Static task
static1
Behavioral task
behavioral1
Sample
457edf233458d70a6c102489c9370cec_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
457edf233458d70a6c102489c9370cec_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
General
-
Target
457edf233458d70a6c102489c9370cec_JaffaCakes118
-
Size
497KB
-
MD5
457edf233458d70a6c102489c9370cec
-
SHA1
68f42b69c82c5dfff5d393b22e4bc961f27375f9
-
SHA256
604f407459beee6d873834538f956f317efc6382aa6979ad20d3ac51ca0ef5e6
-
SHA512
a0a89ee23300ce5a024e5fe810d2ff14a5986863e05722403b15ee468d0bbfc026b6a1197e3974af083b1367d0b0bec2e14858fa96568e2bdc1939f4c2a51ecd
-
SSDEEP
12288:cR7P0KBE84H9RmtJj20jQyINilH4PxIIYrPak7ZFhhZL:W7PlB54dRmtJi0cynvvLacP
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 457edf233458d70a6c102489c9370cec_JaffaCakes118
Files
-
457edf233458d70a6c102489c9370cec_JaffaCakes118.exe windows:4 windows x86 arch:x86
953ce1f4ac8a4a893fe652365fcbd7eb
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
LocalFlags
lstrcpynA
DisableThreadLibraryCalls
GetConsoleCursorInfo
FillConsoleOutputAttribute
VirtualQueryEx
GetDateFormatA
GetCommandLineW
CreateDirectoryA
CreateDirectoryExA
DebugBreak
GetPrivateProfileSectionNamesW
GetSystemDirectoryW
DeleteFileA
lstrcmpA
CreateSemaphoreW
GetThreadContext
Heap32First
RtlFillMemory
OpenFileMappingA
GetLogicalDriveStringsA
EnumResourceTypesA
GetCurrentDirectoryA
GetLongPathNameA
CompareStringA
EnumSystemLocalesA
CreateMutexW
ResetWriteWatch
SetFileTime
GetStringTypeExW
WriteConsoleInputW
lstrcpyW
lstrcmpiA
ConvertDefaultLocale
GetSystemDefaultLCID
GetEnvironmentVariableW
GetDiskFreeSpaceW
GetLocaleInfoA
SetThreadIdealProcessor
SignalObjectAndWait
GetSystemTimeAdjustment
FindResourceExW
WaitNamedPipeW
WriteProfileSectionA
SetFilePointer
WaitForSingleObject
GetSystemPowerStatus
BeginUpdateResourceA
DebugActiveProcess
EnumResourceNamesA
EnumTimeFormatsW
GetLongPathNameW
FindCloseChangeNotification
GetNumberOfConsoleInputEvents
SetConsoleCursorPosition
WaitNamedPipeA
GetCurrentThread
lstrlen
GetLastError
SetHandleCount
FormatMessageW
SetConsoleCP
GetTempFileNameA
LocalFileTimeToFileTime
HeapLock
LockFileEx
GetVersionExW
GetVersion
GetProcessHeap
GetThreadLocale
LoadLibraryExA
LoadLibraryExW
FindFirstChangeNotificationW
GetProcessHeaps
ReadConsoleInputA
GlobalGetAtomNameA
EnumCalendarInfoA
FindResourceA
ReadFileScatter
SetPriorityClass
SetConsoleScreenBufferSize
UpdateResourceW
lstrcmpW
WaitForSingleObjectEx
WritePrivateProfileStringA
GlobalUnfix
DisconnectNamedPipe
GetEnvironmentStringsA
LocalSize
WriteProfileStringW
ReadConsoleInputW
FlushFileBuffers
FreeLibraryAndExitThread
GetStringTypeW
GetUserDefaultLCID
GlobalHandle
FindAtomW
GetWriteWatch
EnterCriticalSection
CreateToolhelp32Snapshot
GetPrivateProfileStructW
Thread32Next
WritePrivateProfileStringW
OpenWaitableTimerW
SetCurrentDirectoryA
SetCurrentDirectoryW
Heap32ListFirst
SetSystemTime
lstrlenA
GlobalFix
FoldStringA
CreateTapePartition
EnumDateFormatsW
FileTimeToDosDateTime
CommConfigDialogW
FreeConsole
GetFileAttributesExA
RemoveDirectoryA
VirtualAllocEx
WinExec
lstrcpyA
ContinueDebugEvent
CreateMailslotA
WriteConsoleOutputA
GetProfileIntW
FoldStringW
SetEndOfFile
VirtualProtectEx
CreateNamedPipeW
GetDateFormatW
GetVolumeInformationW
InterlockedExchangeAdd
GetProfileIntA
FindResourceW
GetNumberFormatA
EnumSystemLocalesW
Process32Next
Module32First
WriteFileEx
GetTimeFormatW
ResetEvent
CreateThread
GlobalDeleteAtom
CreateDirectoryExW
EnumSystemCodePagesA
CompareFileTime
UnlockFileEx
lstrcmp
CreateWaitableTimerW
WriteProcessMemory
SetThreadLocale
ReadDirectoryChangesW
EnumSystemCodePagesW
UpdateResourceA
GetExitCodeProcess
GetTimeZoneInformation
Module32Next
OpenProcess
SetThreadContext
EraseTape
LoadLibraryW
GetSystemInfo
GetThreadPriority
ReleaseMutex
CreateFileMappingA
CreateFileMappingW
GetThreadSelectorEntry
WriteConsoleOutputW
GetNumberFormatW
FlushViewOfFile
GetProfileStringW
GetTempPathA
HeapValidate
GetConsoleOutputCP
LocalReAlloc
CopyFileExA
GlobalReAlloc
GetQueuedCompletionStatus
SetLocalTime
EnumCalendarInfoExA
ExpandEnvironmentStringsW
EnumResourceLanguagesA
WriteConsoleOutputCharacterA
SetConsoleTextAttribute
CreateEventW
lstrcpynW
PulseEvent
ReadProcessMemory
VirtualUnlock
RemoveDirectoryW
GetConsoleTitleA
OpenEventW
PeekNamedPipe
FindNextChangeNotification
FindClose
GetDriveTypeW
lstrcatA
CreateProcessW
GetShortPathNameW
FindFirstFileW
VirtualFreeEx
Toolhelp32ReadProcessMemory
DuplicateHandle
FindAtomA
LoadModule
lstrcmpi
GetEnvironmentStrings
InitializeCriticalSection
ReadFile
GetACP
SetConsoleWindowInfo
IsValidCodePage
LockResource
LocalHandle
SetEnvironmentVariableW
SetLocaleInfoW
IsValidLocale
EnumDateFormatsExA
GetCurrencyFormatA
WriteProfileStringA
AddAtomW
CreateMailslotW
WriteConsoleW
WritePrivateProfileStructA
DeleteFileW
ReadConsoleOutputA
HeapCompact
OpenFileMappingW
GetStartupInfoA
UnlockFile
lstrcat
LoadResource
TlsFree
HeapCreate
GetProcAddress
GetDiskFreeSpaceExW
SetConsoleOutputCP
GetStartupInfoW
WritePrivateProfileSectionA
OpenWaitableTimerA
FreeResource
TryEnterCriticalSection
DefineDosDeviceW
SystemTimeToFileTime
OpenFile
GlobalSize
SetVolumeLabelW
lstrlenW
ReleaseSemaphore
GetCurrencyFormatW
CreateProcessA
FileTimeToLocalFileTime
SuspendThread
WriteConsoleOutputAttribute
GetFileAttributesExW
GetProcessTimes
FindResourceExA
AddAtomA
SetCriticalSectionSpinCount
SetTimeZoneInformation
SetComputerNameA
GetStdHandle
GetComputerNameA
HeapUnlock
user32
MessageBoxExW
CreateDialogIndirectParamA
PostMessageW
CharToOemW
TabbedTextOutA
GetUserObjectSecurity
GetMenuStringW
PeekMessageW
EnumDisplayDevicesA
GetWindowTextW
SetWindowLongA
GetParent
MapWindowPoints
AttachThreadInput
OpenDesktopW
EnumThreadWindows
RegisterClipboardFormatA
CreateDialogParamW
MessageBoxW
DeleteMenu
CheckMenuItem
AppendMenuA
CloseWindow
SetMenuContextHelpId
SetClassLongW
SystemParametersInfoA
GetTabbedTextExtentW
GetMenuState
DdeFreeDataHandle
GetSystemMenu
GetKeyboardType
PaintDesktop
BroadcastSystemMessage
DrawStateW
SetUserObjectSecurity
GetScrollInfo
CallWindowProcA
GetWindowThreadProcessId
DdeSetUserHandle
DialogBoxParamA
GetWindowLongW
CreateDesktopW
TrackPopupMenu
OpenInputDesktop
GetMonitorInfoW
SetSysColors
GetClassNameA
IsCharLowerA
SetPropA
GetMenuItemInfoW
GetPropA
CreateMenu
FillRect
FrameRect
EnumWindowStationsA
VkKeyScanExW
CharLowerBuffW
GetClipboardData
UnregisterDeviceNotification
LoadCursorA
ChildWindowFromPointEx
CloseClipboard
GetGUIThreadInfo
IsDialogMessageW
LoadAcceleratorsW
PostQuitMessage
SetThreadDesktop
ShowWindowAsync
NotifyWinEvent
GetClipboardFormatNameA
ArrangeIconicWindows
SetWindowTextW
UnpackDDElParam
CallWindowProcW
MessageBoxA
DefWindowProcA
WINNLSGetIMEHotkey
InvalidateRgn
GetWindowTextLengthW
GetKeyboardLayoutList
ScrollWindow
SetMenu
DlgDirSelectComboBoxExW
InsertMenuItemA
CreateWindowExW
DdeGetData
IsDialogMessage
LoadMenuA
ShowCursor
DispatchMessageW
DdeImpersonateClient
CreateIconFromResourceEx
TranslateAcceleratorA
CreateDesktopA
CreateIconIndirect
wsprintfW
SetWindowPlacement
CreateDialogParamA
SetParent
AnyPopup
RegisterHotKey
GetWindowInfo
GetClipboardViewer
GrayStringA
SendNotifyMessageA
LoadImageA
ToAscii
GetClipCursor
DeferWindowPos
DdeClientTransaction
MenuItemFromPoint
AnimateWindow
LoadBitmapW
InflateRect
SendIMEMessageExW
ClientToScreen
CharUpperBuffA
GetClipboardSequenceNumber
MsgWaitForMultipleObjectsEx
CallNextHookEx
RegisterClassExW
LoadIconA
IsCharAlphaNumericA
ShowScrollBar
GetGuiResources
SendNotifyMessageW
DdeConnect
SetCapture
TabbedTextOutW
CloseDesktop
GetKeyNameTextW
HideCaret
SetWinEventHook
EnumWindows
GetComboBoxInfo
MapVirtualKeyA
DdeInitializeA
GetAltTabInfo
ShowWindow
CascadeChildWindows
GetMonitorInfoA
CharUpperW
SetWindowTextA
EnumDesktopsW
GetKeyNameTextA
EnumDesktopsA
PostThreadMessageW
IsIconic
EnableMenuItem
GetMenuItemInfoA
AdjustWindowRectEx
GetWindowTextLengthA
GetClientRect
LoadStringW
GetDialogBaseUnits
SetMenuItemInfoA
DefMDIChildProcA
RegisterDeviceNotificationW
SetWindowPos
SetShellWindow
GetWindowDC
DdeQueryConvInfo
IsMenu
LoadMenuIndirectA
GetThreadDesktop
GetCursorPos
EnumDisplaySettingsA
CallMsgFilterW
ReuseDDElParam
GetKeyState
SetMessageQueue
GetProcessDefaultLayout
SetWindowLongW
GetDCEx
GetMenuStringA
PeekMessageA
LookupIconIdFromDirectoryEx
EmptyClipboard
MessageBoxIndirectW
DdePostAdvise
SetDebugErrorLevel
OpenIcon
GetCaretBlinkTime
CreateMDIWindowA
ExcludeUpdateRgn
InsertMenuItemW
SetDlgItemTextW
SetActiveWindow
LockWindowUpdate
IsWindowEnabled
SetScrollInfo
SetKeyboardState
LoadAcceleratorsA
GetLastActivePopup
EndPaint
ChangeDisplaySettingsExW
WinHelpW
DdeNameService
ToAsciiEx
LoadKeyboardLayoutA
DdeAccessData
GetCaretPos
RemovePropA
UnregisterClassW
ShowCaret
ReplyMessage
GetShellWindow
ScrollWindowEx
EnumDisplaySettingsW
EnableScrollBar
IsWindowVisible
WinHelpA
SwapMouseButton
CreateAcceleratorTableA
CharNextW
GetKBCodePage
DrawAnimatedRects
WINNLSGetEnableStatus
OpenWindowStationW
SetMenuInfo
GetKeyboardLayout
EndDeferWindowPos
DdeCmpStringHandles
IsCharUpperW
ChangeDisplaySettingsExA
GetWindowModuleFileNameW
SetClipboardViewer
GetProcessWindowStation
SendDlgItemMessageA
WaitMessage
DrawTextExW
EnumDesktopWindows
RegisterWindowMessageW
InsertMenuA
DragObject
SetDlgItemInt
FindWindowExA
DrawFrame
GetMessageExtraInfo
SetCaretBlinkTime
RemovePropW
IsCharAlphaW
SetCursorPos
DrawIcon
VkKeyScanExA
ToUnicodeEx
GetKeyboardLayoutNameW
SystemParametersInfoW
FreeDDElParam
SetDlgItemTextA
TileWindows
DrawTextA
IsWindow
OemToCharBuffA
InvalidateRect
DialogBoxIndirectParamA
WindowFromPoint
SetSystemCursor
MonitorFromRect
MapDialogRect
DdeCreateStringHandleW
IsCharAlphaA
GetClassInfoA
SendMessageTimeoutW
GetWindowRect
UnregisterHotKey
LoadMenuIndirectW
GetDlgCtrlID
GetIconInfo
advapi32
RegDeleteValueW
CryptVerifySignatureA
RegSetValueExW
LookupAccountNameW
CryptVerifySignatureW
CryptGetHashParam
RegQueryMultipleValuesW
RegReplaceKeyA
LogonUserW
CryptEnumProviderTypesA
CreateServiceA
RegOpenKeyExA
RegEnumValueA
CryptDestroyHash
ReportEventA
RegSetValueExA
RegQueryValueExA
CryptHashData
CryptDecrypt
CryptSetKeyParam
RegSetValueW
CryptAcquireContextA
RegCreateKeyExW
RegEnumKeyA
CryptEnumProvidersA
RegCloseKey
AbortSystemShutdownW
RegConnectRegistryW
LookupAccountSidW
RegQueryInfoKeyA
CryptDuplicateKey
CryptDeriveKey
CryptSetProviderA
RegDeleteKeyA
RegRestoreKeyW
GetUserNameA
CryptSetProviderW
CryptExportKey
CryptAcquireContextW
CryptEnumProviderTypesW
LookupAccountNameA
CreateServiceW
RegQueryValueW
RevertToSelf
InitiateSystemShutdownA
RegDeleteValueA
StartServiceA
CryptSetProvParam
DuplicateTokenEx
CryptGenRandom
RegCreateKeyW
LookupPrivilegeDisplayNameW
RegQueryInfoKeyW
RegOpenKeyW
LookupPrivilegeValueA
InitializeSecurityDescriptor
CryptGetDefaultProviderA
CryptSetHashParam
RegSaveKeyA
RegRestoreKeyA
RegDeleteKeyW
CryptGetDefaultProviderW
RegSaveKeyW
CryptGenKey
CryptGetKeyParam
RegReplaceKeyW
LookupPrivilegeValueW
CryptSetProviderExA
LookupPrivilegeDisplayNameA
CryptSetProviderExW
CryptReleaseContext
LookupPrivilegeNameA
CryptSignHashW
LookupAccountSidA
CryptGetProvParam
LookupPrivilegeNameW
CryptDestroyKey
LookupSecurityDescriptorPartsA
RegCreateKeyA
RegLoadKeyA
RegOpenKeyExW
ReportEventW
RegEnumKeyW
RegEnumValueW
RegCreateKeyExA
RegQueryMultipleValuesA
RegConnectRegistryA
InitiateSystemShutdownW
CryptCreateHash
DuplicateToken
CryptGetUserKey
shell32
ShellAboutA
SHAppBarMessage
SHBrowseForFolderW
ShellExecuteExW
SHEmptyRecycleBinA
RealShellExecuteW
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListW
DragQueryFileAorW
ExtractIconA
SHBrowseForFolder
SHGetFileInfoA
SHInvokePrinterCommandW
DuplicateIcon
SHGetSettings
DragAcceptFiles
RealShellExecuteA
ShellAboutW
ExtractAssociatedIconW
SHGetPathFromIDList
ExtractAssociatedIconA
SHGetInstanceExplorer
SHGetMalloc
SheSetCurDrive
ShellExecuteA
ShellHookProc
InternalExtractIconListW
DragQueryFileA
ExtractIconEx
CheckEscapesW
RealShellExecuteExA
SHGetSpecialFolderPathA
SHChangeNotify
SheGetDirA
SHGetDiskFreeSpaceA
SHAddToRecentDocs
DoEnvironmentSubstW
SHGetNewLinkInfo
ExtractIconW
SHGetFileInfoW
RealShellExecuteExW
DragQueryPoint
SHQueryRecycleBinW
SHFileOperationW
ExtractIconExA
DragFinish
ExtractAssociatedIconExW
SHGetSpecialFolderPathW
ShellExecuteEx
SHFormatDrive
CommandLineToArgvW
SHEmptyRecycleBinW
SHGetDesktopFolder
FreeIconList
SHFileOperation
SHGetPathFromIDListA
SHGetDataFromIDListA
SHInvokePrinterCommandA
DoEnvironmentSubstA
SHQueryRecycleBinA
SHGetDataFromIDListW
wininet
GetUrlCacheGroupAttributeW
FtpPutFileA
HttpSendRequestA
FtpGetFileEx
InternetFortezzaCommand
GopherFindFirstFileA
InternetErrorDlg
InternetReadFileExA
InternetDial
GetUrlCacheConfigInfoA
InternetGetCookieA
DeleteIE3Cache
UnlockUrlCacheEntryStream
CommitUrlCacheEntryW
UnlockUrlCacheEntryFileW
Sections
.text Size: 172KB - Virtual size: 172KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 295KB - Virtual size: 294KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE