Static task
static1
Behavioral task
behavioral1
Sample
a93480f3d884933c674b34997d159f34_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
a93480f3d884933c674b34997d159f34_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
a93480f3d884933c674b34997d159f34_JaffaCakes118
-
Size
434KB
-
MD5
a93480f3d884933c674b34997d159f34
-
SHA1
6d78c6e2621ceb7ab267fbaaffcb6f02314572b6
-
SHA256
1408290833ebb22cadc6cc2aa662bd00d52fb7bca9d72aa82022f0feaa519b9c
-
SHA512
1f35def914f416b019c6472c021a9af517cbaf34ae73db5fa789b4ed13c6759d5bd064b64721def9f597a777a6d9f663f89854c2aee5bb9e6c8b46253ef12fff
-
SSDEEP
12288:qijl0mbSEIJUk5t/G/X1e60vzn+gf9RHsHhStQPvVW+Db:qYlVkQ1e60bn3f/OSuPvv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a93480f3d884933c674b34997d159f34_JaffaCakes118
Files
-
a93480f3d884933c674b34997d159f34_JaffaCakes118.exe windows:4 windows x86 arch:x86
6a4248aab2bac8c7072a492b4a0ae19f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
CreateConsoleScreenBuffer
Heap32Next
OpenWaitableTimerA
EnumResourceNamesW
GetProfileIntA
EnumSystemCodePagesA
EnumResourceTypesW
EnumResourceLanguagesA
GetVersionExA
GetConsoleMode
VirtualProtect
DebugBreak
GetDiskFreeSpaceA
LockResource
GlobalSize
Thread32First
SetConsoleCP
GlobalAddAtomA
GetSystemInfo
SetEndOfFile
SetThreadPriority
GetVolumeInformationW
LocalSize
FileTimeToLocalFileTime
GetAtomNameW
GetNumberFormatW
TlsFree
GetStartupInfoA
FindAtomA
GetCurrencyFormatW
GetProcessPriorityBoost
lstrcmpA
CreateEventW
WriteConsoleOutputCharacterW
GetFileAttributesA
GetVersion
SuspendThread
GetExitCodeProcess
GetTempFileNameA
CompareStringA
WriteConsoleOutputW
GlobalAlloc
EnumSystemLocalesA
GetPrivateProfileStringW
CreateDirectoryExA
SetFilePointer
GetFileAttributesExA
LocalShrink
TerminateThread
GetNumberFormatA
GetFullPathNameA
GetFileSize
GetDiskFreeSpaceW
EnumDateFormatsExA
WriteConsoleOutputCharacterA
CreateMailslotW
WriteConsoleOutputA
VirtualUnlock
ResetEvent
WinExec
ReadProcessMemory
SetConsoleTitleA
GetLongPathNameA
InitAtomTable
LocalLock
GetStringTypeExA
GetDateFormatA
OpenFile
GetThreadLocale
WaitNamedPipeA
HeapCompact
SetComputerNameA
FlushConsoleInputBuffer
GlobalReAlloc
CreateNamedPipeA
GetVolumeInformationA
GetStdHandle
SetFileTime
HeapValidate
GetLocaleInfoA
SetSystemTimeAdjustment
LocalUnlock
FreeLibraryAndExitThread
ReadConsoleOutputCharacterW
CreateFileMappingA
EraseTape
LocalAlloc
GetWindowsDirectoryA
GetSystemTime
WritePrivateProfileStructA
FindResourceW
GetCurrentDirectoryA
FindNextFileW
VirtualQueryEx
GetTimeFormatW
Thread32Next
FlushInstructionCache
GetStringTypeW
GetProfileIntW
GetSystemPowerStatus
lstrcat
LockFile
FlushViewOfFile
VirtualLock
lstrcmpiA
WriteProcessMemory
SetThreadAffinityMask
FindFirstFileA
GetFileTime
GetConsoleOutputCP
EnumResourceTypesA
GetStartupInfoW
OpenMutexW
SetEnvironmentVariableA
CreateMailslotA
FileTimeToDosDateTime
WaitNamedPipeW
Heap32ListFirst
lstrcmpiW
CreateDirectoryW
PeekConsoleInputA
GetEnvironmentStrings
HeapDestroy
GetShortPathNameW
WritePrivateProfileSectionA
CloseHandle
CreateWaitableTimerA
MultiByteToWideChar
SetConsoleCtrlHandler
lstrcmp
SetHandleCount
FindFirstFileExW
InitializeCriticalSectionAndSpinCount
SetWaitableTimer
ReadConsoleInputA
GetPrivateProfileStructW
lstrcpyA
GetCurrencyFormatA
FillConsoleOutputCharacterA
lstrcpynA
GetSystemDefaultLCID
InterlockedDecrement
FreeConsole
EnumTimeFormatsA
UnhandledExceptionFilter
GetDriveTypeA
GetCompressedFileSizeA
CreateFileMappingW
GetFileType
ReadConsoleA
FindAtomW
CommConfigDialogW
Heap32ListNext
SetCurrentDirectoryA
GetProfileStringW
GlobalUnlock
InterlockedExchangeAdd
MapViewOfFile
UnlockFile
EscapeCommFunction
WriteConsoleInputA
GetThreadPriority
GetACP
GetTimeFormatA
WaitForMultipleObjectsEx
RemoveDirectoryW
LockFileEx
UpdateResourceW
LocalReAlloc
SetPriorityClass
EnumResourceNamesA
FindFirstFileW
GetDateFormatW
CreateThread
GetComputerNameA
lstrlen
GetPrivateProfileSectionW
CreateDirectoryA
GetProcAddress
GetLogicalDriveStringsW
AddAtomA
EnumCalendarInfoA
FillConsoleOutputCharacterW
PeekConsoleInputW
HeapCreate
lstrlenW
ConnectNamedPipe
TransactNamedPipe
GetNamedPipeHandleStateW
FreeEnvironmentStringsW
GetDiskFreeSpaceExW
MoveFileW
GetDiskFreeSpaceExA
lstrcpyW
GlobalUnfix
WritePrivateProfileStructW
FindFirstChangeNotificationA
ReleaseMutex
GetCurrentThread
SetFileAttributesA
OpenWaitableTimerW
GetHandleInformation
ReleaseSemaphore
SystemTimeToTzSpecificLocalTime
FreeEnvironmentStringsA
ReadFile
GetFileAttributesW
CreatePipe
OutputDebugStringW
ReadFileEx
LocalFlags
SetThreadExecutionState
LoadLibraryExW
GetPrivateProfileSectionNamesW
GlobalLock
VirtualAllocEx
Process32Next
LoadLibraryW
lstrlenA
GetSystemDefaultLangID
SetFileAttributesW
GetQueuedCompletionStatus
GetConsoleTitleA
Sleep
WideCharToMultiByte
AddAtomW
GetCurrentDirectoryW
SetThreadPriorityBoost
FreeResource
WriteFileEx
SetThreadIdealProcessor
ReadConsoleW
SetLocalTime
DisconnectNamedPipe
DefineDosDeviceA
GetProfileSectionW
SearchPathA
SetComputerNameW
GetFileAttributesExW
GlobalHandle
SystemTimeToFileTime
ReadDirectoryChangesW
GetTempPathW
WritePrivateProfileStringW
GlobalFindAtomA
SetCriticalSectionSpinCount
SetThreadContext
ResetWriteWatch
CreateEventA
CreateDirectoryExW
DuplicateHandle
EnumTimeFormatsW
OpenFileMappingA
HeapWalk
GlobalFree
OpenProcess
LoadLibraryExA
SetLastError
PulseEvent
LoadModule
EnumCalendarInfoExW
CompareFileTime
GetWriteWatch
SetConsoleTitleW
HeapSize
lstrcpyn
IsValidLocale
GlobalMemoryStatus
GetConsoleScreenBufferInfo
WaitForMultipleObjects
GlobalFindAtomW
GetProcessTimes
BeginUpdateResourceW
SetConsoleOutputCP
GlobalGetAtomNameW
GetTempPathA
FormatMessageW
UnmapViewOfFile
WriteProfileStringW
LocalFileTimeToFileTime
SetEvent
FindResourceExA
ExpandEnvironmentStringsW
EnumDateFormatsExW
BeginUpdateResourceA
WaitForDebugEvent
GetLocalTime
HeapLock
GetFullPathNameW
ReadConsoleOutputW
OpenSemaphoreA
ReadConsoleOutputCharacterA
UnlockFileEx
GlobalGetAtomNameA
RtlZeroMemory
WaitCommEvent
GetConsoleTitleW
FoldStringA
LeaveCriticalSection
GetPrivateProfileStringA
WritePrivateProfileSectionW
CreateSemaphoreW
FileTimeToSystemTime
GetSystemTimeAdjustment
WritePrivateProfileStringA
CreateToolhelp32Snapshot
WriteProfileStringA
InterlockedCompareExchange
OpenEventA
InitializeCriticalSection
GetTempFileNameW
GetExitCodeThread
GetPrivateProfileIntW
IsValidCodePage
MoveFileA
MoveFileExA
SetTimeZoneInformation
GlobalFix
RtlFillMemory
GetLogicalDrives
DeleteFiber
lstrcmpW
ExitThread
DefineDosDeviceW
WriteConsoleOutputAttribute
FillConsoleOutputAttribute
RtlMoveMemory
GetThreadContext
MulDiv
GetProcessAffinityMask
FindFirstChangeNotificationW
FreeLibrary
GetProfileStringA
GetCalendarInfoW
GetFileInformationByHandle
GetShortPathNameA
Module32First
CreateTapePartition
GetModuleFileNameW
LoadResource
IsDebuggerPresent
GetEnvironmentVariableW
EnumDateFormatsA
GetUserDefaultLCID
FindCloseChangeNotification
GetNamedPipeHandleStateA
SetLocaleInfoA
DosDateTimeToFileTime
GlobalAddAtomW
Module32Next
GetThreadTimes
EnumCalendarInfoExA
LocalCompact
LocalHandle
GetThreadSelectorEntry
RemoveDirectoryA
GetProfileSectionA
GlobalFlags
FindNextFileA
EnumSystemCodePagesW
WriteProfileSectionA
OpenSemaphoreW
GetProcessHeaps
CopyFileExA
SetVolumeLabelW
GetLargestConsoleWindowSize
SearchPathW
OpenMutexA
InterlockedIncrement
GetSystemDirectoryA
CreateSemaphoreA
WriteConsoleW
ConvertDefaultLocale
GetModuleHandleW
OpenEventW
GetPrivateProfileStructA
TlsAlloc
OpenFileMappingW
CreateProcessW
SetConsoleActiveScreenBuffer
WaitForSingleObjectEx
CopyFileA
ReadConsoleOutputAttribute
EnumSystemLocalesW
GetNumberOfConsoleMouseButtons
FindFirstFileExA
SleepEx
DeleteAtom
Toolhelp32ReadProcessMemory
DebugActiveProcess
WriteProfileSectionW
GetPriorityClass
lstrcatW
SetSystemTime
GlobalUnWire
ResumeThread
GetPrivateProfileSectionNamesA
WriteFile
SetConsoleCursorInfo
CreateNamedPipeW
MoveFileExW
GetComputerNameW
SetVolumeLabelA
TlsSetValue
GetDriveTypeW
ReadConsoleInputW
DeleteFileW
OutputDebugStringA
WaitForSingleObject
ExpandEnvironmentStringsA
GlobalWire
GetStringTypeA
ReadConsoleOutputA
GetLastError
VirtualFree
GetCommandLineA
SetThreadLocale
GetLocaleInfoW
GetMailslotInfo
FlushFileBuffers
GetEnvironmentStringsW
GetCompressedFileSizeW
GetEnvironmentStringsA
MapViewOfFileEx
GetAtomNameA
GlobalDeleteAtom
EnumCalendarInfoW
TransmitCommChar
GetNumberOfConsoleInputEvents
GetProcessVersion
VirtualProtectEx
CreateFileW
PeekNamedPipe
FindClose
TlsGetValue
SetConsoleWindowInfo
GetCalendarInfoA
EnumDateFormatsW
CreateMutexA
CreateFileA
GetProcessShutdownParameters
FormatMessageA
GetPrivateProfileIntA
GetUserDefaultLangID
FindNextChangeNotification
CreateMutexW
HeapUnlock
WriteConsoleA
FindResourceA
FoldStringW
DeleteCriticalSection
TryEnterCriticalSection
GetLogicalDriveStringsA
UpdateResourceA
CreateRemoteThread
GetEnvironmentVariableA
CreateProcessA
lstrcpynW
GetConsoleCP
GetCommandLineW
LocalFree
ContinueDebugEvent
GetConsoleCursorInfo
lstrcatA
GetThreadPriorityBoost
EnumResourceLanguagesW
GetWindowsDirectoryW
GetPrivateProfileSectionA
GlobalCompact
DeviceIoControl
GetVersionExW
GetStringTypeExW
lstrcpy
SignalObjectAndWait
SetCurrentDirectoryW
FindResourceExW
wininet
FindFirstUrlCacheEntryW
InternetGetConnectedStateEx
InternetGoOnlineW
InternetCheckConnectionA
InternetGoOnlineA
FtpPutFileEx
DeleteUrlCacheContainerW
FtpOpenFileA
InternetGetCertByURLA
FtpGetCurrentDirectoryW
SetUrlCacheEntryGroupA
FindFirstUrlCacheContainerW
InternetCloseHandle
ShowX509EncodedCertificate
ReadUrlCacheEntryStream
InternetUnlockRequestFile
InternetQueryFortezzaStatus
FindNextUrlCacheEntryW
HttpOpenRequestA
InternetFindNextFileW
SetUrlCacheGroupAttributeW
HttpAddRequestHeadersW
FindNextUrlCacheGroup
UpdateUrlCacheContentPath
DeleteUrlCacheEntryA
InternetSetOptionExA
CreateUrlCacheGroup
DeleteUrlCacheContainerA
InternetWriteFileExA
InternetAutodialHangup
InternetSetFilePointer
FindNextUrlCacheEntryExA
InternetConfirmZoneCrossingW
FtpGetCurrentDirectoryA
FindFirstUrlCacheContainerA
FindFirstUrlCacheEntryA
GopherGetAttributeW
FtpFindFirstFileW
InternetAttemptConnect
InternetCrackUrlA
FindFirstUrlCacheEntryExA
InternetTimeFromSystemTimeA
UnlockUrlCacheEntryFile
FtpDeleteFileA
FtpRemoveDirectoryA
InternetCanonicalizeUrlA
FtpRenameFileA
HttpAddRequestHeadersA
InternetTimeFromSystemTimeW
InternetLockRequestFile
InternetCombineUrlW
GopherOpenFileW
FtpGetFileEx
InternetGetLastResponseInfoW
ShowClientAuthCerts
SetUrlCacheEntryInfoW
FtpGetFileSize
InternetFortezzaCommand
RunOnceUrlCache
FindNextUrlCacheEntryA
UrlZonesDetach
HttpCheckDavCompliance
UnlockUrlCacheEntryStream
GetUrlCacheGroupAttributeA
ShowSecurityInfo
DetectAutoProxyUrl
InternetDialA
FreeUrlCacheSpaceW
InternetSetOptionW
InternetTimeFromSystemTime
SetUrlCacheConfigInfoW
DeleteIE3Cache
FtpSetCurrentDirectoryW
GopherGetAttributeA
GopherGetLocatorTypeA
SetUrlCacheEntryInfoA
InternetQueryDataAvailable
FtpPutFileA
HttpSendRequestExA
GopherGetLocatorTypeW
FtpRemoveDirectoryW
FindNextUrlCacheEntryExW
InternetShowSecurityInfoByURLA
InternetCheckConnectionW
FtpCreateDirectoryW
InternetGetCookieA
InternetTimeToSystemTimeA
InternetReadFileExW
InternetCreateUrlW
HttpSendRequestW
InternetDialW
InternetTimeToSystemTimeW
DeleteUrlCacheGroup
InternetGetConnectedStateExW
InternetSetCookieA
InternetSecurityProtocolToStringA
InternetGoOnline
FreeUrlCacheSpaceA
InternetAlgIdToStringA
SetUrlCacheEntryGroup
InternetSetOptionExW
gdi32
AbortPath
GetCharABCWidthsA
ExtEscape
SetGraphicsMode
SetDIBits
UpdateICMRegKeyA
GetLayout
GetColorAdjustment
SelectObject
SetArcDirection
CreateDIBPatternBrush
SetTextJustification
CreateDCA
CopyEnhMetaFileW
GetStockObject
SetTextColor
GetGlyphOutline
EndDoc
EnumObjects
GetBrushOrgEx
LPtoDP
GetTextAlign
GetRgnBox
GetTextExtentPoint32A
CreateICA
SetBkMode
GetOutlineTextMetricsA
GetKerningPairsA
shell32
DragFinish
SHGetMalloc
ShellExecuteA
InternalExtractIconListW
FreeIconList
SHEmptyRecycleBinW
ExtractAssociatedIconExW
ShellExecuteExA
SHBrowseForFolderW
DoEnvironmentSubstA
SHAppBarMessage
SHFreeNameMappings
ShellExecuteW
DragQueryFileAorW
FindExecutableA
SHGetFileInfo
CommandLineToArgvW
SheChangeDirExW
ExtractAssociatedIconExA
SHGetSettings
SHGetFileInfoA
ExtractIconExW
SHFormatDrive
SHUpdateRecycleBinIcon
SHAddToRecentDocs
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW
DragAcceptFiles
SHGetNewLinkInfo
SHGetSpecialFolderPathW
InternalExtractIconListA
FindExecutableW
ExtractAssociatedIconA
SHFileOperation
CheckEscapesW
SHGetDataFromIDListW
SHLoadInProc
SHGetSpecialFolderPathA
SHInvokePrinterCommandA
SHGetDiskFreeSpaceA
RealShellExecuteW
SHEmptyRecycleBinA
DuplicateIcon
SHBrowseForFolderA
SHGetPathFromIDListW
ExtractIconA
ShellExecuteEx
SHQueryRecycleBinW
DragQueryPoint
DragQueryFileW
SHGetInstanceExplorer
ExtractAssociatedIconW
SheGetDirA
SHGetDesktopFolder
SHBrowseForFolder
RealShellExecuteExA
RealShellExecuteA
SheSetCurDrive
ShellHookProc
DragQueryFile
ExtractIconEx
SHInvokePrinterCommandW
SHChangeNotify
SHGetPathFromIDList
RealShellExecuteExW
Sections
.text Size: 145KB - Virtual size: 145KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 269KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ