateHash
CryptEnumProviderTypesA
CreateServiceA
RegDeleteKeyA
LookupSecurityDescriptorPartsW
RegEnumKeyW
CryptDeriveKey
RegQueryMultipleValuesW
DuplicateTokenEx
RegSetValueA
RegSetKeySecurity
LookupAccountNameA
CryptHashData
CryptVerifySignatureW
CryptGetKeyParam
CryptGetUserKey
RegCreateKeyExW
RegEnumKeyA
RegOpenKeyW
RegCloseKey
CryptSetHashParam
CryptHashSessionKey
CryptSetProviderW
CryptGetHashParam
LogonUserA
CryptGenKey
InitiateSystemShutdownW
RegQueryValueW
CryptEncrypt
RegOpenKeyExW
CryptSetKeyParam
AbortSystemShutdownA
RegSaveKeyA
CryptSetProviderExA
RegLoadKeyW
CryptGenRandom
RegQueryInfoKeyA
StartServiceW
ReportEventA
RegEnumKeyExA
CryptDuplicateKey
RegCreateKeyA
CryptSetProviderA
LookupPrivilegeValueW
CryptImportKey
LookupPrivilegeDisplayNameA
GetUserNameA
RegFlushKey
RegReplaceKeyA
RegOpenKeyExA
RegDeleteValueW
RegSetValueW
CryptGetDefaultProviderW
LookupAccountSidW
RegLoadKeyA
InitializeSecurityDescriptor
RegQueryMultipleValuesA
RegRestoreKeyW
ReportEventW
CryptContextAddRef
CryptDestroyKey
gdi32
CreateFontIndirectA
CreateBrushIndirect
SetPolyFillMode
GetObjectW
GetRandomRgn
GetViewportOrgEx
RoundRect
GetMetaFileA
SelectPalette
SetArcDirection
GetSystemPaletteUse
LineTo
GetPolyFillMode
SetBkColor
MoveToEx
GetTextCharset
SelectObject
GetObjectA
CreateDIBSection
AbortDoc
GetRegionData
SaveDC
UpdateICMRegKeyW
SetFontEnumeration
GetCharWidthFloatA
DrawEscape
SetColorAdjustment
ResizePalette
SetDIBColorTable
ExtFloodFill
CreateEnhMetaFileW
FillPath
GetMapMode
SelectClipRgn
AddFontResourceA
DeleteEnhMetaFile
GetEnhMetaFileBits
PolyDraw
SetICMMode
GetCharABCWidthsFloatA
GetEnhMetaFileW
ColorCorrectPalette
CreateDCA
GetCurrentObject
ExtEscape
CreateRectRgnIndirect
RestoreDC
GetCharacterPlacementW
GetCharWidth32W
GetTextExtentPoint32A
GetTextCharacterExtra
GetGlyphOutlineW
GetTextExtentExPointW
SetWindowExtEx
CreateScalableFontResourceA
SwapBuffers
FlattenPath
GetBkColor
SetDIBitsToDevice
GetPath
GetOutlineTextMetricsW
GdiPlayJournal
SetMagicColors
CopyMetaFileW
GetCurrentPositionEx
Polyline
CreateColorSpaceW
PlayMetaFile
GetTextExtentPointA
CreateColorSpaceA
GetNearestPaletteIndex
GetGlyphOutline
ExtTextOutW
GetColorAdjustment
AnimatePalette
ChoosePixelFormat
GetColorSpace
GetOutlineTextMetricsA
DeleteColorSpace
PlgBlt
PathToRegion
CreateRoundRectRgn
RemoveFontResourceW
TextOutA
EnumFontFamiliesExA
CreateHalftonePalette
SetBitmapDimensionEx
GetCharWidthFloatW
CancelDC
GetTextColor
GetEnhMetaFileA
SetICMProfileW
Polygon
GetTextMetricsA
SetStretchBltMode
GetDCOrgEx
SelectClipPath
CreateFontW
Rectangle
DescribePixelFormat
FillRgn
SetLayout
GetDIBColorTable
ResetDCW
DeviceCapabilitiesExW
CreateFontIndirectW
CreatePenIndirect
CreatePolyPolygonRgn
SetViewportOrgEx
CopyEnhMetaFileA
ArcTo
GetObjectType
PtVisible
SetSystemPaletteUse
UpdateICMRegKeyA
SetPixel
UpdateColors
TextOutW
GetGlyphOutlineA
CreatePalette
CombineRgn
GdiPlayDCScript
GetBrushOrgEx
GetWindowOrgEx
GetMetaFileW
gdiPlaySpoolStream
DeviceCapabilitiesExA
RemoveFontResourceA
SetPixelFormat
ScaleViewportExtEx
GetGraphicsMode
EnumICMProfilesA
GetViewportExtEx
CreateBitmapIndirect
SetMiterLimit
BeginPath
ResetDCA
ExtCreateRegion
GetRasterizerCaps
StrokeAndFillPath
OffsetWindowOrgEx
PolyBezierTo
GetDeviceGammaRamp
SetWorldTransform
IntersectClipRect
CreateEllipticRgnIndirect
CombineTransform
SetTextColor
EnumFontFamiliesExW
GetCharWidthA
GetLogColorSpaceW
GetCharABCWidthsFloatW
CreateCompatibleBitmap
PlayEnhMetaFile
AbortPath
CreateScalableFontResourceW
SetEnhMetaFileBits
EnumFontFamiliesA
GetTextAlign
CreateDIBPatternBrush
MaskBlt
GetTextMetricsW
OffsetRgn
CreateDIBitmap
PolyTextOutA
PolyTextOutW
CreateRectRgn
EnumICMProfilesW
GetSystemPaletteEntries
CreateSolidBrush
FrameRgn
EndDoc
GetTextFaceA
SetTextCharacterExtra
CreateEnhMetaFileA
GetLogColorSpaceA
CreateMetaFileA
GetBoundsRect
CloseFigure
SetBrushOrgEx
shell32
ExtractIconExA
SHGetPathFromIDListA
SHBrowseForFolderW
SHLoadInProc
ExtractIconEx
SHGetFileInfo
CheckEscapesW
SHQueryRecycleBinW
DragQueryFileAorW
SHFileOperation
SHUpdateRecycleBinIcon
SHAppBarMessage
SHGetFileInfoW
DragFinish
ShellExecuteW
FindExecutableW
SHGetDataFromIDListA
SHGetInstanceExplorer
SheChangeDirA
SHGetDiskFreeSpaceA
SHQueryRecycleBinA
SHBrowseForFolder
SHBrowseForFolderA
ExtractAssociatedIconW
SheGetDirA
DragQueryPoint
SHGetFileInfoA
ExtractIconExW
SHGetDataFromIDListW
SHGetSpecialFolderPathA
SHEmptyRecycleBinA
RealShellExecuteExW
DoEnvironmentSubstA
SHGetPathFromIDList
InternalExtractIconListA
ShellExecuteExA
ExtractIconA
FindExecutableA
SHChangeNotify
SHGetMalloc
InternalExtractIconListW
ExtractAssociatedIconA
DragAcceptFiles
ShellHookProc
DragQueryFileA
ExtractAssociatedIconExA
Sections
.text Size: 155KB - Virtual size: 155KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 260KB - Virtual size: 260KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ