Static task
static1
Behavioral task
behavioral1
Sample
38a99bbaa385d625d7a01835c05b5d12_JaffaCakes118.exe
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral2
Sample
38a99bbaa385d625d7a01835c05b5d12_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
General
-
Target
38a99bbaa385d625d7a01835c05b5d12_JaffaCakes118
-
Size
361KB
-
MD5
38a99bbaa385d625d7a01835c05b5d12
-
SHA1
0d3ae5117ddda8e6832f3d38a37685edc9fd7bfb
-
SHA256
8b349052b48de0eacbb44f3c7fa9b642b7ed1624d11cdff00be6f890f5fddf1f
-
SHA512
e90b0f207bf5ab98c4879091b5ee48c18fd4f36e197f4bd6fc838bee4d2695860b775ecd4038819bcf0af27cc4145fc5657286363344d4a1bed86ad9534753c8
-
SSDEEP
6144:LRjq9fdEk82rHNFjWIpdEP6vhIk7WjfVAtFgIvCzKYxt4trXdlUns854fr:NmAwXjWI26vWk7WjtULCKYxt4VdlUs8s
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 38a99bbaa385d625d7a01835c05b5d12_JaffaCakes118
Files
-
38a99bbaa385d625d7a01835c05b5d12_JaffaCakes118.exe windows:4 windows x86 arch:x86
54218af146f21fb6170ebcca12dc85e9
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetProcessWorkingSetSize
TerminateProcess
LockFileEx
ExitProcess
BuildCommDCBAndTimeoutsA
ClearCommError
GetLogicalDriveStringsW
WaitNamedPipeA
GetProcessHeap
HeapSize
GetThreadContext
SizeofResource
SetFileTime
_lread
GetPrivateProfileIntA
VirtualProtect
SetCurrentDirectoryW
GetModuleFileNameW
LocalFileTimeToFileTime
QueryPerformanceCounter
SetThreadExecutionState
CreateThread
InterlockedExchangeAdd
SetSystemTimeAdjustment
GetUserDefaultLangID
VirtualQuery
InterlockedCompareExchange
SetConsoleCursorPosition
GetVersionExW
GetLogicalDriveStringsA
lstrcpyA
HeapCompact
SetComputerNameW
PostQueuedCompletionStatus
GenerateConsoleCtrlEvent
GetCPInfoExW
InitializeCriticalSection
SetConsoleCtrlHandler
GetSystemTime
SetTapePosition
IsBadStringPtrA
lstrcpynA
WriteProfileSectionA
PeekNamedPipe
CreateProcessA
GetFileInformationByHandle
GetFileAttributesExA
GetStringTypeExA
FillConsoleOutputAttribute
GlobalUnfix
OpenFileMappingA
_hread
FillConsoleOutputCharacterW
GetPrivateProfileSectionNamesA
FindNextChangeNotification
EnumDateFormatsA
AreFileApisANSI
WriteConsoleW
GetAtomNameA
FreeConsole
GetCurrentProcess
OpenMutexA
FindResourceA
GetDateFormatW
GetNamedPipeHandleStateW
GetVolumeInformationW
SetConsoleCP
GetFileTime
OpenSemaphoreW
GetCalendarInfoW
GetDiskFreeSpaceExW
WritePrivateProfileStringW
SetConsoleWindowInfo
GetFullPathNameW
GetCommProperties
CancelDeviceWakeupRequest
SetFileAttributesW
WaitNamedPipeW
GetNumberOfConsoleInputEvents
GlobalMemoryStatus
FillConsoleOutputCharacterA
SetVolumeLabelA
SetVolumeLabelW
GetDiskFreeSpaceExA
GetDefaultCommConfigA
WritePrivateProfileStructA
GetTickCount
SetConsoleTextAttribute
IsDBCSLeadByte
GlobalHandle
OpenFileMappingW
FatalAppExitA
WriteFile
GlobalAlloc
MoveFileExW
GetProfileSectionA
GetCurrentDirectoryW
DeleteAtom
WriteConsoleOutputW
RequestDeviceWakeup
FindFirstChangeNotificationW
GetCommandLineW
DebugActiveProcess
GetDriveTypeW
GetQueuedCompletionStatus
TlsFree
QueryDosDeviceA
GetLongPathNameW
IsBadCodePtr
lstrcatA
GetFileAttributesExW
lstrlenA
GetSystemDirectoryW
LocalFlags
GetUserDefaultLCID
ReadConsoleOutputA
EnumResourceLanguagesA
GetCalendarInfoA
LocalLock
ConvertDefaultLocale
VerLanguageNameA
GetNamedPipeInfo
GetComputerNameA
GetStartupInfoA
DeleteCriticalSection
GetProcessPriorityBoost
SetThreadAffinityMask
WaitForMultipleObjects
GetCurrentThread
WriteProfileStringW
ReadFileScatter
SetConsoleScreenBufferSize
FatalExit
FoldStringW
GetPriorityClass
GetLocalTime
GlobalAddAtomA
GlobalFindAtomW
HeapDestroy
WaitForDebugEvent
InterlockedIncrement
GetVersion
GetPrivateProfileStringW
SetHandleCount
FindFirstFileA
WaitForMultipleObjectsEx
FatalAppExitW
GetCurrentDirectoryA
WriteProfileSectionW
FindAtomW
LocalHandle
CreateDirectoryW
GetTimeFormatA
ConnectNamedPipe
GetModuleHandleA
GetProfileStringA
GetShortPathNameA
LeaveCriticalSection
EnumSystemCodePagesW
OpenFile
EnumTimeFormatsA
GetThreadTimes
SetSystemPowerState
TlsGetValue
CreateNamedPipeW
GlobalReAlloc
BeginUpdateResourceW
BuildCommDCBW
UpdateResourceA
GetNamedPipeHandleStateA
lstrcmpA
PrepareTape
SetCommTimeouts
CreateMutexW
GetBinaryTypeA
BackupRead
SetThreadPriority
CommConfigDialogA
CreateDirectoryExW
Thread32First
GetDriveTypeA
HeapLock
GetDateFormatA
LoadModule
ReadConsoleOutputW
GetTapeStatus
GetACP
GetLocaleInfoA
CreateFileW
WritePrivateProfileStructW
GetSystemDefaultLCID
SystemTimeToTzSpecificLocalTime
IsProcessorFeaturePresent
GlobalFindAtomA
GetPrivateProfileSectionW
SetUnhandledExceptionFilter
GetCurrencyFormatA
DeleteFileA
QueryDosDeviceW
HeapReAlloc
GlobalGetAtomNameA
WriteFileGather
WriteFileEx
WriteConsoleOutputA
GetPrivateProfileSectionNamesW
ReadConsoleOutputAttribute
IsBadStringPtrW
Sleep
FindFirstFileW
AllocConsole
_llseek
EnumTimeFormatsW
ScrollConsoleScreenBufferW
ResetEvent
CreateMailslotA
CreateTapePartition
PeekConsoleInputW
GetTempPathW
SetConsoleTitleA
SearchPathW
FreeLibrary
ReadConsoleA
FreeResource
GetNumberFormatA
CreateDirectoryA
LockResource
GetThreadLocale
GetCompressedFileSizeA
VirtualAllocEx
GetFileAttributesA
GetConsoleTitleA
FormatMessageA
SetEndOfFile
LocalAlloc
GetVolumeInformationA
WriteConsoleOutputAttribute
RequestWakeupLatency
GetVersionExA
GetLocaleInfoW
DosDateTimeToFileTime
WriteTapemark
SetThreadLocale
VirtualUnlock
EnumSystemLocalesW
SetCommBreak
FlushInstructionCache
GetCurrentThreadId
UpdateResourceW
TransmitCommChar
ExpandEnvironmentStringsW
SetConsoleOutputCP
VirtualQueryEx
PeekConsoleInputA
CopyFileW
CreateRemoteThread
ResumeThread
SetDefaultCommConfigW
GetCommModemStatus
LCMapStringW
GetLongPathNameA
SetPriorityClass
ContinueDebugEvent
GetModuleFileNameA
UnmapViewOfFile
FindAtomA
CommConfigDialogW
SetErrorMode
ReadConsoleOutputCharacterW
CreateSemaphoreA
PurgeComm
lstrcpyW
GetOverlappedResult
SetCommMask
SetEvent
GetTimeZoneInformation
GetCommState
SetConsoleMode
GetFileType
GetLargestConsoleWindowSize
FreeEnvironmentStringsW
GetStringTypeExW
GetTempPathA
QueryPerformanceFrequency
GlobalGetAtomNameW
user32
SendDlgItemMessageW
GetProcessWindowStation
TabbedTextOutA
CallWindowProcW
GetDlgItemInt
SetMessageQueue
CreateAcceleratorTableA
ScreenToClient
SetMenu
ValidateRgn
GetWindowLongA
ReleaseCapture
DrawStateA
MessageBoxExW
SendMessageA
ArrangeIconicWindows
LoadMenuIndirectA
CloseWindow
EnumPropsW
GetNextDlgGroupItem
GetUpdateRect
CreateWindowStationA
EndDeferWindowPos
SetClassLongW
DlgDirSelectExA
GetClassInfoW
MessageBoxA
OffsetRect
CharPrevW
GetDialogBaseUnits
GetForegroundWindow
LoadStringW
GetScrollInfo
GetClipboardFormatNameA
DefDlgProcA
CreateMenu
SetPropA
CloseClipboard
GetScrollRange
OemToCharA
DestroyCaret
SetWindowLongW
AdjustWindowRect
UnionRect
DefWindowProcA
RegisterClipboardFormatA
SetCursor
VkKeyScanW
GetSystemMetrics
FrameRect
CheckMenuItem
GetKeyboardLayoutNameW
GetSysColorBrush
FindWindowW
GetMessageTime
MsgWaitForMultipleObjectsEx
SetWindowTextW
UnhookWindowsHookEx
DefDlgProcW
GetMenuDefaultItem
CloseDesktop
CheckRadioButton
SendDlgItemMessageA
CreatePopupMenu
ExcludeUpdateRgn
LoadKeyboardLayoutW
GetDlgItem
CharUpperA
GetWindowTextA
DlgDirSelectComboBoxExW
CharUpperBuffW
CallWindowProcA
IsDlgButtonChecked
DefFrameProcA
ChangeClipboardChain
GetKeyboardLayoutNameA
CascadeWindows
SetMenuItemInfoA
SendMessageTimeoutA
ModifyMenuW
CreateIconFromResource
EnumPropsA
DeferWindowPos
LoadCursorFromFileW
EnumDesktopsW
PostMessageW
AdjustWindowRectEx
keybd_event
SetThreadDesktop
DrawEdge
SetUserObjectSecurity
VkKeyScanExW
EnumPropsExA
GetClipCursor
CopyIcon
GetClipboardFormatNameW
InsertMenuItemA
GetWindowTextLengthA
GetMenuStringW
CallMsgFilterW
UnregisterClassW
GetMenuCheckMarkDimensions
ShowOwnedPopups
CopyImage
IsWindowUnicode
UnhookWindowsHook
ModifyMenuA
InsertMenuA
GetWindowRgn
VkKeyScanExA
GetKeyNameTextA
EqualRect
ChangeDisplaySettingsExA
EnumDesktopsA
PostThreadMessageA
SystemParametersInfoW
GetTabbedTextExtentW
mouse_event
GetKeyboardLayout
wsprintfW
EnumDesktopWindows
SetRectEmpty
DlgDirSelectExW
GetShellWindow
GetWindowDC
OemToCharW
GetParent
SetForegroundWindow
SetCursorPos
GetMenuItemCount
CharUpperW
TranslateMessage
GetClipboardData
CreateMDIWindowA
TranslateAcceleratorA
FillRect
CreateCursor
DrawIcon
GetClassNameW
RemoveMenu
CharLowerBuffA
IsIconic
IsCharAlphaNumericA
CreateDialogParamA
GetMenu
AttachThreadInput
IsCharLowerW
RegisterClassExA
LockWindowUpdate
OpenInputDesktop
GetCursorPos
DrawIconEx
SetScrollInfo
EndPaint
DragDetect
DrawTextExW
GetWindowWord
CharToOemBuffW
TileWindows
SendMessageCallbackW
IsDialogMessageA
SetParent
GetClassNameA
CreateWindowStationW
SetWindowTextA
GetClipboardOwner
DrawCaption
DialogBoxParamW
PostThreadMessageW
ShowWindow
SetWindowContextHelpId
ChangeMenuW
GetAsyncKeyState
OpenIcon
SetMenuContextHelpId
DrawTextA
CallMsgFilterA
GetMessagePos
SwitchDesktop
MapWindowPoints
IsWindowEnabled
BeginPaint
DestroyMenu
MessageBeep
EnumWindowStationsW
DialogBoxIndirectParamA
RemovePropA
DrawTextW
GetMenuItemInfoW
GetCaretBlinkTime
SetLastErrorEx
GetOpenClipboardWindow
GetDlgItemTextA
TabbedTextOutW
GetKeyNameTextW
IsCharAlphaNumericW
CloseWindowStation
SetWindowPos
SetKeyboardState
ExitWindowsEx
gdi32
SetPixelFormat
EnumICMProfilesA
GetGlyphOutlineA
GetTextExtentPoint32W
SetAbortProc
GetEnhMetaFileDescriptionA
PatBlt
GetTextExtentPointA
PolylineTo
Escape
GetCharABCWidthsW
RealizePalette
RemoveFontResourceA
RoundRect
GetColorSpace
GetBkMode
GetCurrentPositionEx
CreatePen
CreateDiscardableBitmap
InvertRgn
FrameRgn
GetBitmapDimensionEx
SetMetaFileBitsEx
SetBoundsRect
GetClipRgn
PolyPolyline
GetTextColor
GetObjectA
CreateScalableFontResourceA
GetDIBColorTable
ExtFloodFill
CreateDIBitmap
EnumEnhMetaFile
GetOutlineTextMetricsA
CreateCompatibleDC
EnumFontsW
CreateDCA
SetMiterLimit
DeleteColorSpace
SetDIBitsToDevice
GetTextExtentExPointW
GetEnhMetaFileW
AnimatePalette
DeleteObject
WidenPath
GetCharacterPlacementW
CreateMetaFileA
SetArcDirection
GetRandomRgn
GetICMProfileW
CopyEnhMetaFileA
CheckColorsInGamut
SetEnhMetaFileBits
SetPixelV
GetClipBox
GdiGetBatchLimit
GetMiterLimit
StartDocA
GetMetaFileA
UnrealizeObject
SetTextColor
RemoveFontResourceW
SetWinMetaFileBits
CreateEllipticRgn
SetICMProfileW
MaskBlt
CreateRectRgnIndirect
CopyMetaFileW
StartPage
SetBkColor
ModifyWorldTransform
SetColorAdjustment
GetLogColorSpaceW
DeleteMetaFile
GetEnhMetaFileA
DescribePixelFormat
GetEnhMetaFileBits
SetStretchBltMode
FloodFill
SelectPalette
GetViewportExtEx
GetRasterizerCaps
PlgBlt
SelectClipRgn
ExtTextOutW
GetStretchBltMode
TextOutA
CreateBitmap
GetCharWidthW
EnumICMProfilesW
GetTextExtentPoint32A
AbortDoc
StretchDIBits
GetDeviceGammaRamp
EnumFontFamiliesA
CloseMetaFile
ExtSelectClipRgn
ColorMatchToTarget
ArcTo
UpdateColors
SetBkMode
SetDIBits
CreateRoundRectRgn
DeleteDC
PlayMetaFileRecord
CreateICW
StretchBlt
CreateScalableFontResourceW
GetEnhMetaFileHeader
SetPolyFillMode
GetCharWidth32A
GetCharWidthFloatA
ChoosePixelFormat
AddFontResourceW
EnumFontFamiliesExA
PolyBezierTo
AbortPath
EnumFontFamiliesW
SetBitmapBits
GetTextFaceW
PtInRegion
CreateColorSpaceA
GetFontData
GetStockObject
GetTextFaceA
GetObjectType
PlayEnhMetaFile
GetTextCharacterExtra
GetMetaRgn
AngleArc
RestoreDC
GetTextCharsetInfo
GetOutlineTextMetricsW
Rectangle
OffsetViewportOrgEx
FlattenPath
GetTextAlign
BeginPath
TranslateCharsetInfo
GetROP2
GetCharWidth32W
GetFontLanguageInfo
CreateBrushIndirect
ScaleWindowExtEx
SetGraphicsMode
FillPath
CombineRgn
GetCharABCWidthsA
CreateFontW
GetMetaFileBitsEx
CreateDIBSection
CreateICA
SetTextCharacterExtra
StartDocW
BitBlt
GdiSetBatchLimit
GetArcDirection
CreatePenIndirect
EndPath
CreateFontIndirectA
GdiFlush
comdlg32
FindTextA
GetFileTitleW
ChooseFontW
ReplaceTextA
CommDlgExtendedError
ChooseFontA
ReplaceTextW
GetSaveFileNameA
GetSaveFileNameW
PrintDlgA
advapi32
CryptGetProvParam
GetAuditedPermissionsFromAclA
OpenBackupEventLogA
GetSidSubAuthority
LookupPrivilegeNameW
SetEntriesInAclA
IsValidSid
GetPrivateObjectSecurity
RegQueryInfoKeyA
BuildExplicitAccessWithNameW
RegEnumValueW
EnumServicesStatusW
InitiateSystemShutdownA
ClearEventLogA
RegEnumKeyA
CryptSetHashParam
CryptSetProviderA
StartServiceA
ReportEventA
RegDeleteValueA
CryptHashData
GetFileSecurityW
StartServiceW
CryptCreateHash
ClearEventLogW
GetSidSubAuthorityCount
CryptSignHashW
SetEntriesInAclW
AllocateAndInitializeSid
NotifyBootConfigStatus
ObjectCloseAuditAlarmA
StartServiceCtrlDispatcherA
RegGetKeySecurity
RegReplaceKeyW
FindFirstFreeAce
RegisterServiceCtrlHandlerA
CryptDuplicateKey
GetSecurityDescriptorDacl
SetNamedSecurityInfoA
CryptGetUserKey
AdjustTokenPrivileges
GetSecurityDescriptorLength
SetSecurityDescriptorGroup
CryptGetKeyParam
SetNamedSecurityInfoW
RegQueryValueW
CryptGenRandom
RegOpenKeyW
GetServiceKeyNameA
CryptVerifySignatureA
AccessCheckAndAuditAlarmA
LookupAccountNameW
SetServiceObjectSecurity
BackupEventLogW
AbortSystemShutdownW
ReadEventLogA
RegSaveKeyW
DuplicateToken
RegCloseKey
CryptEnumProvidersA
CreateServiceW
OpenSCManagerW
CryptExportKey
AddAuditAccessAce
InitializeSecurityDescriptor
LookupPrivilegeNameA
CryptSetProvParam
AddAce
EqualSid
GetUserNameW
QueryServiceConfigA
BuildSecurityDescriptorA
InitiateSystemShutdownW
GetAclInformation
ControlService
NotifyChangeEventLog
RegQueryInfoKeyW
RegSetValueA
BuildExplicitAccessWithNameA
RegUnLoadKeyW
CryptReleaseContext
GetServiceKeyNameW
RegDeleteKeyA
RegQueryValueA
RegQueryMultipleValuesA
CloseEventLog
GetServiceDisplayNameW
MakeSelfRelativeSD
ObjectDeleteAuditAlarmW
CryptSetProviderW
GetSecurityDescriptorOwner
RegLoadKeyA
AccessCheckAndAuditAlarmW
RegRestoreKeyA
DeleteService
RegSetValueW
GetExplicitEntriesFromAclW
RegConnectRegistryA
CryptDestroyHash
LookupPrivilegeDisplayNameW
StartServiceCtrlDispatcherW
RegQueryValueExW
CreatePrivateObjectSecurity
ImpersonateLoggedOnUser
AdjustTokenGroups
CopySid
RegConnectRegistryW
EnumDependentServicesW
RegOpenKeyExA
BuildImpersonateExplicitAccessWithNameA
BuildImpersonateTrusteeA
SetSecurityDescriptorSacl
SetFileSecurityA
MapGenericMask
GetNumberOfEventLogRecords
LockServiceDatabase
GetTokenInformation
GetExplicitEntriesFromAclA
RevertToSelf
IsTextUnicode
CryptAcquireContextW
CryptSignHashA
GetOldestEventLogRecord
CryptAcquireContextA
GetMultipleTrusteeA
ChangeServiceConfigW
SetServiceStatus
SetSecurityDescriptorDacl
GetTrusteeNameW
OpenEventLogA
IsValidAcl
shell32
SHGetDesktopFolder
SHAddToRecentDocs
ExtractAssociatedIconW
ord179
ExtractAssociatedIconExA
CommandLineToArgvW
SHQueryRecycleBinW
FindExecutableA
ExtractIconA
SHEmptyRecycleBinW
DragFinish
SHBrowseForFolderW
ShellExecuteW
SHFormatDrive
DragQueryPoint
SHGetSpecialFolderLocation
ShellExecuteExA
DragQueryFileA
Shell_NotifyIconW
SHAppBarMessage
Shell_NotifyIconA
DragAcceptFiles
SHGetDataFromIDListA
SHGetFileInfoW
ExtractIconExW
DuplicateIcon
SHGetFileInfoA
SHGetSettings
DoEnvironmentSubstA
msvcrt
__getmainargs
exit
_XcptFilter
_exit
_acmdln
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
Sections
.text Size: 282KB - Virtual size: 284KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 22KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
skimndpp Size: 45KB - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
57oo4.15 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ