Static task
static1
Behavioral task
behavioral1
Sample
59cde1d1810eadc75278a1785663758c_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
59cde1d1810eadc75278a1785663758c_JaffaCakes118.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
General
-
Target
59cde1d1810eadc75278a1785663758c_JaffaCakes118
-
Size
430KB
-
MD5
59cde1d1810eadc75278a1785663758c
-
SHA1
1ada6e08fc765884db715cd3e043be695a334a60
-
SHA256
0b13c35b7f79d32953c1639092bc143f20b0808044a4456c64c30d6e5f9f10e4
-
SHA512
b281d7ed2dda72778006cae74bc75ea8db5bde810588a32f2b096ea07b09ae6d9ced93f69a4efd2a4d62086d2e057578031141c4882fcfd565b2101d6f3a641e
-
SSDEEP
6144:2pOKoy/d/AWm15BmE+njoTogPw63Qrzrrz4DlQd3gn2piU++tsRsRWle29u:aLnd4WYA4TP3QrH4mdQnPU++ORLle29
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 59cde1d1810eadc75278a1785663758c_JaffaCakes118
Files
-
59cde1d1810eadc75278a1785663758c_JaffaCakes118.exe windows:4 windows x86 arch:x86
e7fed26125f9a387a189ccae41df93df
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
IsValidLocale
CreateDirectoryW
GetDiskFreeSpaceExW
CreateDirectoryA
AllocConsole
SetComputerNameW
WriteFileEx
WriteConsoleOutputCharacterW
GetThreadLocale
GetProcessHeaps
LockFileEx
SetWaitableTimer
GetProcAddress
SetThreadPriorityBoost
Module32First
EnumCalendarInfoExA
lstrcat
FreeConsole
GetExitCodeThread
GlobalMemoryStatus
GetCompressedFileSizeA
SetConsoleTextAttribute
LocalCompact
VirtualAllocEx
GetProfileStringW
GetDateFormatW
EnumSystemCodePagesW
GetVersionExA
CreateNamedPipeA
SetThreadAffinityMask
GetThreadPriority
ReleaseSemaphore
ReleaseMutex
SearchPathW
SetCurrentDirectoryW
FileTimeToDosDateTime
GetPrivateProfileSectionNamesW
GetNamedPipeHandleStateA
GlobalGetAtomNameA
FlushInstructionCache
Sleep
GetComputerNameW
PeekConsoleInputA
TlsSetValue
GetDiskFreeSpaceExA
UnmapViewOfFile
BeginUpdateResourceW
WritePrivateProfileStructA
DeleteFiber
GetNamedPipeHandleStateW
GetConsoleMode
GetFileAttributesExW
MoveFileExW
GetLogicalDriveStringsW
GetDiskFreeSpaceW
WritePrivateProfileSectionA
SetComputerNameA
GlobalUnfix
GlobalLock
GetFileType
GetCurrencyFormatA
GetCommandLineW
SetSystemTime
UnlockFileEx
GlobalHandle
GetTempPathA
CommConfigDialogA
CompareStringA
SetConsoleCursorInfo
MoveFileA
DisconnectNamedPipe
GlobalFindAtomA
FoldStringA
ReadConsoleOutputA
WriteConsoleOutputA
GetNumberFormatA
GetConsoleScreenBufferInfo
WriteConsoleOutputCharacterA
FindClose
RtlZeroMemory
GetFullPathNameW
DefineDosDeviceW
VirtualProtect
PeekConsoleInputW
GetSystemTime
LoadLibraryExW
CreateNamedPipeW
GetCurrencyFormatW
FindFirstChangeNotificationA
HeapUnlock
GlobalFree
OpenMutexW
EnumSystemCodePagesA
GetPrivateProfileStructA
TerminateThread
GetSystemTimeAdjustment
GetLastError
GetSystemPowerStatus
DebugActiveProcess
GetAtomNameA
GetTempFileNameW
WriteProfileSectionW
GetEnvironmentVariableA
FreeEnvironmentStringsA
WriteProfileStringW
OpenProcess
GlobalCompact
lstrcatW
GetLogicalDrives
WriteProcessMemory
VirtualFreeEx
SetEvent
IsDebuggerPresent
EnumSystemLocalesW
GetProcessAffinityMask
GetCalendarInfoA
DeviceIoControl
FreeEnvironmentStringsW
Module32Next
DeleteFileA
TransmitCommChar
HeapLock
BeginUpdateResourceA
GetDriveTypeA
GlobalReAlloc
GetUserDefaultLCID
CreateDirectoryExW
GetLocaleInfoA
GlobalFix
EscapeCommFunction
OpenFileMappingA
CreateRemoteThread
ReadFileEx
GetQueuedCompletionStatus
SleepEx
WriteProfileStringA
WaitForSingleObjectEx
CreateProcessA
SetTimeZoneInformation
DosDateTimeToFileTime
LeaveCriticalSection
MapViewOfFileEx
GetConsoleOutputCP
FindFirstFileA
SetEnvironmentVariableA
FillConsoleOutputCharacterW
GetFileAttributesA
SetSystemTimeAdjustment
HeapSize
SetFileAttributesA
ReadConsoleW
SetLocalTime
GetVersion
MoveFileW
LocalSize
SetConsoleCtrlHandler
WriteConsoleW
WritePrivateProfileStructW
SetConsoleCursorPosition
GetLongPathNameA
IsValidCodePage
GetFileTime
UnhandledExceptionFilter
lstrcpy
GetExitCodeProcess
GetTimeZoneInformation
MoveFileExA
SetThreadIdealProcessor
OpenEventA
ConnectNamedPipe
lstrcpynA
LoadLibraryExA
GetStdHandle
FreeLibrary
FindFirstFileExA
EnumTimeFormatsA
WriteConsoleOutputAttribute
GlobalAddAtomA
EnumCalendarInfoExW
GetMailslotInfo
CreateSemaphoreW
EnumResourceNamesW
WaitForDebugEvent
ReadConsoleInputA
GetUserDefaultLangID
lstrlenA
CreateToolhelp32Snapshot
EraseTape
Thread32First
GetProcessTimes
RemoveDirectoryW
ReadConsoleA
SetConsoleActiveScreenBuffer
EnumDateFormatsA
WaitForMultipleObjectsEx
WritePrivateProfileSectionW
SetLocaleInfoW
GetShortPathNameA
lstrcmpiA
GetStringTypeW
ReadConsoleInputW
HeapWalk
GetSystemDefaultLCID
ReadConsoleOutputW
SetConsoleTitleW
HeapCreate
CreateDirectoryExA
WritePrivateProfileStringA
SetConsoleScreenBufferSize
ConvertDefaultLocale
GetEnvironmentStrings
GetNumberOfConsoleInputEvents
GetConsoleTitleA
GetEnvironmentStringsA
WinExec
LocalFree
SetCurrentDirectoryA
SetThreadExecutionState
CreateMutexA
CopyFileExA
SetFileTime
GlobalFindAtomW
GetProfileIntW
GetWindowsDirectoryW
SignalObjectAndWait
CreateFileW
ReadFileScatter
WriteConsoleInputA
ResetEvent
FreeResource
GetModuleHandleW
GetThreadPriorityBoost
GlobalDeleteAtom
SetConsoleCP
LockResource
Heap32Next
GetSystemDefaultLangID
WideCharToMultiByte
GetDateFormatA
MapViewOfFile
CompareFileTime
ContinueDebugEvent
GetPrivateProfileStructW
Heap32ListNext
GetDriveTypeW
CreateSemaphoreA
DeleteCriticalSection
GetEnvironmentVariableW
GetVolumeInformationW
TransactNamedPipe
SearchPathA
OpenWaitableTimerA
CreateConsoleScreenBuffer
GlobalAlloc
CreateMailslotW
GetProcessPriorityBoost
GetCurrentDirectoryW
WaitCommEvent
EnumResourceTypesW
GetPriorityClass
GetNumberOfConsoleMouseButtons
GetCalendarInfoW
SetThreadContext
CommConfigDialogW
GetConsoleTitleW
CreateEventA
DisableThreadLibraryCalls
lstrcpyW
lstrcpyn
EnumSystemLocalesA
InterlockedExchangeAdd
PulseEvent
ExpandEnvironmentStringsW
GetVolumeInformationA
GetLocalTime
SetVolumeLabelA
SetEnvironmentVariableW
WaitNamedPipeA
lstrlen
RtlMoveMemory
GetLargestConsoleWindowSize
GetStringTypeExA
SuspendThread
OpenSemaphoreA
GetModuleFileNameW
GlobalUnlock
SetCriticalSectionSpinCount
GetStringTypeExW
lstrcatA
GetPrivateProfileSectionW
ReadDirectoryChangesW
FreeLibraryAndExitThread
WaitForMultipleObjects
LocalReAlloc
GetFileSize
EnumCalendarInfoA
SetConsoleOutputCP
GetPrivateProfileStringW
SetEndOfFile
LocalFlags
LoadResource
WriteFile
DebugBreak
HeapCompact
FillConsoleOutputAttribute
GetThreadTimes
GetSystemDirectoryW
EnumResourceNamesA
FindResourceW
EnterCriticalSection
DeleteFileW
EnumCalendarInfoW
GlobalFlags
HeapDestroy
lstrcmp
DuplicateHandle
GlobalGetAtomNameW
FindNextChangeNotification
FindFirstChangeNotificationW
CreateWaitableTimerW
GetCompressedFileSizeW
lstrcmpiW
WriteFileGather
FormatMessageW
GetThreadContext
GetTempFileNameA
GetPrivateProfileSectionNamesA
WriteConsoleInputW
DeleteAtom
CreateTapePartition
GetTempPathW
GlobalWire
CreateThread
GetNumberFormatW
AddAtomA
lstrcpyA
SetThreadLocale
FindAtomA
CreateFileMappingA
LoadModule
GetStartupInfoA
OpenWaitableTimerW
AddAtomW
CreateEventW
ReadProcessMemory
lstrcpynW
GetProfileSectionW
SetConsoleTitleA
SetFileAttributesW
TryEnterCriticalSection
GetProcessHeap
VirtualLock
RtlFillMemory
MultiByteToWideChar
LoadLibraryW
WriteConsoleA
MulDiv
GetLocaleInfoW
FormatMessageA
GetProfileIntA
Toolhelp32ReadProcessMemory
SetHandleCount
Heap32First
SetVolumeLabelW
InterlockedCompareExchange
GetTimeFormatA
FindResourceExW
user32
LoadAcceleratorsA
CharToOemW
LoadAcceleratorsW
wsprintfA
SetClipboardViewer
GetFocus
InvertRect
IsChild
LoadCursorFromFileW
OpenDesktopW
GetKeyboardType
ClipCursor
TranslateMDISysAccel
SetProcessWindowStation
DdeAbandonTransaction
GetMenu
IsCharAlphaW
SetUserObjectInformationW
TileChildWindows
CloseClipboard
GetMessageA
OpenWindowStationW
CloseWindow
GetCaretPos
UnloadKeyboardLayout
DialogBoxParamW
IsCharAlphaNumericW
GetKBCodePage
DdeKeepStringHandle
DeleteMenu
GetUserObjectInformationA
RegisterDeviceNotificationA
TrackPopupMenu
OemToCharBuffW
GetProcessDefaultLayout
GrayStringA
GetCursor
GrayStringW
SetActiveWindow
MonitorFromRect
DdeNameService
CreateAcceleratorTableW
GetClassWord
SetClipboardData
DefWindowProcW
IsZoomed
GetWindowLongW
VkKeyScanW
MapVirtualKeyExA
PostThreadMessageA
GetTabbedTextExtentA
GetDlgItemInt
DrawTextExA
SetWindowsHookExW
PeekMessageA
WaitMessage
LoadMenuIndirectW
LoadStringA
GetWindowDC
WinHelpW
SendNotifyMessageW
LoadKeyboardLayoutA
GetKeyState
OpenClipboard
GetWindowTextW
RealGetWindowClass
GetMenuItemInfoW
MessageBoxIndirectA
MessageBoxA
DefWindowProcA
GetLastActivePopup
PostQuitMessage
CreateDialogParamA
GetMessageTime
DrawIcon
RegisterClassA
SetShellWindow
PaintDesktop
ExitWindowsEx
GetKeyboardLayout
GetClientRect
GetMenuCheckMarkDimensions
DragDetect
GetScrollBarInfo
GetAsyncKeyState
GetCursorPos
InvalidateRgn
GetWindowTextLengthW
SetUserObjectSecurity
UnionRect
DestroyIcon
ScreenToClient
ImpersonateDdeClientWindow
SetDlgItemTextW
GetMenuDefaultItem
NotifyWinEvent
DestroyCursor
GetNextDlgTabItem
GetClipCursor
GetMenuInfo
SetUserObjectInformationA
GetMenuStringA
DispatchMessageA
RegisterClipboardFormatW
MapVirtualKeyA
PeekMessageW
ChangeDisplaySettingsExW
LoadBitmapW
GetCapture
GetClipboardViewer
GetProcessWindowStation
DestroyMenu
LoadImageW
ClientToScreen
SetCursor
ValidateRgn
CopyRect
SetPropA
TrackMouseEvent
SetWindowsHookA
SetWindowLongW
LoadImageA
DdeUninitialize
CallNextHookEx
UnregisterHotKey
GetDC
WaitForInputIdle
shell32
ExtractIconEx
SHFileOperationW
DragAcceptFiles
SHGetPathFromIDList
SHGetFileInfoA
SHGetSpecialFolderLocation
SHQueryRecycleBinW
ShellAboutW
SHGetDataFromIDListA
ExtractIconW
SHGetDataFromIDListW
DoEnvironmentSubstA
SHQueryRecycleBinA
SHAppBarMessage
SHGetInstanceExplorer
InternalExtractIconListA
ShellExecuteA
SHGetSpecialFolderPathW
SHGetDiskFreeSpaceA
ExtractIconExA
SHAddToRecentDocs
SheGetDirA
RealShellExecuteExA
SHInvokePrinterCommandA
FreeIconList
CheckEscapesW
RealShellExecuteA
DoEnvironmentSubstW
SheSetCurDrive
ExtractAssociatedIconA
SHGetFileInfoW
SHGetDesktopFolder
SHFreeNameMappings
ShellHookProc
ShellAboutA
DragQueryFileAorW
ShellExecuteExW
SHFileOperation
SHChangeNotify
SHBrowseForFolder
advapi32
RegSetValueA
RegOpenKeyW
CryptSignHashA
InitiateSystemShutdownW
CryptHashData
CryptVerifySignatureA
RegCreateKeyExA
LogonUserA
RegDeleteValueW
RegConnectRegistryW
CryptSignHashW
RegConnectRegistryA
LookupPrivilegeValueA
RegEnumKeyA
RegQueryValueA
RegEnumValueW
LookupPrivilegeDisplayNameA
CryptAcquireContextW
LookupPrivilegeDisplayNameW
LookupAccountNameA
RegDeleteValueA
CryptDecrypt
CryptSetProviderW
gdi32
SetMapMode
EndPath
UpdateICMRegKeyA
CreateDIBPatternBrushPt
ArcTo
PolyDraw
SetROP2
StretchBlt
BitBlt
GetDIBColorTable
GetOutlineTextMetricsA
Ellipse
CreateMetaFileW
GetSystemPaletteUse
AddFontResourceW
ResizePalette
DeviceCapabilitiesExA
CombineTransform
CreateEllipticRgn
SetPixel
IntersectClipRect
SelectClipRgn
SetFontEnumeration
SetTextColor
GetTextFaceA
EnableEUDC
SetPixelFormat
SetViewportExtEx
GetBrushOrgEx
CreateCompatibleBitmap
GetRegionData
GetRasterizerCaps
GetCharWidth32W
Arc
GetArcDirection
ColorCorrectPalette
GetLayout
GetStockObject
GetCharWidthFloatW
SetICMMode
CopyMetaFileA
MaskBlt
EnumFontsW
GetCharWidthW
LineTo
SetLayout
GetClipBox
FrameRgn
GetROP2
GetGlyphOutline
SetPaletteEntries
CreateDCW
GetTextMetricsA
GetICMProfileW
SaveDC
CloseFigure
CreatePen
EnumFontFamiliesW
PolyPolyline
CreateDCA
GetPolyFillMode
SetWorldTransform
SelectClipPath
SetGraphicsMode
PolyTextOutA
GdiGetBatchLimit
InvertRgn
SetICMProfileA
GetCurrentObject
SetRectRgn
GetTextExtentPoint32A
GetPixel
PathToRegion
EnumFontFamiliesExW
GetObjectW
GetWindowOrgEx
TranslateCharsetInfo
GetTextColor
GetDeviceCaps
CreateRectRgn
GetEnhMetaFileHeader
SetDIBColorTable
GetTextExtentPointA
CreateMetaFileA
Sections
.text Size: 116KB - Virtual size: 116KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 290KB - Virtual size: 290KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE