Static task
static1
Behavioral task
behavioral1
Sample
be8770a2c01e7940afdef4c662dd0e8f_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
be8770a2c01e7940afdef4c662dd0e8f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
be8770a2c01e7940afdef4c662dd0e8f_JaffaCakes118
-
Size
941KB
-
MD5
be8770a2c01e7940afdef4c662dd0e8f
-
SHA1
f618bc0b3ef2b2bd264fac34c7d656b9af9ec432
-
SHA256
e1042e8ffbe6db2e3d5cbbb339cce07c06e3d2dc63b2a5c915dd8dad2f079351
-
SHA512
3071e51757022349059c03ea68a654efa5283f5be0a86e6d25299b0bb7f018e2682b7aba25cf304e3795125ede050055d0faefdcbc3a88b709228783cbe7002c
-
SSDEEP
24576:bbG1n6de7OGUqq7VRv3n1duLgKDGLRdf7byH:HKnR7HUqsdFKSLR57by
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource be8770a2c01e7940afdef4c662dd0e8f_JaffaCakes118
Files
-
be8770a2c01e7940afdef4c662dd0e8f_JaffaCakes118.exe windows:5 windows x86 arch:x86
8fd5e4341a027526118484dce04e77b4
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualFree
lstrcmpiA
HeapDestroy
MulDiv
ReadProcessMemory
FindNextFileA
GetEnvironmentStrings
WaitForMultipleObjects
CreateProcessA
GetDriveTypeA
TlsFree
GetFileAttributesA
MoveFileA
GlobalFindAtomA
FreeEnvironmentStringsA
UnlockFile
SystemTimeToFileTime
LocalAlloc
LockFile
LockResource
GetCurrentThread
GetVersion
EnumCalendarInfoA
FreeLibrary
CloseHandle
RtlUnwind
GetProcessWorkingSetSize
TlsGetValue
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
IsValidLocale
SetFileAttributesA
HeapFree
GlobalUnlock
CreateMutexA
SizeofResource
LCMapStringW
GlobalFlags
UnhandledExceptionFilter
TerminateProcess
LoadLibraryExA
GetModuleHandleW
LocalFileTimeToFileTime
GlobalHandle
GetModuleHandleA
OpenProcess
GetExitCodeProcess
EnumResourceLanguagesA
DeleteFileA
GlobalGetAtomNameA
FatalAppExitA
LoadResource
FormatMessageA
GetProfileIntA
GetModuleFileNameW
GetFileInformationByHandle
SetEndOfFile
GlobalFree
GetFileType
CreateFileMappingA
GetFileAttributesExA
SetEvent
_lclose
GetTimeFormatA
GetFileSizeEx
GetComputerNameA
FindFirstFileA
PeekNamedPipe
SetErrorMode
HeapCreate
lstrlenW
GetLocaleInfoA
GetSystemInfo
SuspendThread
QueryPerformanceFrequency
_lwrite
GetShortPathNameA
VirtualQuery
VirtualProtect
LocalReAlloc
SetEnvironmentVariableA
GetPrivateProfileSectionNamesA
CreateFileA
ReleaseMutex
GetOEMCP
SetConsoleCtrlHandler
CreateDirectoryA
ResumeThread
GetStdHandle
GlobalMemoryStatus
ConvertDefaultLocale
VirtualAlloc
MultiByteToWideChar
GlobalAddAtomA
WriteProfileStringA
GetDiskFreeSpaceA
lstrcmpW
GetCurrentThreadId
FindResourceA
SetHandleCount
SearchPathA
EnumSystemLocalesA
lstrcatA
LoadLibraryA
GetModuleFileNameA
ExitThread
GetConsoleOutputCP
lstrcpyA
InitializeCriticalSection
CreateEventA
InterlockedExchange
SetUnhandledExceptionFilter
LocalLock
GetPrivateProfileIntA
ExitProcess
GetStringTypeW
DuplicateHandle
GetCPInfo
IsDebuggerPresent
FreeEnvironmentStringsW
SetCurrentDirectoryA
RemoveDirectoryA
GetProcAddress
GetCurrentDirectoryA
GetTickCount
LocalUnlock
GetProcessHeap
GetConsoleCP
GetThreadLocale
GetCommandLineA
GetSystemTimeAsFileTime
MapViewOfFile
lstrlenA
SetThreadPriority
IsBadWritePtr
GetFullPathNameA
CreateSemaphoreA
GetFileSize
SetLastError
FindResourceExA
FreeResource
GetPrivateProfileStringA
SetStdHandle
CopyFileA
CreateThread
WideCharToMultiByte
GetLastError
HeapSize
GetLocaleInfoW
EnterCriticalSection
DeleteCriticalSection
WriteFile
GetVersionExA
GetVolumeInformationA
GetStartupInfoA
FlushFileBuffers
SetFilePointer
Sleep
GetConsoleMode
WriteConsoleW
GetDateFormatA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetUserDefaultLCID
RaiseException
GetCurrentProcessId
TlsSetValue
GlobalReAlloc
ReadFile
GetWindowsDirectoryA
OpenFile
InterlockedDecrement
GetTempPathA
QueryPerformanceCounter
WinExec
GlobalLock
UnmapViewOfFile
GetPrivateProfileSectionA
GetFileTime
lstrcpynA
GetStringTypeA
GlobalDeleteAtom
HeapAlloc
FindClose
GetEnvironmentStringsW
GetACP
LocalFree
GetTempFileNameA
IsValidCodePage
GlobalSize
LeaveCriticalSection
GetStringTypeExA
WritePrivateProfileStringA
TlsAlloc
GetTimeZoneInformation
ReleaseSemaphore
CompareStringA
CompareStringW
SetFileTime
WaitForSingleObject
WriteConsoleA
HeapReAlloc
GlobalAlloc
GetAtomNameA
lstrcmpA
LCMapStringA
InterlockedIncrement
user32
ShowScrollBar
UnionRect
DestroyCursor
GetDlgCtrlID
PeekMessageA
GetSysColorBrush
DefWindowProcA
RegisterWindowMessageA
LoadCursorA
IsDlgButtonChecked
AppendMenuA
InvertRect
GetMenuItemInfoA
SystemParametersInfoA
SetClassLongA
WinHelpA
GetKeyState
SetParent
SetMenuDefaultItem
GetMenuItemRect
GetScrollPos
GetMenuBarInfo
InSendMessage
GetIconInfo
MapVirtualKeyA
SendNotifyMessageA
EndDeferWindowPos
GetDesktopWindow
GetMenuStringA
GetClassInfoExA
UnhookWindowsHookEx
DialogBoxIndirectParamA
GetPropA
WindowFromPoint
FrameRect
SetWindowTextA
DestroyAcceleratorTable
EnableScrollBar
PostThreadMessageA
PtInRect
IsDialogMessageA
CheckDlgButton
GetLastActivePopup
SetRectEmpty
MapDialogRect
CopyImage
TabbedTextOutA
BeginPaint
RemovePropA
BeginDeferWindowPos
GetMenu
CheckRadioButton
IsCharLowerA
GetWindowTextA
CreateIconIndirect
UpdateWindow
SendInput
MenuItemFromPoint
ClipCursor
IsWindowEnabled
SetCursorPos
GetMessageTime
IsWindow
SetPropA
SetScrollPos
DrawStateA
RegisterClassA
LoadBitmapA
GetTabbedTextExtentA
GetNextDlgTabItem
SetWindowLongA
CopyAcceleratorTableA
GetClipboardData
GetSystemMetrics
InsertMenuItemA
MapVirtualKeyExA
ClientToScreen
GetWindowRgn
BringWindowToTop
EnumWindows
CallNextHookEx
GetForegroundWindow
CharUpperA
NotifyWinEvent
DeferWindowPos
GetCursorPos
GetSubMenu
SetCursor
TrackPopupMenuEx
SubtractRect
SetWindowContextHelpId
CopyIcon
ChildWindowFromPointEx
TrackPopupMenu
GetWindowDC
SetFocus
DestroyMenu
GetTopWindow
IsIconic
GetDC
GetScrollInfo
CreateMenu
DrawIconEx
CopyRect
GetWindowRect
GetWindowPlacement
InvalidateRgn
OffsetRect
SetClipboardData
CreateAcceleratorTableA
ReleaseCapture
GetMenuItemCount
RemoveMenu
SetRect
DeleteMenu
WaitMessage
SetWindowPos
DefFrameProcA
GetSystemMenu
CharNextA
PostQuitMessage
TranslateMDISysAccel
GetDlgItemTextA
RegisterClipboardFormatA
ShowOwnedPopups
CreateDialogIndirectParamA
ScrollWindow
OpenClipboard
SetMenuItemInfoA
SetScrollInfo
LoadImageA
SetCapture
IsMenu
DrawFocusRect
CreateIconFromResource
ReuseDDElParam
SetForegroundWindow
InflateRect
VkKeyScanA
EnumChildWindows
GetUpdateRect
LoadAcceleratorsA
MessageBoxA
DrawTextA
DrawEdge
KillTimer
SetWindowsHookExA
MsgWaitForMultipleObjects
CharUpperBuffA
LockWindowUpdate
DispatchMessageA
SetWindowPlacement
CloseClipboard
IsRectEmpty
GetActiveWindow
MoveWindow
SendMessageA
GetDlgItem
EqualRect
IsZoomed
GetDialogBaseUnits
CheckMenuItem
UpdateLayeredWindow
SetWindowRgn
SetDlgItemTextA
GetKeyNameTextA
IsChild
GetMessageA
FillRect
MapWindowPoints
ScrollWindowEx
CallWindowProcA
GetClassInfoA
LoadMenuA
WindowFromDC
TranslateMessage
GrayStringA
SendMessageTimeoutA
GetDCEx
MessageBeep
ShowWindow
wsprintfA
GetWindowLongA
SetMenuItemBitmaps
DestroyIcon
GetAsyncKeyState
ReleaseDC
IntersectRect
PostMessageA
GetMenuItemID
CreatePopupMenu
IsWindowVisible
SetMenu
SetDlgItemInt
DrawIcon
ValidateRect
InsertMenuA
LoadStringA
GetKeyboardState
DrawMenuBar
SetActiveWindow
GetDoubleClickTime
DestroyWindow
GetParent
EnableWindow
CreateWindowExA
GetDlgItemInt
GetMenuDefaultItem
InvalidateRect
EmptyClipboard
DrawFrameControl
LoadIconA
GetMenuState
GetWindowTextLengthA
GetScrollRange
EnableMenuItem
GetClassLongA
GetSysColor
AdjustWindowRectEx
SendDlgItemMessageA
SetScrollRange
UnpackDDElParam
ToAsciiEx
GetCapture
GetFocus
GetMenuCheckMarkDimensions
GetWindowThreadProcessId
GetClientRect
ModifyMenuA
ScreenToClient
GetWindow
UnregisterClassA
EndDialog
SetTimer
DrawTextExA
GetKeyboardLayout
RedrawWindow
IsClipboardFormatAvailable
GetClassNameA
TranslateAcceleratorA
DefMDIChildProcA
GetNextDlgGroupItem
GetMessagePos
EndPaint
gdi32
SetAbortProc
LineTo
GetTextAlign
CombineRgn
CreateDCA
PlayMetaFileRecord
GetBkMode
GetBkColor
SetDIBitsToDevice
GetTextExtentPointA
GetBoundsRect
GetWindowExtEx
AbortDoc
SetDIBColorTable
SetPaletteEntries
GetPaletteEntries
DPtoLP
GetDeviceCaps
GetViewportExtEx
StartPage
GetObjectA
Rectangle
ExtCreatePen
EnumFontsA
GetDCOrgEx
GetTextFaceA
SetPolyFillMode
CreateFontIndirectA
GetDIBColorTable
SetColorAdjustment
GetDIBits
DeleteObject
EndDoc
GetTextColor
GetTextExtentPoint32W
SelectObject
PtInRegion
OffsetRgn
IntersectClipRect
StretchBlt
SetWindowOrgEx
CreateDIBPatternBrushPt
Polygon
ModifyWorldTransform
DeleteDC
SetWorldTransform
CreatePolygonRgn
CreateBitmap
ArcTo
CreateCompatibleBitmap
CreateDIBitmap
ScaleViewportExtEx
SetROP2
SelectClipPath
CreateMetaFileA
GetSystemPaletteEntries
FillRgn
SetStretchBltMode
CreateCompatibleDC
SetGraphicsMode
CreateSolidBrush
EnumMetaFile
GetWindowOrgEx
TextOutA
SetTextColor
GetViewportOrgEx
RectInRegion
GetClipRgn
SetBkColor
EnumFontFamiliesA
GetStockObject
FrameRgn
OffsetClipRgn
CreateEllipticRgn
GetRgnBox
SetArcDirection
GetStretchBltMode
RoundRect
GetROP2
MoveToEx
CreatePalette
OffsetViewportOrgEx
SetViewportExtEx
ScaleWindowExtEx
PolylineTo
EnumFontFamiliesExA
CreateRectRgnIndirect
RectVisible
Ellipse
PolyBezierTo
GetCharWidthA
PlayMetaFile
SetTextJustification
Polyline
ExtTextOutA
CreateFontA
Escape
DeleteMetaFile
OffsetWindowOrgEx
ExtFloodFill
CreatePatternBrush
ExtSelectClipRgn
BitBlt
SetBkMode
GetClipBox
PtVisible
RestoreDC
CloseMetaFile
GetMapMode
PatBlt
UnrealizeObject
SetWindowExtEx
SetTextCharacterExtra
LPtoDP
CreateRoundRectRgn
StretchDIBits
GetObjectType
EndPage
GetCurrentObject
GetNearestColor
RealizePalette
GetPixel
StartDocA
ExcludeClipRect
SetPixel
SelectClipRgn
SetDIBits
GetTextMetricsA
SetTextAlign
SelectPalette
SetRectRgn
CreateHalftonePalette
CreateHatchBrush
GetTextExtentPoint32A
PolyDraw
SetPixelV
SetViewportOrgEx
CreateDIBSection
Arc
CopyMetaFileA
GetCurrentPositionEx
GetTextCharsetInfo
SetMapperFlags
CreateRectRgn
SetMapMode
GetPolyFillMode
SaveDC
GetNearestPaletteIndex
CreatePen
comdlg32
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
advapi32
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueA
RegCreateKeyExA
SetFileSecurityA
RegSetValueA
RegSetValueExA
RegEnumKeyA
RegCloseKey
RegOpenKeyA
GetFileSecurityA
RegQueryValueExA
RegEnumValueA
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
shell32
SHGetSpecialFolderLocation
SHFileOperationA
DragQueryFileA
SHGetPathFromIDListA
SHGetDesktopFolder
SHBrowseForFolderA
SHAppBarMessage
DragFinish
SHGetMalloc
Shell_NotifyIconA
ExtractIconExA
SHGetFileInfoA
ExtractIconA
ShellExecuteExA
ShellExecuteA
ole32
OleCreateStaticFromData
CoRegisterMessageFilter
CoCreateInstance
OleSetMenuDescriptor
OleDuplicateData
CoTaskMemAlloc
DoDragDrop
CoUninitialize
CoLockObjectExternal
CreateOleAdviseHolder
OleQueryCreateFromData
OleRegGetMiscStatus
GetHGlobalFromILockBytes
ReadClassStg
OleInitialize
OleCreateLinkFromData
CreateStreamOnHGlobal
WriteClassStm
OleCreateLinkToFile
CreateILockBytesOnHGlobal
CoGetClassObject
RegisterDragDrop
StgCreateDocfile
WriteClassStg
OleQueryLinkFromData
OleGetClipboard
StgIsStorageFile
CoFreeUnusedLibraries
OleGetIconOfClass
OleRegGetUserType
GetRunningObjectTable
CreateGenericComposite
StringFromGUID2
StgCreateDocfileOnILockBytes
RevokeDragDrop
CoGetMalloc
OleCreateFromData
OleUninitialize
OleSetContainedObject
CLSIDFromString
OleSetClipboard
WriteFmtUserTypeStg
SetConvertStg
StgOpenStorageOnILockBytes
IsAccelerator
CoTreatAsClass
CreateDataAdviseHolder
StgOpenStorage
CoDisconnectObject
OleCreateMenuDescriptor
CreateFileMoniker
OleLockRunning
CoTaskMemFree
OleRun
OleLoad
CoRevokeClassObject
OleIsCurrentClipboard
CLSIDFromProgID
OleTranslateAccelerator
OleSave
OleSaveToStream
OleIsRunning
OleFlushClipboard
OleCreate
OleDestroyMenuDescriptor
StringFromCLSID
CoInitializeEx
CoRegisterClassObject
CreateItemMoniker
CreateBindCtx
ReleaseStgMedium
OleRegEnumVerbs
OleCreateFromFile
ReadFmtUserTypeStg
oleaut32
SafeArrayPtrOfIndex
VarBstrFromDec
VarDateFromStr
LoadRegTypeLi
SafeArrayDestroyDescriptor
SysAllocString
SystemTimeToVariantTime
SafeArrayGetElement
VarBstrFromDate
SafeArrayLock
VarBstrFromCy
SafeArrayGetDim
OACreateTypeLib2
SafeArrayAllocDescriptor
SysReAllocStringLen
SafeArrayUnlock
SafeArrayDestroy
SafeArrayGetElemsize
SysAllocStringByteLen
VariantClear
RegisterTypeLi
SafeArrayUnaccessData
SetErrorInfo
SysStringByteLen
VariantCopy
SafeArrayRedim
GetErrorInfo
SysAllocStringLen
VarUdateFromDate
VariantChangeType
SafeArrayCreate
SafeArrayGetLBound
OleCreateFontIndirect
SysStringLen
CreateErrorInfo
SysFreeString
SafeArrayCopy
VariantTimeToSystemTime
SafeArrayAccessData
VarDecFromStr
VariantInit
SafeArrayAllocData
LoadTypeLi
SafeArrayPutElement
VarCyFromStr
SafeArrayGetUBound
comctl32
ImageList_AddMasked
ImageList_Duplicate
ImageList_Create
ImageList_GetImageCount
_TrackMouseEvent
InitCommonControlsEx
ImageList_LoadImageA
ImageList_GetIcon
ImageList_Destroy
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Remove
ord17
ImageList_ReplaceIcon
ImageList_GetImageInfo
shlwapi
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathStripToRootA
PathRelativePathToA
PathGetArgsA
PathUnquoteSpacesA
UrlUnescapeA
PathFileExistsA
PathRemoveExtensionA
PathRemoveArgsA
PathCanonicalizeA
PathFindFileNameA
winmm
PlaySoundA
msimg32
TransparentBlt
AlphaBlend
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
wininet
InternetOpenUrlA
HttpOpenRequestA
FtpGetCurrentDirectoryA
FtpGetFileA
InternetCanonicalizeUrlA
GopherFindFirstFileA
GopherGetAttributeA
GopherCreateLocatorA
InternetErrorDlg
FtpCreateDirectoryA
InternetSetFilePointer
HttpAddRequestHeadersA
HttpSendRequestA
FtpPutFileA
FtpRemoveDirectoryA
InternetSetCookieA
HttpEndRequestA
FtpDeleteFileA
InternetOpenA
FtpRenameFileA
InternetFindNextFileA
InternetGetCookieA
HttpQueryInfoA
HttpSendRequestExA
FtpOpenFileA
GopherOpenFileA
InternetReadFile
InternetConnectA
InternetWriteFile
InternetCrackUrlA
InternetCloseHandle
FtpSetCurrentDirectoryA
InternetGetLastResponseInfoA
InternetQueryOptionA
FtpFindFirstFileA
InternetSetStatusCallback
FtpCommandA
InternetQueryDataAvailable
InternetSetOptionExA
wsock32
ioctlsocket
WSACleanup
htons
connect
WSAGetLastError
inet_addr
socket
WSAAsyncSelect
ntohs
closesocket
WSAStartup
htonl
WSASetLastError
accept
getpeername
bind
getsockname
sendto
select
recv
gethostbyname
recvfrom
send
imm32
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
ws2_32
WSASocketA
oledlg
ord8
gdiplus
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromStreamICM
GdiplusShutdown
GdipGetDC
GdipCreateBitmapFromScan0
GdipCloneImage
GdipGetImageHeight
GdiplusStartup
GdipGetImagePalette
GdipCreateBitmapFromFileICM
GdipDrawImageI
GdipGetImageWidth
GdipFree
GdipGetImagePixelFormat
GdipDeleteGraphics
GdipReleaseDC
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipGetImageEncoders
GdipSaveImageToFile
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipCreateBitmapFromStream
psapi
GetProcessMemoryInfo
EnumProcesses
rasapi32
RasDeleteEntryA
Sections
.text Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.zzsht Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.xer Size: 132KB - Virtual size: 132KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 70KB - Virtual size: 69KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 677KB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ