Static task
static1
Behavioral task
behavioral1
Sample
a07db3237b6bd9789b5f1126ea7b0195_JaffaCakes118.exe
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral2
Sample
a07db3237b6bd9789b5f1126ea7b0195_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
a07db3237b6bd9789b5f1126ea7b0195_JaffaCakes118
-
Size
312KB
-
MD5
a07db3237b6bd9789b5f1126ea7b0195
-
SHA1
5f8164553aae8b60eee401cf296e1bfcdfde07d5
-
SHA256
0867c7d02dda064eb59656e7c175928d8ca63a9e58eae95d116fee4f5db41c50
-
SHA512
f7752705b22f70ba1e0f785d3172955b46cb21e2bff482355e0a046d494166f119f6feaf57029613e455ba13ba55ea84bf4aa34a19d43226c5c18fdc2e585ad4
-
SSDEEP
3072:JoXTB3WgSOWRMgaCIHzchwUgx0ULCwUMJ+fbJaiUpGf4A+9emFuHmY80JSVtay4u:WXNmpOOwceJ9b04AcoS7aFq0E1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a07db3237b6bd9789b5f1126ea7b0195_JaffaCakes118
Files
-
a07db3237b6bd9789b5f1126ea7b0195_JaffaCakes118.exe windows:5 windows x86 arch:x86
023d3dec1aa9302b801fad848688a973
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
BackupRead
GetLogicalProcessorInformation
GetConsoleAliasW
SetConsoleCursorInfo
VirtualLock
FatalAppExitA
GetPrivateProfileSectionA
SetConsoleMode
GetProcessTimes
HeapFree
GetProfileIntA
GetConsoleFontSize
WriteProfileSectionW
FindClose
FindVolumeMountPointClose
BindIoCompletionCallback
QueryDosDeviceA
ActivateActCtx
GetNumberOfConsoleMouseButtons
GetStringTypeA
lstrcatW
ReadConsoleOutputAttribute
FlushFileBuffers
GetConsoleScreenBufferInfo
GetThreadIOPendingFlag
ConvertDefaultLocale
FlushConsoleInputBuffer
TlsAlloc
CreateIoCompletionPort
GetConsoleAliasesA
CreateNamedPipeA
BuildCommDCBA
EndUpdateResourceW
IsDebuggerPresent
DebugBreak
OpenEventA
DeleteVolumeMountPointW
QueryPerformanceFrequency
CreateSemaphoreW
GetOverlappedResult
GetCommConfig
InterlockedExchangeAdd
GetDateFormatA
lstrcpyW
SetDllDirectoryW
GetProcessHeap
SetConsoleDisplayMode
WriteProfileStringA
DeleteFileW
GetCurrencyFormatA
InterlockedFlushSList
GetCommProperties
GlobalUnWire
SetDllDirectoryA
TlsSetValue
BackupWrite
WriteConsoleW
OutputDebugStringA
SetCommConfig
FindFirstChangeNotificationW
LoadModule
GetLogicalDriveStringsA
GetModuleHandleExA
CreateMutexA
FindActCtxSectionGuid
GetProfileSectionA
ConvertThreadToFiber
GetConsoleAliasExesLengthW
UnlockFileEx
LockFileEx
DeactivateActCtx
GetLongPathNameA
GetVolumeNameForVolumeMountPointW
SetStdHandle
GetVolumeNameForVolumeMountPointA
AddAtomW
IsBadCodePtr
SetThreadAffinityMask
_lclose
OpenJobObjectW
DnsHostnameToComputerNameW
EnumResourceNamesA
CompareStringA
MapUserPhysicalPages
GetBinaryTypeW
SetThreadUILanguage
GetLongPathNameW
FillConsoleOutputAttribute
GetSystemDefaultUILanguage
GetPriorityClass
GetCommTimeouts
TransmitCommChar
GetConsoleDisplayMode
SetProcessPriorityBoost
FindFirstFileA
GetProfileIntW
FileTimeToLocalFileTime
SetComputerNameExA
EnumResourceLanguagesA
FileTimeToSystemTime
DeleteVolumeMountPointA
GlobalWire
WriteConsoleOutputCharacterW
OpenFile
IsDBCSLeadByteEx
GetEnvironmentStringsW
MulDiv
FileTimeToDosDateTime
SetFileShortNameA
GetACP
FindNextVolumeW
SetFileAttributesA
OpenSemaphoreW
FindFirstFileExW
FreeUserPhysicalPages
VirtualFreeEx
WTSGetActiveConsoleSessionId
GetProcessIoCounters
SetSystemPowerState
ReadConsoleOutputCharacterA
WaitForSingleObjectEx
EnumDateFormatsW
DeviceIoControl
IsValidCodePage
GetLogicalDriveStringsW
BuildCommDCBW
GetProcessWorkingSetSize
WaitForMultipleObjects
WaitForDebugEvent
TlsFree
UpdateResourceA
GetConsoleTitleW
SetConsoleCursorPosition
GetProcessShutdownParameters
HeapValidate
GetDriveTypeW
WritePrivateProfileStructW
SetComputerNameA
SetProcessAffinityMask
SetEnvironmentVariableW
GetSystemTimeAsFileTime
GetOEMCP
QueryDosDeviceW
GetEnvironmentStrings
SuspendThread
IsBadReadPtr
CreateHardLinkW
EnumCalendarInfoA
EnumUILanguagesA
CreateActCtxW
FindFirstFileExA
SetConsoleOutputCP
CompareFileTime
GetSystemRegistryQuota
GetThreadLocale
ReadConsoleW
FindNextVolumeA
GlobalDeleteAtom
CreateFileW
EraseTape
OpenMutexW
HeapDestroy
SleepEx
CreateActCtxA
EnumUILanguagesW
GetUserDefaultUILanguage
LocalFree
SetTimerQueueTimer
InterlockedIncrement
ReadConsoleA
GetShortPathNameA
SetConsoleTitleW
IsSystemResumeAutomatic
FreeLibraryAndExitThread
AddRefActCtx
CopyFileExA
CompareStringW
GetMailslotInfo
GetTempFileNameA
AllocateUserPhysicalPages
GetSystemWindowsDirectoryA
RtlCaptureContext
GetLogicalDrives
OpenJobObjectA
IsBadStringPtrW
CreateFileMappingW
InterlockedPopEntrySList
CreateTimerQueue
SetLastError
AddAtomA
InterlockedDecrement
SetThreadPriority
GetConsoleTitleA
GetCurrentProcessId
SetFileAttributesW
GetFileSizeEx
GetCommandLineW
DeleteTimerQueueTimer
GetPrivateProfileStructA
FormatMessageW
GetCommMask
EnumSystemLanguageGroupsW
GetPrivateProfileIntW
WriteConsoleOutputAttribute
ReadConsoleOutputA
GetCommandLineA
SetVolumeMountPointW
ReleaseMutex
SetupComm
FindNextVolumeMountPointA
GetConsoleOutputCP
OpenWaitableTimerW
DefineDosDeviceA
SetComputerNameExW
IsProcessorFeaturePresent
GetStartupInfoW
CreateDirectoryExA
IsWow64Process
MoveFileExW
IsBadWritePtr
GetConsoleAliasExesW
WaitForSingleObject
CheckRemoteDebuggerPresent
HeapUnlock
GetComputerNameW
ReplaceFileA
CreateMailslotW
GetVersionExW
GetConsoleAliasesW
FormatMessageA
CancelDeviceWakeupRequest
_hwrite
GetProfileStringW
FindFirstVolumeMountPointA
FindFirstVolumeW
SetDefaultCommConfigA
SetConsoleTextAttribute
GetConsoleAliasExesLengthA
EnumResourceLanguagesW
CreateMutexW
GetCPInfoExW
GetSystemDefaultLCID
EnumDateFormatsExA
GetNumaAvailableMemoryNode
CopyFileW
SetFilePointerEx
IsValidLocale
GetLocalTime
GlobalFindAtomA
SetCriticalSectionSpinCount
FindResourceExW
FindNextChangeNotification
FindFirstVolumeA
GetDriveTypeA
GetPrivateProfileStructW
CreateDirectoryA
GetThreadPriority
HeapReAlloc
CreateMemoryResourceNotification
GetCalendarInfoW
EnumCalendarInfoExA
GlobalReAlloc
SetThreadContext
GetLocaleInfoW
SetCalendarInfoA
GetCurrentProcess
FindVolumeClose
DnsHostnameToComputerNameA
_lcreat
SetEnvironmentVariableA
GetConsoleAliasA
IsDBCSLeadByte
CreateEventA
_hread
DebugActiveProcess
RemoveDirectoryA
GetVolumePathNameA
WriteProcessMemory
GetLargestConsoleWindowSize
InitializeSListHead
MultiByteToWideChar
lstrcmpiW
ChangeTimerQueueTimer
CreateFileA
WriteProfileSectionA
PeekConsoleInputW
GetTempPathW
ConnectNamedPipe
SetThreadExecutionState
GlobalMemoryStatus
UnregisterWait
SetHandleInformation
GetThreadPriorityBoost
SetFirmwareEnvironmentVariableA
SetVolumeLabelW
GlobalUnfix
GlobalFix
SetCommState
GetTempFileNameW
QueueUserAPC
SetLocaleInfoW
GetTimeFormatA
QueryMemoryResourceNotification
GlobalGetAtomNameA
ReadConsoleInputA
SetVolumeMountPointA
GetCPInfo
QueryInformationJobObject
_lopen
GetExitCodeThread
CreateProcessW
TzSpecificLocalTimeToSystemTime
CopyFileExW
GetCurrentConsoleFont
FillConsoleOutputCharacterW
MapViewOfFile
_lwrite
EnumLanguageGroupLocalesA
GetProcessAffinityMask
WriteFileGather
WritePrivateProfileStringA
CreateHardLinkA
GetConsoleMode
InitAtomTable
GetDiskFreeSpaceExW
SetErrorMode
GetModuleFileNameW
TlsGetValue
FindNextFileA
DosDateTimeToFileTime
SetMessageWaitingIndicator
Beep
WritePrivateProfileSectionW
GetShortPathNameW
GetProcessHeaps
GetTapeParameters
SetThreadPriorityBoost
OutputDebugStringW
FatalExit
CreateNamedPipeW
DebugActiveProcessStop
EnumLanguageGroupLocalesW
FoldStringW
AttachConsole
CommConfigDialogW
GetCalendarInfoA
SetInformationJobObject
DefineDosDeviceW
GetCurrentDirectoryW
GetNumaHighestNodeNumber
SetConsoleCP
ConvertFiberToThread
GetCPInfoExA
GlobalGetAtomNameW
lstrcatA
FindFirstChangeNotificationA
AddConsoleAliasW
GetSystemWindowsDirectoryW
ResetEvent
SetFileValidData
SetComputerNameW
IsProcessInJob
EnumSystemGeoID
GetAtomNameW
HeapLock
WriteConsoleOutputCharacterA
WritePrivateProfileSectionA
SetMailslotInfo
EnumResourceTypesA
GetStringTypeW
LCMapStringW
LCMapStringA
SetEndOfFile
GetLocaleInfoA
HeapSize
WriteConsoleA
InitializeCriticalSectionAndSpinCount
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetConsoleCP
WideCharToMultiByte
RtlUnwind
SetFilePointer
GetFileType
SetHandleCount
ReadFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStdHandle
WriteFile
Sleep
GetModuleHandleW
HeapCreate
GetStartupInfoA
HeapAlloc
GetLastError
FatalAppExitW
ClearCommBreak
BuildCommDCBAndTimeoutsA
BeginUpdateResourceA
LockFile
EnumSystemCodePagesA
PeekNamedPipe
GetConsoleSelectionInfo
GetComputerNameExA
GetFileInformationByHandle
UnlockFile
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
SearchPathA
OpenFileMappingA
CreateFileMappingA
MapViewOfFileEx
CloseHandle
VirtualAlloc
UnmapViewOfFile
VirtualFree
VirtualProtect
GetModuleHandleA
lstrcmpA
GetModuleFileNameA
lstrlenA
lstrcmpiA
EnterCriticalSection
LeaveCriticalSection
lstrcpynA
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
LoadLibraryA
GetSystemDefaultLangID
ExitProcess
gdi32
AbortPath
SetViewportOrgEx
LineDDA
EnumEnhMetaFile
PolyPolygon
DeleteObject
RectInRegion
GdiGradientFill
CreateRoundRectRgn
CreateDiscardableBitmap
StretchBlt
ExtFloodFill
StretchDIBits
StartDocA
CancelDC
GetKerningPairsA
PolyBezier
GetColorSpace
GetTextExtentPointI
SetEnhMetaFileBits
GetSystemPaletteUse
ExtSelectClipRgn
GetPaletteEntries
CombineTransform
RemoveFontResourceExA
ExtTextOutA
GetTextExtentExPointW
SetMapperFlags
DeleteEnhMetaFile
SetMapMode
GetEnhMetaFileDescriptionA
GetTextExtentExPointI
FillPath
ScaleWindowExtEx
GetCharABCWidthsFloatW
GetObjectType
EndPage
GetTextExtentPoint32W
MaskBlt
UnrealizeObject
ExtEscape
PathToRegion
SetDCPenColor
SetBitmapBits
GetCharWidth32W
UpdateColors
ModifyWorldTransform
SetPaletteEntries
ColorMatchToTarget
GetEnhMetaFileA
AngleArc
GetCharWidthW
GetCharWidthFloatA
GetPolyFillMode
GetGlyphIndicesA
SetViewportExtEx
CopyEnhMetaFileW
SetPixelV
CreatePatternBrush
PolyTextOutW
GetMetaFileA
SetSystemPaletteUse
DeleteMetaFile
AddFontMemResourceEx
SetBkMode
CreateEnhMetaFileW
CreateDIBSection
GetRasterizerCaps
BeginPath
GetMetaFileBitsEx
CreateICA
SetTextAlign
CopyEnhMetaFileA
GetPixel
SetColorAdjustment
ExtTextOutW
GetViewportExtEx
SelectClipRgn
ExcludeClipRect
Chord
FrameRgn
SetBkColor
CreateDCW
ResetDCA
GetBkMode
EnumFontFamiliesA
SetDIBits
EqualRgn
ResetDCW
PlayEnhMetaFile
SetBitmapDimensionEx
GetMetaFileW
GetTextFaceW
GetTextExtentPointA
CreateBrushIndirect
SetPixel
GetCharacterPlacementA
GetCurrentObject
GetMapMode
CreateDIBitmap
CreateScalableFontResourceA
PlayMetaFileRecord
CreateEnhMetaFileA
CopyMetaFileW
GetTextMetricsW
GdiComment
EndDoc
StartDocW
DPtoLP
GetMetaRgn
GetViewportOrgEx
GetFontLanguageInfo
CreatePenIndirect
GetNearestPaletteIndex
CreateCompatibleBitmap
OffsetClipRgn
GetGlyphIndicesW
EnumFontsW
GetGlyphOutlineA
GetBoundsRect
BitBlt
EnumMetaFile
SetGraphicsMode
GetWindowOrgEx
GetTextFaceA
StrokePath
GetDeviceCaps
RestoreDC
EnumICMProfilesW
GetEnhMetaFileW
GetDCBrushColor
GetCharWidthFloatW
SetBrushOrgEx
GetTextExtentPoint32A
CreateColorSpaceA
GetBitmapBits
EnumICMProfilesA
GetTextMetricsA
AddFontResourceW
comdlg32
PrintDlgA
FindTextA
GetFileTitleW
GetOpenFileNameW
GetOpenFileNameA
PageSetupDlgA
CommDlgExtendedError
FindTextW
GetSaveFileNameA
ChooseFontW
activeds
ord14
ord16
ord9
ord15
ord5
ord29
ord4
ord19
comsvcs
MTSCreateActivity
iphlpapi
GetOwnerModuleFromTcpEntry
IpRenewAddress
GetNumberOfInterfaces
FlushIpNetTable
AddIPAddress
GetExtendedUdpTable
DeleteIpForwardEntry
GetRTTAndHopCount
RestoreMediaSense
SetIpStatistics
SetIpForwardEntry
GetBestRoute
GetExtendedTcpTable
SetIpTTL
SendARP
GetIfTable
GetUdpStatistics
GetBestInterfaceEx
GetAdapterOrderMap
GetIpErrorString
NhpAllocateAndGetInterfaceInfoFromStack
GetBestInterface
GetUdpTable
SetTcpEntry
GetFriendlyIfIndex
GetAdaptersInfo
GetIcmpStatistics
msi
ord216
ord67
ord244
ord41
ord251
ord59
ord227
ord223
ord231
ord192
ord69
ord7
ord175
ord255
ord218
ord215
ord15
ord154
ord247
ord113
ord240
ord230
ord264
ord219
ord209
ord271
ord38
ord10
ord225
ord43
ord272
ord137
ord252
ord136
ord194
ord214
ord39
ord56
ord168
ord176
ord107
ord88
ord250
ord265
ord108
ord82
ord178
ord8
ord202
ord55
ord273
ord90
ord242
ord268
ord281
ord208
ord190
ord267
ord129
ord212
ord217
ord266
ord237
ord83
ord277
ord228
ord276
ord42
ord269
ord14
ord256
ord210
ord253
ord189
ord173
ord239
ord195
ord245
ord68
ord177
ord224
ord109
ord65
ord270
ord180
ord260
ord193
comctl32
GetMUILanguage
FlatSB_ShowScrollBar
CreatePropertySheetPageA
ord337
ImageList_Replace
ord4
ImageList_Draw
InitializeFlatSB
ImageList_Destroy
UninitializeFlatSB
ord328
FlatSB_GetScrollRange
ImageList_GetImageInfo
FlatSB_SetScrollInfo
ord332
ImageList_GetDragImage
ord14
ord15
ord236
ord327
ImageList_LoadImageA
ImageList_Create
ord3
ImageList_Copy
CreateToolbarEx
ImageList_GetBkColor
ord410
ord413
ord334
ImageList_GetIcon
DestroyPropertySheetPage
ImageList_EndDrag
FlatSB_GetScrollInfo
ord5
ord320
ImageList_SetOverlayImage
ImageList_DragShowNolock
CreatePropertySheetPageW
Sections
.text Size: 64KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 191KB - Virtual size: 200KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rtxt Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE