Static task
static1
Behavioral task
behavioral1
Sample
ff84f050a09b3331a90f3a184b89abef_JaffaCakes118.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral2
Sample
ff84f050a09b3331a90f3a184b89abef_JaffaCakes118.exe
Resource
win10v2004-20240910-en
windows10-2004-x64
General
-
Target
ff84f050a09b3331a90f3a184b89abef_JaffaCakes118
-
Size
2.5MB
-
MD5
ff84f050a09b3331a90f3a184b89abef
-
SHA1
01bb5c603b97157b4f4685a77601c376343b0e2f
-
SHA256
e2d44f5a2e2cdac79db7c3bd83a7e0a5540088e111642e26c59584a75781cdec
-
SHA512
8f09a55110db479ec5d42522453a5e0e43d053f15eb6a0cb50f6825e011730bb6eac28ab2e96f6276f301bd859f2babb0d481f6e86dea4bd0445abb28f691d0c
-
SSDEEP
24576:pR5mExblsTnxyy9FLwT1hp+HRwhgtg4bD7rvb/VSYHnvWVXSSXd7JGgFeemOfnx:pR5Dax79WT1h4XgA3jb/AuvISSX3Gtyx
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ff84f050a09b3331a90f3a184b89abef_JaffaCakes118
Files
-
ff84f050a09b3331a90f3a184b89abef_JaffaCakes118.exe windows:4 windows x86 arch:x86
1e08e3938b53590ff2d7e49ba54af30d
Headers
Imports
rtl70.bpl
@System@initialization$qqrv
@System@Finalization$qqrv
@System@RegisterModule$qqrp17System@TLibModule
@System@@LStrSetLength$qqrv
@System@@LStrPos$qqrv
@System@@LStrToPChar$qqrx17System@AnsiString
@System@@LStrAddRef$qqrpv
@System@@LStrCmp$qqrv
@System@@LStrCatN$qqrv
@System@@LStrCat3$qqrv
@System@@LStrCat$qqrv
@System@@LStrLen$qqrx17System@AnsiString
@System@@LStrFromPChar$qqrr17System@AnsiStringpc
@System@@LStrFromChar$qqrr17System@AnsiStringc
@System@@LStrLAsg$qqrpvpxv
@System@@LStrAsg$qqrpvpxv
@System@@LStrArrayClr$qqrpvi
@System@@LStrClr$qqrpv
@System@@Halt0$qqrv
@System@@StartExe$qqrp23System@PackageInfoTablep17System@TLibModule
@System@@TryFinallyExit$qqrv
@System@@DoneExcept$qqrv
@System@@HandleFinally$qqrv
@System@@HandleAnyException$qqrv
@System@TObject@Dispatch$qqrpv
@System@@CallDynaInst$qqrv
@System@TObject@Free$qqrv
@System@TObject@$bctr$qqrv
@System@TObject@FreeInstance$qqrv
@System@TObject@NewInstance$qqrp17System@TMetaClass
@$xp$13System@String
@Types@initialization$qqrv
@Types@Finalization$qqrv
@Activex@initialization$qqrv
@Activex@Finalization$qqrv
@Sysconst@initialization$qqrv
@Sysconst@Finalization$qqrv
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Sysutils@Abort$qqrv
@Sysutils@TimeToStr$qqrx16System@TDateTime
@Sysutils@DateToStr$qqrx16System@TDateTime
@Sysutils@Now$qqrv
@Sysutils@Time$qqrv
@Sysutils@Format$qqrx17System@AnsiStringpx14System@TVarRecxi
@Sysutils@StrDispose$qqrpc
@Sysutils@StrAlloc$qqrui
@Sysutils@StrPas$qqrpxc
@Sysutils@StrPos$qqrpxct1
@Sysutils@StrLen$qqrpxc
@Sysutils@FileExists$qqrx17System@AnsiString
@Sysutils@FileClose$qqri
@Sysutils@FileCreate$qqrx17System@AnsiString
@Sysutils@IntToHex$qqrii
@Sysutils@Trim$qqrx17System@AnsiString
@Sysutils@Win32Platform
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Rtlconsts@initialization$qqrv
@Rtlconsts@Finalization$qqrv
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Classes@TComponent@UpdateRegistry$qqrp17System@TMetaClassox17System@AnsiStringt3
@Classes@TComponent@SafeCallException$qqrp14System@TObjectpv
@Classes@TComponent@WriteState$qqrp15Classes@TWriter
@Classes@TPersistent@Assign$qqrp19Classes@TPersistent
@Classes@TStringList@
@Math@initialization$qqrv
@Math@Finalization$qqrv
@Contnrs@initialization$qqrv
@Contnrs@Finalization$qqrv
@Helpintfs@initialization$qqrv
@Helpintfs@Finalization$qqrv
@Multimon@initialization$qqrv
@Multimon@Finalization$qqrv
@Syncobjs@initialization$qqrv
@Syncobjs@Finalization$qqrv
@Uxtheme@initialization$qqrv
@Uxtheme@Finalization$qqrv
@Strutils@initialization$qqrv
@Strutils@Finalization$qqrv
@Flatsb@initialization$qqrv
@Flatsb@Finalization$qqrv
@Inifiles@initialization$qqrv
@Inifiles@Finalization$qqrv
@Registry@initialization$qqrv
@Registry@Finalization$qqrv
@Registry@TRegIniFile@ReadString$qqrx17System@AnsiStringt1t1
@Registry@TRegIniFile@$bctr$qqrx17System@AnsiString
@Registry@TRegistry@ReadString$qqrx17System@AnsiString
@Registry@TRegistry@WriteString$qqrx17System@AnsiStringt1
@Registry@TRegistry@OpenKey$qqrx17System@AnsiStringo
@Registry@TRegistry@SetRootKey$qqrui
@Registry@TRegistry@CloseKey$qqrv
@Registry@TRegistry@$bctr$qqrv
@Registry@TRegIniFile@
@Registry@TRegistry@
@Mapi@initialization$qqrv
@Mapi@Finalization$qqrv
@Maskutils@initialization$qqrv
@Maskutils@Finalization$qqrv
@Stdvcl@initialization$qqrv
@Stdvcl@Finalization$qqrv
@Comobj@initialization$qqrv
@Comobj@Finalization$qqrv
@Comconst@initialization$qqrv
@Comconst@Finalization$qqrv
kernel32
GetModuleHandleA
LoadLibraryA
GetVersionExA
GetSystemDirectoryA
GetProcAddress
GetLastError
GetComputerNameA
FreeLibrary
CreateMutexA
CopyFileA
Sleep
user32
ShowWindow
SetParent
ScreenToClient
PostMessageA
MessageBoxA
GetWindowTextA
GetForegroundWindow
GetCursorPos
FindWindowExA
FindWindowA
DragDetect
ExitWindowsEx
vcl70.bpl
@Consts@initialization$qqrv
@Consts@Finalization$qqrv
@Graphics@initialization$qqrv
@Graphics@Finalization$qqrv
@Graphics@TIcon@GetHandle$qqrv
@Graphics@TFont@SetStyle$qqr47System@%Set$t19Graphics@TFontStyle$iuc$0$iuc$3%
@Winhelpviewer@initialization$qqrv
@Winhelpviewer@Finalization$qqrv
@Printers@initialization$qqrv
@Printers@Finalization$qqrv
@Dialogs@initialization$qqrv
@Dialogs@Finalization$qqrv
@Clipbrd@initialization$qqrv
@Clipbrd@Finalization$qqrv
@Stdactns@initialization$qqrv
@Stdactns@Finalization$qqrv
@Stdctrls@initialization$qqrv
@Stdctrls@Finalization$qqrv
@Stdctrls@TRadioButton@
@Stdctrls@TComboBox@
@Stdctrls@TEdit@
@Stdctrls@TLabel@
@Extctrls@initialization$qqrv
@Extctrls@Finalization$qqrv
@Extctrls@TTimer@SetEnabled$qqro
@Extctrls@TImage@SetPicture$qqrp17Graphics@TPicture
@Extctrls@TPanel@
@Extctrls@TTimer@
@Extctrls@TImage@
@Extctrls@TShape@
@Toolwin@initialization$qqrv
@Toolwin@Finalization$qqrv
@Buttons@initialization$qqrv
@Buttons@Finalization$qqrv
@Extdlgs@initialization$qqrv
@Extdlgs@Finalization$qqrv
@Extactns@initialization$qqrv
@Extactns@Finalization$qqrv
@Comstrs@initialization$qqrv
@Comstrs@Finalization$qqrv
@Listactns@initialization$qqrv
@Listactns@Finalization$qqrv
@Comctrls@initialization$qqrv
@Comctrls@Finalization$qqrv
@Themes@initialization$qqrv
@Themes@Finalization$qqrv
@Menus@initialization$qqrv
@Menus@Finalization$qqrv
@Controls@initialization$qqrv
@Controls@Finalization$qqrv
@Controls@TWinControl@SetParentBackground$qqro
@Controls@TWinControl@CanAutoSize$qqrrit1
@Controls@TWinControl@AssignTo$qqrp19Classes@TPersistent
@Controls@TWinControl@ConstrainedResize$qqrrit1t1t1
@Controls@TWinControl@CanResize$qqrrit1
@Controls@TWinControl@GetClientOrigin$qqrv
@Controls@TWinControl@GetControlExtents$qqrv
@Controls@TWinControl@GetHandle$qqrv
@Controls@TWinControl@Repaint$qqrv
@Controls@TWinControl@Update$qqrv
@Controls@TWinControl@Invalidate$qqrv
@Controls@TWinControl@GetDeviceContext$qqrrui
@Controls@TWinControl@ShowControl$qqrp17Controls@TControl
@Controls@TWinControl@ScaleBy$qqrii
@Controls@TWinControl@SetBounds$qqriiii
@Controls@TWinControl@CustomAlignPosition$qqrp17Controls@TControlrit2t2t2r11Types@TRectrx19Controls@TAlignInfo
@Controls@TWinControl@CustomAlignInsertBefore$qqrp17Controls@TControlt1
@Controls@TWinControl@CreateHandle$qqrv
@Controls@TWinControl@DestroyWnd$qqrv
@Controls@TControl@InitiateAction$qqrv
@Controls@TControl@GetFloatingDockSiteClass$qqrv
@Controls@TControl@BringToFront$qqrv
@Controls@TControl@SetCursor$qqr16Controls@TCursor
@Controls@TControl@SetBiDiMode$qqr17Classes@TBiDiMode
@Controls@TControl@SetText$qqrx17System@AnsiString
@Controls@TControl@GetText$qqrv
@Controls@TControl@SetEnabled$qqro
@Controls@TControl@SetVisible$qqro
@Controls@TControl@SetName$qqrx17System@AnsiString
@Controls@TControl@SetAutoSize$qqro
@Controls@TControl@SetHeight$qqri
@Controls@TControl@SetWidth$qqri
@Controls@TControl@SetTop$qqri
@Controls@TControl@SetLeft$qqri
@Controls@TControl@SetDragMode$qqr18Controls@TDragMode
@Controls@TControl@GetAction$qqrv
@Controls@TControl@GetEnabled$qqrv
@Controls@TControl@GetDragImages$qqrv
@Imglist@initialization$qqrv
@Imglist@Finalization$qqrv
@Actnlist@initialization$qqrv
@Actnlist@Finalization$qqrv
@Forms@initialization$qqrv
@Forms@Finalization$qqrv
@Forms@TApplication@GetExeName$qqrv
@Forms@TApplication@MessageBox$qqrpxct1i
@Forms@TApplication@Terminate$qqrv
@Forms@TApplication@Run$qqrv
@Forms@TApplication@CreateForm$qqrp17System@TMetaClasspv
@Forms@TApplication@Initialize$qqrv
@Forms@TApplication@ProcessMessages$qqrv
@Forms@TApplication@SetTitle$qqrx17System@AnsiString
@Forms@TApplication@GetTitle$qqrv
@Forms@TScreen@SetCursor$qqr16Controls@TCursor
@Forms@TScreen@GetDesktopWidth$qqrv
@Forms@TScreen@GetDesktopHeight$qqrv
@Forms@TScreen@GetWidth$qqrv
@Forms@TScreen@GetHeight$qqrv
@Forms@TCustomForm@QueryInterface$qqsrx5_GUIDpv
@Forms@TCustomForm@UpdateActions$qqrv
@Forms@TCustomForm@ShowModal$qqrv
@Forms@TCustomForm@SetFocus$qqrv
@Forms@TCustomForm@Show$qqrv
@Forms@TCustomForm@Hide$qqrv
@Forms@TCustomForm@CloseQuery$qqrv
@Forms@TCustomForm@Close$qqrv
@Forms@TCustomForm@Resizing$qqr18Forms@TWindowState
@Forms@TCustomForm@PaintWindow$qqrui
@Forms@TCustomForm@SetFocusedControl$qqrp20Controls@TWinControl
@Forms@TCustomForm@DefaultHandler$qqrpv
@Forms@TCustomForm@DestroyWindowHandle$qqrv
@Forms@TCustomForm@CreateWindowHandle$qqrrx22Controls@TCreateParams
@Forms@TCustomForm@CreateWnd$qqrv
@Forms@TCustomForm@CreateParams$qqrr22Controls@TCreateParams
@Forms@TCustomForm@AlignControls$qqrp17Controls@TControlr11Types@TRect
@Forms@TCustomForm@WndProc$qqrr17Messages@TMessage
@Forms@TCustomForm@ValidateRename$qqrp18Classes@TComponentx17System@AnsiStringt2
@Forms@TCustomForm@SetParent$qqrp20Controls@TWinControl
@Forms@TCustomForm@WantChildKey$qqrp17Controls@TControlr17Messages@TMessage
@Forms@TCustomForm@SetVisible$qqro
@Forms@TCustomForm@SetParentBiDiMode$qqro
@Forms@TCustomForm@GetFloating$qqrv
@Forms@TCustomForm@GetClientRect$qqrv
@Forms@TCustomForm@DefineProperties$qqrp14Classes@TFiler
@Forms@TCustomForm@ReadState$qqrp15Classes@TReader
@Forms@TCustomForm@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Forms@TCustomForm@Loaded$qqrv
@Forms@TCustomForm@DoDestroy$qqrv
@Forms@TCustomForm@DoCreate$qqrv
@Forms@TCustomForm@$bdtr$qqrv
@Forms@TCustomForm@BeforeDestruction$qqrv
@Forms@TCustomForm@$bctr$qqrp18Classes@TComponenti
@Forms@TCustomForm@AfterConstruction$qqrv
@Forms@TCustomForm@$bctr$qqrp18Classes@TComponent
@Forms@TScrollingWinControl@AdjustClientRect$qqrr11Types@TRect
@Forms@TScrollingWinControl@AutoScrollInView$qqrp17Controls@TControl
@Forms@TScrollingWinControl@AutoScrollEnabled$qqrv
@Forms@Screen
@Forms@Application
@$xp$11Forms@TForm
@Forms@TForm@
@Mask@initialization$qqrv
@Mask@Finalization$qqrv
@Mask@TCustomMaskEdit@SetText$qqrx17System@AnsiString
@Mask@TCustomMaskEdit@GetText$qqrv
@Mask@TMaskEdit@
@Olectrls@initialization$qqrv
@Olectrls@Finalization$qqrv
@Axctrls@initialization$qqrv
@Axctrls@Finalization$qqrv
@Oleconst@initialization$qqrv
@Oleconst@Finalization$qqrv
@Oleserver@initialization$qqrv
@Oleserver@Finalization$qqrv
wininet
InternetGetConnectedState
shell32
ShellExecuteA
wsock32
WSACleanup
WSAStartup
gethostname
gethostbyname
indy70.bpl
@Idresourcestrings@initialization$qqrv
@Idresourcestrings@Finalization$qqrv
@Idexception@initialization$qqrv
@Idexception@Finalization$qqrv
@Iduri@initialization$qqrv
@Iduri@Finalization$qqrv
@Idwinsock2@initialization$qqrv
@Idwinsock2@Finalization$qqrv
@Idstackconsts@initialization$qqrv
@Idstackconsts@Finalization$qqrv
@Idstackwindows@initialization$qqrv
@Idstackwindows@Finalization$qqrv
@Idglobal@initialization$qqrv
@Idglobal@Finalization$qqrv
@Idstack@initialization$qqrv
@Idstack@Finalization$qqrv
@Idbasecomponent@initialization$qqrv
@Idbasecomponent@Finalization$qqrv
@Idantifreezebase@initialization$qqrv
@Idantifreezebase@Finalization$qqrv
@Idcomponent@initialization$qqrv
@Idcomponent@Finalization$qqrv
@Idiohandler@initialization$qqrv
@Idiohandler@Finalization$qqrv
@Idsockethandle@initialization$qqrv
@Idsockethandle@Finalization$qqrv
@Idassignednumbers@initialization$qqrv
@Idassignednumbers@Finalization$qqrv
@Idsocks@initialization$qqrv
@Idsocks@Finalization$qqrv
@Idrfcreply@initialization$qqrv
@Idrfcreply@Finalization$qqrv
@Idintercept@initialization$qqrv
@Idintercept@Finalization$qqrv
@Idtcpstream@initialization$qqrv
@Idtcpstream@Finalization$qqrv
@Idstream@initialization$qqrv
@Idstream@Finalization$qqrv
@Idiohandlersocket@initialization$qqrv
@Idiohandlersocket@Finalization$qqrv
@Idtcpconnection@initialization$qqrv
@Idtcpconnection@Finalization$qqrv
@Idtcpclient@initialization$qqrv
@Idtcpclient@Finalization$qqrv
@Idheaderlist@initialization$qqrv
@Idheaderlist@Finalization$qqrv
@Idemailaddress@initialization$qqrv
@Idemailaddress@Finalization$qqrv
@Idemailaddress@TIdEMailAddressList@SetEMailAddresses$qqr17System@AnsiString
@Idemailaddress@TIdEMailAddressItem@SetText$qqr17System@AnsiString
@Idcoderheader@initialization$qqrv
@Idcoderheader@Finalization$qqrv
@Idstrings@initialization$qqrv
@Idstrings@Finalization$qqrv
@Idiohandlerstream@initialization$qqrv
@Idiohandlerstream@Finalization$qqrv
@Idmessagecoder@initialization$qqrv
@Idmessagecoder@Finalization$qqrv
@Idcoder@initialization$qqrv
@Idcoder@Finalization$qqrv
@Idcoder3to4@initialization$qqrv
@Idcoder3to4@Finalization$qqrv
@Idcoderuue@initialization$qqrv
@Idcoderuue@Finalization$qqrv
@Idcoderxxe@initialization$qqrv
@Idcoderxxe@Finalization$qqrv
@Idmessagecoderuue@initialization$qqrv
@Idmessagecoderuue@Finalization$qqrv
@Idmessagecoderxxe@initialization$qqrv
@Idmessagecoderxxe@Finalization$qqrv
@Idcoderquotedprintable@initialization$qqrv
@Idcoderquotedprintable@Finalization$qqrv
@Idcodermime@initialization$qqrv
@Idcodermime@Finalization$qqrv
@Idmessagecodermime@initialization$qqrv
@Idmessagecodermime@Finalization$qqrv
@Idmessage@initialization$qqrv
@Idmessage@Finalization$qqrv
@Idmessage@TIdMessage@
@Idmessageclient@initialization$qqrv
@Idmessageclient@Finalization$qqrv
@Idsmtp@initialization$qqrv
@Idsmtp@Finalization$qqrv
@Idsmtp@TIdSMTP@SetAuthenticationType$qqrx26Idsmtp@TAuthenticationType
@Idsmtp@TIdSMTP@
@Idthread@initialization$qqrv
@Idthread@Finalization$qqrv
@Idserveriohandler@initialization$qqrv
@Idserveriohandler@Finalization$qqrv
@Idserveriohandlersocket@initialization$qqrv
@Idserveriohandlersocket@Finalization$qqrv
@Idthreadsafe@initialization$qqrv
@Idthreadsafe@Finalization$qqrv
@Idthreadmgr@initialization$qqrv
@Idthreadmgr@Finalization$qqrv
@Idthreadmgrdefault@initialization$qqrv
@Idthreadmgrdefault@Finalization$qqrv
@Idtcpserver@initialization$qqrv
@Idtcpserver@Finalization$qqrv
@Idtelnetserver@initialization$qqrv
@Idtelnetserver@Finalization$qqrv
vclx70.bpl
@Ddeman@initialization$qqrv
@Ddeman@Finalization$qqrv
@Ddeman@TDdeClientConv@SetLink$qqrx17System@AnsiStringt1
@Ddeman@TDdeClientConv@RequestData$qqrx17System@AnsiString
@Ddeman@TDdeClientConv@CloseLink$qqrv
@Ddeman@TDdeClientConv@$bctr$qqrp18Classes@TComponent
@Ddeman@TDdeClientConv@
vcljpg70.bpl
@Jconsts@initialization$qqrv
@Jconsts@Finalization$qqrv
@Jpeg@initialization$qqrv
@Jpeg@Finalization$qqrv
vclie70.bpl
@Shdocvw@initialization$qqrv
@Shdocvw@Finalization$qqrv
@Mshtml@initialization$qqrv
@Mshtml@Finalization$qqrv
Sections
.Upack Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE