Static task
static1
Behavioral task
behavioral1
Sample
bad4ebd556162d13f8a5be723f9f5613_JaffaCakes118.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
bad4ebd556162d13f8a5be723f9f5613_JaffaCakes118.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
bad4ebd556162d13f8a5be723f9f5613_JaffaCakes118
-
Size
891KB
-
MD5
bad4ebd556162d13f8a5be723f9f5613
-
SHA1
a1964563b5d97675d4e69cace2fd6655ca4738be
-
SHA256
617a8639c5b81ee261a81ccc4c12afe173683b790a4781b1f7efc7461ad59ac1
-
SHA512
1b72e881c23d61d6eece612f83f1eaa8db29090fb57c0ac0ecdac1f54ba9c6d4a4293dbbfd4a07991329b1ace7c794b84b2e40fe8cc02b305cea38840e02d52a
-
SSDEEP
24576:AFELeM6mGY9txl7t2+tYFc7aanAv8m4jy1N5gLtd:AFO36TY9t3LtTaKlmgeML
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bad4ebd556162d13f8a5be723f9f5613_JaffaCakes118
Files
-
bad4ebd556162d13f8a5be723f9f5613_JaffaCakes118.dll windows:5 windows x86 arch:x86
ee3d507540290e23ed2bab78f680f347
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetProcessWorkingSetSize
GetConsoleMode
FileTimeToSystemTime
GetSystemTimeAsFileTime
GlobalDeleteAtom
GetDateFormatA
WriteProfileStringA
GetConsoleCP
CreateDirectoryA
FindClose
SetFileTime
SetConsoleCtrlHandler
SetHandleCount
CloseHandle
LocalUnlock
LocalAlloc
GlobalSize
CreateProcessA
MulDiv
TerminateProcess
GetFileInformationByHandle
CreateMutexA
InterlockedDecrement
FreeEnvironmentStringsA
LCMapStringA
CreateFileA
GetTempPathA
WriteConsoleA
GetCurrentDirectoryA
WriteConsoleW
GetLocaleInfoW
GetComputerNameA
MapViewOfFile
GlobalFindAtomA
CompareStringW
TlsGetValue
InitializeCriticalSection
FreeResource
GlobalGetAtomNameA
WaitForSingleObject
TlsAlloc
ReleaseMutex
MoveFileA
OpenFile
SetFileAttributesA
GetStringTypeA
GetLocaleInfoA
GetPrivateProfileSectionA
GetDriveTypeA
EnumCalendarInfoA
lstrcpynA
IsBadWritePtr
SetErrorMode
LocalFileTimeToFileTime
GlobalFlags
CompareStringA
ReleaseSemaphore
GetTimeZoneInformation
GetShortPathNameA
LocalFree
RemoveDirectoryA
DeleteCriticalSection
FreeEnvironmentStringsW
ConvertDefaultLocale
WriteFile
LoadResource
WinExec
GlobalAddAtomA
SetThreadPriority
EnumResourceLanguagesA
TlsSetValue
GlobalMemoryStatus
GetFullPathNameA
lstrcmpiA
InitializeCriticalSectionAndSpinCount
GlobalMemoryStatusEx
GetCurrentThreadId
GetUserDefaultLCID
GlobalReAlloc
SetEnvironmentVariableA
SetHandleInformation
SetEvent
DuplicateHandle
Sleep
InterlockedCompareExchange
GetProcessHeap
WaitForMultipleObjects
GetCommandLineA
HeapSize
GetConsoleOutputCP
QueryPerformanceCounter
GetAtomNameA
GetFileAttributesA
CreatePipe
FindResourceA
LoadLibraryW
LocalReAlloc
FormatMessageA
VirtualQuery
ExpandEnvironmentStringsA
GetVersionExA
_lwrite
GetModuleHandleW
GetFileSize
GetDiskFreeSpaceA
SizeofResource
GetStartupInfoA
WritePrivateProfileStringA
FlushFileBuffers
LocalLock
lstrcpyA
ResumeThread
GetModuleHandleA
HeapAlloc
IsValidLocale
EnumSystemLocalesA
SetStdHandle
DeleteFileA
GetStdHandle
GetPrivateProfileStringA
ExitProcess
GetTempFileNameA
GetProcessWorkingSetSize
SuspendThread
VirtualFree
LoadLibraryExA
GetOEMCP
SetEnvironmentVariableW
GetCurrentThread
FileTimeToLocalFileTime
lstrlenA
GetVersion
GlobalFree
GetThreadLocale
GetCurrentProcessId
SystemTimeToFileTime
InterlockedExchange
lstrcatA
CreateFileMappingA
IsDBCSLeadByte
UnhandledExceptionFilter
LeaveCriticalSection
CreateEventA
GetPrivateProfileSectionNamesA
GetWindowsDirectoryA
GetFileType
IsValidCodePage
ExitThread
LCMapStringW
SetEndOfFile
CreateFileW
GetTickCount
GetModuleFileNameW
TlsFree
GetLastError
SetFilePointer
CreateSemaphoreA
_lclose
GetCurrentProcess
RaiseException
GetFileTime
MultiByteToWideChar
HeapDestroy
GetProcAddress
GetTimeFormatA
GetEnvironmentStringsW
HeapCreate
GlobalAlloc
QueryPerformanceFrequency
GetSystemInfo
HeapReAlloc
RtlUnwind
HeapFree
GlobalUnlock
UnlockFile
GetFileSizeEx
SetLastError
SearchPathA
GetCPInfo
FatalAppExitA
WideCharToMultiByte
OutputDebugStringA
LockResource
FindResourceExA
SetCurrentDirectoryA
GetEnvironmentStrings
FreeLibrary
GetSystemDirectoryW
GetProfileIntA
GetVolumeInformationA
GlobalLock
LoadLibraryA
UnmapViewOfFile
ReadFile
GetFileAttributesExA
VirtualProtect
SetUnhandledExceptionFilter
LockFile
GetStringTypeExA
GetModuleFileNameA
IsDebuggerPresent
CreateThread
lstrcmpA
GlobalHandle
lstrcmpW
lstrlenW
VirtualAlloc
EnterCriticalSection
FindFirstFileA
GetPrivateProfileIntA
GetStringTypeW
FindNextFileA
CopyFileA
InterlockedIncrement
GetACP
user32
UnhookWindowsHookEx
SetWindowLongA
DrawIconEx
GetKeyNameTextA
GetMenuItemInfoA
ShowOwnedPopups
MenuItemFromPoint
ScrollWindow
GetNextDlgTabItem
BeginPaint
SetParent
DeferWindowPos
GetAsyncKeyState
ModifyMenuA
SendMessageA
GetWindowLongA
PeekMessageA
BringWindowToTop
InvertRect
GetUpdateRect
DestroyIcon
SetTimer
SendMessageTimeoutA
GetWindowPlacement
GetScrollInfo
SetWindowPos
GetClipboardData
CheckRadioButton
RedrawWindow
GetScrollRange
UpdateLayeredWindow
InflateRect
GetSubMenu
PostMessageA
IsZoomed
LoadImageA
CharUpperA
CallNextHookEx
GetMenuDefaultItem
CopyImage
InvalidateRgn
VkKeyScanA
HideCaret
LoadCursorA
LoadStringA
CreateAcceleratorTableA
LoadIconA
MapVirtualKeyA
MapVirtualKeyExA
GetTopWindow
GetDesktopWindow
GetPropA
DrawStateA
DefFrameProcA
EnumWindows
WindowFromDC
GetMenuItemRect
OffsetRect
SetScrollRange
SetFocus
IsWindow
EndDeferWindowPos
DialogBoxIndirectParamA
ShowWindow
GetDialogBaseUnits
SetWindowTextA
UnregisterClassA
MsgWaitForMultipleObjects
DispatchMessageA
FillRect
SetPropA
GetLastActivePopup
GetDlgCtrlID
DrawEdge
SendInput
GetClassInfoA
SetCaretPos
GetCapture
GetMenuCheckMarkDimensions
IsWindowVisible
DestroyAcceleratorTable
SetWindowsHookExA
UpdateWindow
InSendMessage
SetCursorPos
IsClipboardFormatAvailable
SetClipboardData
WinHelpA
FindWindowExA
GetWindowRgn
LockWindowUpdate
EndPaint
TranslateAcceleratorA
ClientToScreen
GetScrollPos
RegisterClassA
TranslateMDISysAccel
MapDialogRect
DefWindowProcA
TabbedTextOutA
CharNextA
InsertMenuA
MessageBoxA
DestroyWindow
GetWindowDC
IsChild
ShowScrollBar
SendDlgItemMessageA
WindowFromPoint
SetScrollInfo
GetSystemMenu
wsprintfA
GetMessageA
InvalidateRect
GetWindow
ScrollWindowEx
AdjustWindowRectEx
EnableMenuItem
GrayStringA
GetKeyboardState
GetNextDlgGroupItem
SetCapture
PostQuitMessage
IsWindowEnabled
LoadAcceleratorsA
MapWindowPoints
PtInRect
SetMenuItemInfoA
CharUpperBuffA
NotifyWinEvent
CreateDialogIndirectParamA
GetMenuItemCount
GetWindowRect
MoveWindow
PostThreadMessageA
MessageBeep
DrawIcon
KillTimer
CreateIconIndirect
SetRect
SetDlgItemTextA
GetMenuState
EndDialog
SetScrollPos
GetClientRect
IntersectRect
SetWindowContextHelpId
CopyRect
TrackPopupMenu
ToAsciiEx
DefMDIChildProcA
GetFocus
CopyIcon
GetParent
ReleaseCapture
SetCursor
DrawFocusRect
SetActiveWindow
GetKeyboardLayout
GetDCEx
DestroyMenu
RegisterClipboardFormatA
EnableWindow
MessageBoxW
BeginDeferWindowPos
GetMenuItemID
LoadBitmapA
CloseClipboard
OpenClipboard
SubtractRect
CallWindowProcA
WaitMessage
RemoveMenu
ScreenToClient
SetForegroundWindow
EqualRect
GetMenu
ChangeDisplaySettingsA
IsDialogMessageA
GetKeyState
FlashWindow
CheckMenuItem
GetWindowTextLengthA
TrackPopupMenuEx
GetClassNameA
ChildWindowFromPointEx
IsIconic
GetTabbedTextExtentA
GetDlgItem
GetForegroundWindow
GetSysColor
AppendMenuA
GetClassInfoExA
keybd_event
SetMenuDefaultItem
GetWindowTextA
LoadMenuA
CheckDlgButton
ReuseDDElParam
IsDlgButtonChecked
CloseWindow
SetDlgItemInt
TranslateMessage
SystemParametersInfoA
SetRectEmpty
CopyAcceleratorTableA
CreatePopupMenu
GetClassLongA
GetWindowThreadProcessId
GetDoubleClickTime
IsCharLowerA
LoadKeyboardLayoutA
DrawFrameControl
UnionRect
DrawTextA
GetCaretPos
GetMessageTime
EnumChildWindows
SetWindowRgn
EnableScrollBar
EmptyClipboard
GetIconInfo
GetDlgItemInt
ReleaseDC
GetSysColorBrush
CreateWindowExA
GetMessagePos
SetMenu
SendNotifyMessageA
UnpackDDElParam
IsMenu
GetDlgItemTextA
RemovePropA
SetMenuItemBitmaps
SetClassLongA
CreateIconFromResource
RegisterWindowMessageA
SetWindowPlacement
GetActiveWindow
GetMenuStringA
DrawMenuBar
DrawTextExA
FrameRect
CreateMenu
GetMenuBarInfo
GetDC
DestroyCursor
GetCursorPos
IsRectEmpty
ClipCursor
GetSystemMetrics
InsertMenuItemA
ValidateRect
DeleteMenu
gdi32
CreateFontA
SelectClipPath
SelectClipRgn
PolyBezierTo
GetTextColor
GetDIBits
GetDCOrgEx
SetColorAdjustment
SetGraphicsMode
ScaleWindowExtEx
CreateHatchBrush
PlayMetaFileRecord
GetBoundsRect
Escape
SetDIBitsToDevice
GetPolyFillMode
SetPaletteEntries
SetDIBColorTable
GetDIBColorTable
GetClipRgn
CreateRoundRectRgn
DPtoLP
Arc
PolylineTo
SetArcDirection
StretchDIBits
GetTextFaceA
GetBkMode
ExtTextOutA
GetTextExtentPoint32A
CreateRectRgnIndirect
UnrealizeObject
SetViewportExtEx
SetStretchBltMode
GetPixel
RoundRect
CreateCompatibleDC
ModifyWorldTransform
LPtoDP
FrameRgn
EndDoc
CreateFontIndirectA
DeleteDC
GetTextAlign
GetCharWidthA
GetPaletteEntries
CombineRgn
GetObjectA
CreateDIBPatternBrushPt
DeleteMetaFile
Polygon
SetTextAlign
CreateHalftonePalette
GetTextCharsetInfo
ExtCreatePen
CreateRectRgn
GetTextExtentPointA
SetPixel
CreateDIBitmap
SelectPalette
SetTextJustification
GetStockObject
GetObjectType
IntersectClipRect
SetViewportOrgEx
GetWindowOrgEx
CreateEllipticRgn
GetNearestColor
SetTextColor
GetWindowExtEx
EnumFontsA
StartDocA
LineTo
GetViewportOrgEx
CloseMetaFile
Polyline
BitBlt
ExtSelectClipRgn
GetCurrentObject
MoveToEx
CreateDCA
SelectObject
SetBkMode
RealizePalette
Rectangle
EnumMetaFile
OffsetWindowOrgEx
GetROP2
CreatePalette
GetViewportExtEx
CreateCompatibleBitmap
RestoreDC
FillRgn
CreatePolygonRgn
PtVisible
PatBlt
EnumFontFamiliesA
ScaleViewportExtEx
GetDeviceCaps
CreateMetaFileA
StretchBlt
GetStretchBltMode
GetNearestPaletteIndex
SetBkColor
GetRgnBox
ArcTo
CreatePatternBrush
TextOutA
SetDIBits
EnumFontFamiliesExA
CreatePen
AbortDoc
SaveDC
StartPage
ExcludeClipRect
SetPixelV
GetMapMode
CreateDIBSection
SetTextCharacterExtra
GetTextMetricsA
SetRectRgn
ExtFloodFill
SetMapMode
SetWindowOrgEx
GetSystemPaletteEntries
SetAbortProc
GetCurrentPositionEx
RectInRegion
GetClipBox
PtInRegion
OffsetClipRgn
PolyDraw
GetBkColor
SetPolyFillMode
EndPage
CreateSolidBrush
CreateBitmap
RectVisible
GetTextExtentPoint32W
Ellipse
SetWorldTransform
OffsetRgn
DeleteObject
SetWindowExtEx
SetROP2
OffsetViewportOrgEx
CopyMetaFileA
SetMapperFlags
PlayMetaFile
comdlg32
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA
advapi32
IsTextUnicode
RegSetValueA
RegEnumKeyExA
RegDeleteValueA
RegCloseKey
GetFileSecurityA
RegSetValueExA
RegOpenKeyA
RegEnumValueA
RegCreateKeyA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyA
SetFileSecurityA
RegQueryInfoKeyA
RegQueryValueA
RegCreateKeyExA
GetUserNameA
shell32
DragFinish
ExtractIconA
DragQueryFileA
SHGetPathFromIDListA
SHGetSpecialFolderPathA
SHAppBarMessage
ShellExecuteA
SHGetDesktopFolder
ExtractIconExA
ShellExecuteExA
SHBrowseForFolderA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
ole32
OleLoad
WriteClassStg
StgCreateDocfile
OleIsCurrentClipboard
OleDestroyMenuDescriptor
CoTaskMemAlloc
OleRegGetUserType
CreateItemMoniker
WriteClassStm
OleDuplicateData
CoTaskMemRealloc
CoLockObjectExternal
OleQueryLinkFromData
StgCreateDocfileOnILockBytes
OleCreateFromFile
CoInitialize
OleCreateFromData
WriteFmtUserTypeStg
OleSaveToStream
RevokeDragDrop
CoTreatAsClass
OleCreateMenuDescriptor
OleRegEnumVerbs
CLSIDFromProgID
OleRun
CLSIDFromString
CoRegisterMessageFilter
SetConvertStg
OleCreateLinkFromData
OleGetClipboard
CoRegisterClassObject
OleSetContainedObject
DoDragDrop
CreateBindCtx
StringFromCLSID
CreateOleAdviseHolder
RegisterDragDrop
OleLockRunning
ReadClassStg
CoFreeUnusedLibraries
OleSetMenuDescriptor
CoCreateInstance
CoRevokeClassObject
GetHGlobalFromILockBytes
OleFlushClipboard
CoGetClassObject
OleInitialize
GetRunningObjectTable
OleCreateStaticFromData
StringFromGUID2
OleSetClipboard
CreateDataAdviseHolder
OleRegGetMiscStatus
CoDisconnectObject
CreateStreamOnHGlobal
CoInitializeEx
OleGetIconOfClass
OleIsRunning
StgIsStorageFile
CreateGenericComposite
StgOpenStorageOnILockBytes
CreateFileMoniker
OleCreateLinkToFile
OleUninitialize
OleTranslateAccelerator
OleQueryCreateFromData
IsAccelerator
CoUninitialize
CreateILockBytesOnHGlobal
CoGetMalloc
StgOpenStorage
CoTaskMemFree
OleCreate
OleSave
ReadFmtUserTypeStg
ReleaseStgMedium
oleaut32
VariantClear
SafeArrayAllocDescriptor
SysFreeString
OACreateTypeLib2
VarCyFromStr
SafeArrayGetLBound
SetErrorInfo
VariantChangeType
SafeArrayRedim
SafeArrayGetUBound
SafeArrayCreateVector
SysAllocStringLen
SafeArrayAccessData
LoadTypeLi
OleCreateFontIndirect
SysStringByteLen
VariantInit
VariantCopy
VarBstrCat
SafeArrayGetDim
VarBstrFromCy
SafeArrayCreate
VarUdateFromDate
GetErrorInfo
SafeArrayGetElemsize
RegisterTypeLi
SysReAllocStringLen
SystemTimeToVariantTime
SafeArrayCopy
SafeArrayUnaccessData
SysStringLen
SafeArrayDestroyDescriptor
VarBstrCmp
CreateErrorInfo
SysAllocString
SafeArrayLock
SafeArrayUnlock
SafeArrayAllocData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayDestroy
SysAllocStringByteLen
VariantTimeToSystemTime
VarDecFromStr
VarBstrFromDec
VarDateFromStr
LoadRegTypeLi
VarUI4FromStr
SafeArrayPtrOfIndex
VarBstrFromDate
comctl32
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_GetIcon
ord17
ImageList_Remove
ImageList_Duplicate
ImageList_AddMasked
ImageList_DrawEx
ImageList_GetImageInfo
ImageList_Destroy
InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize
ImageList_Create
ImageList_ReplaceIcon
shlwapi
PathStripToRootA
PathFileExistsA
SHDeleteKeyA
PathRelativePathToA
PathRemoveExtensionA
PathIsUNCA
PathGetArgsA
UrlUnescapeA
PathCanonicalizeA
PathFindExtensionA
PathRemoveFileSpecW
PathFindFileNameA
PathUnquoteSpacesA
PathRemoveArgsA
winmm
PlaySoundA
sndPlaySoundA
midiInClose
rpcrt4
RpcStringFreeA
UuidCreate
UuidToStringA
msimg32
AlphaBlend
TransparentBlt
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
wininet
InternetCloseHandle
GopherFindFirstFileA
InternetFindNextFileA
InternetOpenUrlA
FtpRemoveDirectoryA
HttpAddRequestHeadersA
InternetGetCookieA
FtpCreateDirectoryA
InternetSetFilePointer
DeleteUrlCacheEntry
InternetQueryDataAvailable
FtpPutFileA
FtpFindFirstFileA
InternetSetOptionA
InternetErrorDlg
InternetOpenA
InternetGetLastResponseInfoA
FindFirstUrlCacheEntryA
InternetCanonicalizeUrlA
InternetCrackUrlA
FindCloseUrlCache
InternetCheckConnectionA
InternetSetCookieA
InternetQueryOptionA
FtpDeleteFileA
FindNextUrlCacheEntryA
HttpOpenRequestA
GopherOpenFileA
HttpQueryInfoA
GopherGetAttributeA
InternetWriteFile
FtpOpenFileA
HttpEndRequestA
FtpSetCurrentDirectoryA
InternetReadFile
FtpCommandA
FtpRenameFileA
FtpGetCurrentDirectoryA
FtpGetFileA
HttpSendRequestA
InternetAttemptConnect
InternetGetConnectedState
InternetSetOptionExA
GopherCreateLocatorA
InternetConnectA
HttpSendRequestExA
InternetSetStatusCallback
wsock32
WSASetLastError
ioctlsocket
gethostname
listen
WSACleanup
getpeername
ntohs
WSAStartup
htonl
WSAAsyncSelect
gethostbyname
select
WSAGetLastError
recv
connect
getsockname
closesocket
recvfrom
send
accept
socket
sendto
MigrateWinsockConfiguration
bind
htons
inet_addr
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
ws2_32
WSASocketA
oledlg
ord8
gdiplus
GdipGetImagePaletteSize
GdipBitmapLockBits
GdipGetImageEncodersSize
GdipDeleteGraphics
GdipReleaseDC
GdipGetImageHeight
GdipGetImageEncoders
GdiplusStartup
GdipGetImagePixelFormat
GdipCreateBitmapFromStreamICM
GdipCloneImage
GdipGetDC
GdipCreateBitmapFromStream
GdipFree
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipDrawImageI
GdipBitmapUnlockBits
GdipCreateBitmapFromFileICM
GdipAlloc
GdipGetImageWidth
GdipGetImagePalette
GdiplusShutdown
GdipDisposeImage
GdipSaveImageToFile
urlmon
CoInternetGetSession
UrlMkSetSessionOption
RegisterBindStatusCallback
URLDownloadToFileA
psapi
GetProcessMemoryInfo
msvfw32
MCIWndCreateA
rasapi32
RasDeleteEntryA
Sections
.text Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.zzsht Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.xer Size: 119KB - Virtual size: 118KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 636KB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ