ttvgr64t5yntrht
Static task
static1
Behavioral task
behavioral1
Sample
5018444defe87e2c168e62e6c54c06d6_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
5018444defe87e2c168e62e6c54c06d6_JaffaCakes118
-
Size
284KB
-
MD5
5018444defe87e2c168e62e6c54c06d6
-
SHA1
c7a59bd0eb0ca7d1283d5f126106ceda675889c8
-
SHA256
a84de76bd2586f82390f7d5bcd355be8f04b1538e34703d5faf3fefcaadd8b79
-
SHA512
1a5d32c6e0a7340bcd751eebb1bbe9947216c22bee8031f321114a8dd82a4381a727cbe656adafe5d3f90806be96e160162a45418585e454f99a0f5ea4e1c8e1
-
SSDEEP
6144:n3FkNHorHcvwU16quhYRVB/NSlMYIBMG:2NHmLUcWVBIn2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5018444defe87e2c168e62e6c54c06d6_JaffaCakes118
Files
-
5018444defe87e2c168e62e6c54c06d6_JaffaCakes118.exe windows:4 windows x86 arch:x86
a8e28de2834754c8bb776ff9f8d5399b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualProtect
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
HeapFree
HeapAlloc
RtlUnwind
WritePrivateProfileStringA
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GetOEMCP
GetCPInfo
InterlockedIncrement
RaiseException
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetModuleHandleA
FreeResource
InterlockedDecrement
SetLastError
GlobalFree
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
LoadLibraryA
FreeLibrary
lstrcpynA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
FindResourceA
LoadResource
LockResource
SizeofResource
VirtualAlloc
LoadLibraryW
GetProcAddress
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetHandleCount
InterlockedExchange
user32
SetCapture
SetParent
LoadCursorA
GetSysColorBrush
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ClientToScreen
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
PostQuitMessage
IsZoomed
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
IsChild
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
TrackPopupMenu
SetForegroundWindow
GetClientRect
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
RegisterClassA
LockWindowUpdate
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
PtInRect
GetDC
ReleaseDC
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
GetMenuState
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
EnableWindow
SendMessageA
LoadIconA
SetWindowLongA
CharUpperA
UpdateWindow
TranslateAcceleratorA
IsWindowEnabled
GetWindow
GetDesktopWindow
SendDlgItemMessageA
RegisterWindowMessageA
wsprintfA
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
GetDCEx
WindowFromPoint
KillTimer
SetTimer
SetFocus
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
GetKeyState
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
SetCursor
SetRect
UnregisterClassA
IsWindow
GetWindowLongA
ShowWindow
SetMenu
PostMessageA
BringWindowToTop
GetLastActivePopup
CopyRect
SetRectEmpty
OffsetRect
IntersectRect
CreatePopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
InsertMenuItemA
IsIconic
InvalidateRect
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
gdi32
CreatePatternBrush
GetStockObject
CreateSolidBrush
CreateFontIndirectA
SetRectRgn
CombineRgn
GetBkColor
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
CreateRectRgn
SelectClipRgn
DeleteDC
IntersectClipRect
ExcludeClipRect
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32A
GetTextMetricsA
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetObjectA
CreateFontA
GetCharWidthA
DeleteObject
SelectObject
StretchDIBits
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
SetMapMode
StartDocA
StartPage
EndPage
EndDoc
comdlg32
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
PrintDlgA
winspool.drv
OpenPrinterA
DocumentPropertiesA
ClosePrinter
advapi32
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
shell32
DragFinish
DragQueryFileA
DragAcceptFiles
comctl32
ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
shlwapi
PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA
oleaut32
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
Exports
Exports
Sections
.text Size: 152KB - Virtual size: 149KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 80KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ