c:\depot\workscd\Common\Components\win95uni\Release\WkWinUni.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
8a7ccef35d6736136077f197f93c5dc5_JaffaCakes118.dll
Resource
win7-20240708-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
8a7ccef35d6736136077f197f93c5dc5_JaffaCakes118.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
8a7ccef35d6736136077f197f93c5dc5_JaffaCakes118
-
Size
276KB
-
MD5
8a7ccef35d6736136077f197f93c5dc5
-
SHA1
89d3a99b1c60d5159389efcc5e8fe7812c70127e
-
SHA256
144bcd1304b7fc9d4baddeaf55ccbda596b6314296de491371e09744d869acf8
-
SHA512
607fecade4b33416bd38b4c226da009098296a68891278106b5f1d715043334b413ed0d723a463aa52c2e0c10c1b85703f5e1a4823a7ce9e7d28bd140cf7c479
-
SSDEEP
6144:v2dlgP+IOnE31dT0s/76C1bxsUAnLZe73k:udl40+791bxww7U
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8a7ccef35d6736136077f197f93c5dc5_JaffaCakes118
Files
-
8a7ccef35d6736136077f197f93c5dc5_JaffaCakes118.dll windows:4 windows x86 arch:x86
e6037f7f584c343c76a1f4da95088ba0
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
imm32
ImmGetDescriptionW
ImmGetIMEFileNameA
ImmGetIMEFileNameW
ImmIsUIMessageW
ImmGetDescriptionA
kernel32
LocalFree
lstrcpynA
FormatMessageA
GetLastError
GetVersionExA
WideCharToMultiByte
CreateSemaphoreA
lstrlenW
CreateSemaphoreW
MultiByteToWideChar
DeleteFileA
DeleteFileW
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FatalAppExitA
FatalAppExitW
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FindResourceW
LocalAlloc
FormatMessageW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetFileAttributesA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileIntA
GetPrivateProfileIntW
lstrcpynW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProfileIntA
GetProfileIntW
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetVolumeInformationA
GetVolumeInformationW
GlobalAddAtomA
GlobalAddAtomW
GlobalGetAtomNameA
GlobalGetAtomNameW
IsBadStringPtrA
IsBadStringPtrW
LCMapStringA
LCMapStringW
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
lstrcatW
lstrcmpiA
lstrcmpiW
lstrcmpA
lstrcmpW
lstrcpyW
MoveFileExA
MoveFileExW
MoveFileA
MoveFileW
OutputDebugStringA
OutputDebugStringW
IsBadReadPtr
SetFileAttributesA
SetFileAttributesW
WritePrivateProfileStringA
WritePrivateProfileStringW
GetVersionExW
CreateFileMappingA
CreateFileMappingW
GetLocaleInfoA
GetLocaleInfoW
SetLocaleInfoA
SetLocaleInfoW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetWindowsDirectoryA
GetWindowsDirectoryW
GetDiskFreeSpaceA
GetDiskFreeSpaceW
CompareStringA
CompareStringW
CreateMutexA
CreateMutexW
CreateProcessA
CreateProcessW
GlobalUnlock
GlobalLock
FindResourceExA
FindResourceExW
GetComputerNameA
SetLastError
GetComputerNameW
GetDateFormatA
GetDateFormatW
GetDriveTypeA
GetDriveTypeW
GetProfileStringA
GetProfileStringW
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStringTypeExA
GetStringTypeExW
GetSystemDirectoryA
GetSystemDirectoryW
GetTimeFormatA
GetTimeFormatW
lstrlenA
OpenEventA
OpenEventW
OpenFileMappingA
OpenFileMappingW
OpenMutexA
OpenMutexW
OpenSemaphoreA
OpenSemaphoreW
RemoveDirectoryA
RemoveDirectoryW
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetVolumeLabelA
SetVolumeLabelW
WriteProfileStringA
WriteProfileStringW
CopyFileA
CopyFileW
CreateDirectoryA
CreateDirectoryW
CreateDirectoryExA
CreateDirectoryExW
CreateEventA
CreateEventW
CreateFileA
CreateFileW
IsBadWritePtr
GetProcAddress
GlobalFree
GlobalAlloc
GlobalSize
FreeLibrary
InterlockedExchange
RaiseException
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetSystemTimeAsFileTime
msvcr71
_mbslen
??3@YAXPAX@Z
??2@YAPAXI@Z
rename
_wrename
vswprintf
towlower
towupper
__security_error_handler
_except_handler3
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
wcslen
strcpy
strlen
memcpy
memset
memmove
Exports
Exports
GetWFilenameFromOpenFileName
OAVIBuildFilterW
OAVIFileCreateStreamW
OAVIFileInfoW
OAVISaveW
OAVIStreamInfoW
OAVIStreamOpenFromFileW
OAbortSystemShutdownW
OAccessCheckAndAuditAlarmW
OAddFontResourceW
OAddFormW
OAddJobW
OAddMonitorW
OAddPortW
OAddPrintProcessorW
OAddPrintProvidorW
OAddPrinterConnectionW
OAddPrinterDriverW
OAddPrinterW
OAdvancedDocumentPropertiesW
OAppendMenuW
OBackupEventLogW
OBeginUpdateResourceW
OBuildCommDCBAndTimeoutsW
OBuildCommDCBW
OCallMsgFilterW
OCallNamedPipeW
OCallWindowProcW
OChangeDisplaySettingsW
OChangeMenuW
OCharLowerBuffW
OCharLowerW
OCharNextW
OCharPrevW
OCharToOemBuffW
OCharToOemW
OCharUpperBuffW
OCharUpperW
OChooseColorW
OChooseFontW
OClearEventLogW
OCommConfigDialogW
OCommDlg_OpenSave_GetFilePathW
OCompareStringW
OConfigurePortW
OCopyAcceleratorTableW
OCopyEnhMetaFileW
OCopyFileW
OCopyMetaFileW
OCreateAcceleratorTableW
OCreateColorSpaceW
OCreateDCW
OCreateDesktopW
OCreateDialogIndirectParamW
OCreateDialogParamW
OCreateDirectoryExW
OCreateDirectoryW
OCreateEnhMetaFileW
OCreateEventW
OCreateFileMappingW
OCreateFileW
OCreateFontIndirectW
OCreateFontW
OCreateICW
OCreateMDIWindowW
OCreateMailslotW
OCreateMetaFileW
OCreateMutexW
OCreateNamedPipeW
OCreateProcessAsUserW
OCreateProcessW
OCreatePropertySheetPageW
OCreateScalableFontResourceW
OCreateSemaphoreW
OCreateStatusWindowW
OCreateWindowExW
OCreateWindowStationW
ODceErrorInqTextW
ODdeCreateStringHandleW
ODdeInitializeW
ODdeQueryStringW
ODefDlgProcW
ODefFrameProcW
ODefMDIChildProcW
ODefWindowProcW
ODefineDosDeviceW
ODeleteFileW
ODeleteFormW
ODeleteMonitorW
ODeletePortW
ODeletePrintProcessorW
ODeletePrintProvidorW
ODeletePrinterConnectionW
ODeletePrinterDriverW
ODeviceCapabilitiesW
ODialogBoxIndirectParamW
ODialogBoxParamW
ODispatchMessageW
ODlgDirListComboBoxW
ODlgDirListW
ODlgDirSelectComboBoxExW
ODlgDirSelectExW
ODoEnvironmentSubstW
ODocumentPropertiesW
ODragQueryFileW
ODrawStateW
ODrawTextExW
ODrawTextW
OEditStreamSetInfoW
OEndUpdateResourceW
OEnumCalendarInfoW
OEnumDateFormatsW
OEnumDesktopsW
OEnumDisplaySettingsW
OEnumFontFamiliesExW
OEnumFontFamiliesW
OEnumFontsW
OEnumFormsW
OEnumICMProfilesW
OEnumJobsW
OEnumMonitorsW
OEnumPortsW
OEnumPrintProcessorDatatypesW
OEnumPrintProcessorsW
OEnumPrinterDriversW
OEnumPrintersW
OEnumPropsExW
OEnumPropsW
OEnumProtocolsW
OEnumResourceLanguagesW
OEnumResourceNamesW
OEnumResourceTypesW
OEnumSystemCodePagesW
OEnumSystemLocalesW
OEnumTimeFormatsW
OEnumWindowStationsW
OExpandEnvironmentStringsW
OExtractAssociatedIconW
OExtractIconExW
OExtractIconW
OFatalAppExitW
OFillConsoleOutputCharacterW
OFindEnvironmentStringW
OFindExecutableW
OFindFirstChangeNotificationW
OFindFirstFileW
OFindNextFileW
OFindResourceExW
OFindResourceW
OFindWindowExW
OFindWindowW
OFoldStringW
OFormatMessageW
OGetAddressByNameW
OGetBinaryTypeW
OGetCharABCWidthsFloatW
OGetCharABCWidthsW
OGetCharWidth32W
OGetCharWidthFloatW
OGetCharWidthW
OGetCharacterPlacementW
OGetClassInfoExW
OGetClassInfoW
OGetClassLongW
OGetClassNameW
OGetClipboardFormatNameW
OGetCompressedFileSizeW
OGetComputerNameW
OGetConsoleTitleW
OGetCurrencyFormatW
OGetCurrentDirectoryW
OGetDateFormatW
OGetDefaultCommConfigW
OGetDiskFreeSpaceW
OGetDlgItemTextW
OGetDriveTypeW
OGetEnhMetaFileDescriptionW
OGetEnhMetaFileW
OGetEnvironmentVariableW
OGetExpandedNameW
OGetFileAttributesW
OGetFileSecurityW
OGetFileTitleW
OGetFileVersionInfoSizeW
OGetFileVersionInfoW
OGetFormW
OGetFullPathNameW
OGetGlyphOutlineW
OGetICMProfileW
OGetJobW
OGetKerningPairsW
OGetKeyNameTextW
OGetKeyboardLayoutNameW
OGetLocaleInfoW
OGetLogColorSpaceW
OGetLogicalDriveStringsW
OGetLongPathNameW
OGetMenuItemInfoW
OGetMenuStringW
OGetMessageW
OGetMetaFileW
OGetModuleFileNameW
OGetModuleHandleW
OGetNameByTypeW
OGetNamedPipeHandleStateW
OGetNumberFormatW
OGetObjectW
OGetOpenFileNameW
OGetOutlineTextMetricsW
OGetPrintProcessorDirectoryW
OGetPrinterDataW
OGetPrinterDriverDirectoryW
OGetPrinterDriverW
OGetPrinterW
OGetPrivateProfileIntW
OGetPrivateProfileSectionNamesW
OGetPrivateProfileSectionW
OGetPrivateProfileStringW
OGetPrivateProfileStructW
OGetProfileIntW
OGetProfileSectionW
OGetProfileStringW
OGetPropW
OGetSaveFileNameW
OGetServiceW
OGetShortPathNameW
OGetStartupInfoW
OGetStringTypeExW
OGetSystemDirectoryW
OGetTabbedTextExtentW
OGetTempFileNameW
OGetTempPathW
OGetTextExtentExPointW
OGetTextExtentPoint32W
OGetTextExtentPointW
OGetTextFaceW
OGetTextMetricsW
OGetTimeFormatW
OGetTypeByNameW
OGetUserNameW
OGetUserObjectInformationW
OGetVersionExW
OGetVolumeInformationW
OGetWindowLongW
OGetWindowTextLengthW
OGetWindowTextW
OGetWindowsDirectoryW
OGlobalAddAtomW
OGlobalFindAtomW
OGlobalGetAtomNameW
OGrayStringW
OI_RpcServerUnregisterEndpointW
OImageList_LoadImageW
OImmConfigureIMEW
OImmEnumRegisterWordW
OImmEscapeW
OImmGetCandidateListCountW
OImmGetCandidateListW
OImmGetCompositionFontW
OImmGetCompositionStringW
OImmGetConversionListW
OImmGetDescriptionW
OImmGetGuideLineW
OImmGetIMEFileNameW
OImmGetRegisterWordStyleW
OImmInstallIMEW
OImmIsUIMessageW
OImmRegisterWordW
OImmSetCompositionFontW
OImmSetCompositionStringW
OImmUnregisterWordW
OInitiateSystemShutdownW
OInsertMenuItemW
OInsertMenuW
OIsBadStringPtrW
OIsCharAlphaNumericW
OIsCharAlphaW
OIsCharLowerW
OIsCharUpperW
OIsDialogMessageW
OLCMapStringW
OLZOpenFileW
OLoadAcceleratorsW
OLoadBitmapW
OLoadCursorFromFileW
OLoadCursorW
OLoadIconW
OLoadImageW
OLoadKeyboardLayoutW
OLoadLibraryExW
OLoadLibraryW
OLoadMenuIndirectW
OLoadMenuW
OLoadStringW
OLogonUserW
OLookupAccountNameW
OLookupAccountSidW
OLookupPrivilegeDisplayNameW
OLookupPrivilegeNameW
OLookupPrivilegeValueW
OMCIWndCreateW
OMIMEAssociationDialogW
OMapVirtualKeyExW
OMapVirtualKeyW
OMessageBoxIndirectW
OMessageBoxW
OModifyMenuW
OMoveFileExW
OMoveFileW
OMultinetGetConnectionPerformanceW
OObjectCloseAuditAlarmW
OObjectOpenAuditAlarmW
OObjectPrivilegeAuditAlarmW
OOemToCharBuffW
OOemToCharW
OOleUIAddVerbMenuW
OOleUIBusyW
OOleUIEditLinksW
OOleUIInsertObjectW
OOleUIPasteSpecialW
OOleUIPromptUserW
OOleUIUpdateLinksW
OOpenBackupEventLogW
OOpenDesktopW
OOpenEventLogW
OOpenEventW
OOpenFileMappingW
OOpenMutexW
OOpenPrinterW
OOpenSemaphoreW
OOpenWindowStationW
OOutputDebugStringW
OPageSetupDlgW
OPeekConsoleInputW
OPeekMessageW
OPolyTextOutW
OPostMessageW
OPostThreadMessageW
OPrintDlgW
OPrinterMessageBoxW
OPrivilegedServiceAuditAlarmW
OPropertySheetW
OQueryDosDeviceW
ORasDialW
OReadConsoleInputW
OReadConsoleOutputCharacterW
OReadConsoleOutputW
OReadConsoleW
OReadEventLogW
ORegConnectRegistryW
ORegCreateKeyExW
ORegCreateKeyW
ORegDeleteKeyW
ORegDeleteValueW
ORegEnumKeyExW
ORegEnumKeyW
ORegEnumValueW
ORegLoadKeyW
ORegOpenKeyExW
ORegOpenKeyW
ORegQueryInfoKeyW
ORegQueryMultipleValuesW
ORegQueryValueExW
ORegQueryValueW
ORegReplaceKeyW
ORegRestoreKeyW
ORegSaveKeyW
ORegSetValueExW
ORegSetValueW
ORegUnLoadKeyW
ORegisterClassExW
ORegisterClassW
ORegisterClipboardFormatW
ORegisterEventSourceW
ORegisterWindowMessageW
ORemoveDirectoryW
ORemoveFontResourceW
ORemovePropW
OReplaceTextW
OReportEventW
OResetDCW
OResetPrinterW
ORpcBindingFromStringBindingW
ORpcBindingInqAuthClientW
ORpcBindingToStringBindingW
ORpcEpRegisterNoReplaceW
ORpcMgmtEpEltInqNextW
ORpcMgmtInqServerPrincNameW
ORpcNetworkInqProtseqsW
ORpcNetworkIsProtseqValidW
ORpcNsBindingInqEntryNameW
ORpcProtseqVectorFreeW
ORpcServerInqDefaultPrincNameW
ORpcServerUseProtseqEpW
ORpcServerUseProtseqIfW
ORpcServerUseProtseqW
ORpcStringBindingComposeW
ORpcStringBindingParseW
ORpcStringFreeW
OSHBrowseForFolderW
OSHFileOperationW
OSHGetFileInfoW
OSHGetNewLinkInfoW
OSHGetPathFromIDListW
OScrollConsoleScreenBufferW
OSearchPathW
OSendDlgItemMessageW
OSendMessageCallbackW
OSendMessageTimeoutW
OSendMessageW
OSendNotifyMessageW
OSetClassLongW
OSetComputerNameW
OSetConsoleTitleW
OSetCurrentDirectoryW
OSetDefaultCommConfigW
OSetDlgItemTextW
OSetEnvironmentVariableW
OSetFileAttributesW
OSetFileSecurityW
OSetFormW
OSetICMProfileW
OSetJobW
OSetLocaleInfoW
OSetMenuItemInfoW
OSetPrinterDataW
OSetPrinterW
OSetPropW
OSetServiceW
OSetUserObjectInformationW
OSetVolumeLabelW
OSetWindowLongW
OSetWindowTextW
OSetWindowsHookExW
OSetWindowsHookW
OShellAboutW
OShellExecuteExW
OShellExecuteW
OShell_NotifyIconW
OStartDocPrinterW
OStartDocW
OStgCreateDocfile
OSystemParametersInfoW
OTabbedTextOutW
OTrackMouseEvent
OTranslateAcceleratorW
OTranslateURLW
OURLAssociationDialogW
OUnregisterClassW
OUpdateICMRegKeyW
OUuidFromStringW
OVerFindFileW
OVerInstallFileW
OVerLanguageNameW
OVerQueryValueW
OVkKeyScanExW
OVkKeyScanW
OWNetAddConnection2W
OWNetAddConnection3W
OWNetAddConnectionW
OWNetCancelConnection2W
OWNetCancelConnectionW
OWNetConnectionDialog1W
OWNetDisconnectDialog1W
OWNetEnumResourceW
OWNetGetConnectionW
OWNetGetLastErrorW
OWNetGetNetworkInformationW
OWNetGetProviderNameW
OWNetGetUniversalNameW
OWNetGetUserW
OWNetOpenEnumW
OWNetSetConnectionW
OWNetUseConnectionW
OWaitNamedPipeW
OWinExecErrorW
OWinHelpW
OWriteConsoleInputW
OWriteConsoleOutputCharacterW
OWriteConsoleOutputW
OWriteConsoleW
OWritePrivateProfileSectionW
OWritePrivateProfileStringW
OWritePrivateProfileStructW
OWriteProfileSectionW
OWriteProfileStringW
OauxGetDevCapsW
OcapCreateCaptureWindowW
OjoyGetDevCapsW
OlstrcatW
OlstrcmpW
OlstrcmpiW
OlstrcpyW
OlstrcpynW
OlstrlenW
OmciGetDeviceIDFromElementIDW
OmciGetDeviceIDW
OmciGetErrorStringW
OmciSendCommandW
OmciSendStringW
Sections
.text Size: 56KB - Virtual size: 54KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 32KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 968B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.text Size: 168KB - Virtual size: 168KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE