Static task
static1
Behavioral task
behavioral1
Sample
065424a0edaabe55a654ae4a2738cb91_JaffaCakes118.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral2
Sample
065424a0edaabe55a654ae4a2738cb91_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
065424a0edaabe55a654ae4a2738cb91_JaffaCakes118
-
Size
470KB
-
MD5
065424a0edaabe55a654ae4a2738cb91
-
SHA1
2504f976514c4ba3271108cf1599aeb09585517a
-
SHA256
77471e8056974ce592422cc05937e14b86cc149ce0017ab65d0457ac183e08b8
-
SHA512
ee12c535b28f6a10015b610ee7f6113ed00e6ca988faab8423dea02da3a2844438c4b9d03961056f540242be7354378e72c06b72e9b49c7934d8686eae3c87ca
-
SSDEEP
12288:ucWN27thfPVcsx2QdUfsJKJVwN5JH153GJV6H//mUlbklbQSm:ucU27bfNtxIkJK3qlSV6/b+kSm
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 065424a0edaabe55a654ae4a2738cb91_JaffaCakes118
Files
-
065424a0edaabe55a654ae4a2738cb91_JaffaCakes118.exe windows:5 windows x86 arch:x86
cbf89130caf72d06767f58cf5a707654
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
sprintf
sscanf
getenv
_iob
fprintf
fflush
iswcntrl
wcscspn
isdigit
isxdigit
clock
_ui64tow
swprintf
malloc
_onexit
__dllonexit
_adjust_fdiv
fwrite
_beginthread
_endthread
towupper
_beginthreadex
_wtol
iswdigit
swscanf
iswspace
bsearch
_wcsnicmp
wcsstr
_wtoi
_ftol
iswalpha
wcscmp
wcsrchr
_wcsicmp
memmove
_vsnwprintf
wcsncpy
_except_handler3
wcslen
??2@YAPAXI@Z
realloc
??3@YAXPAX@Z
free
_wcsupr
_wcslwr
wcsncat
_strnicmp
difftime
iswascii
iswprint
wcsspn
wcscoll
_wcsicoll
_initterm
_ltow
vswprintf
_wfopen
fopen
_mbslen
floor
ceil
_CIpow
__CxxFrameHandler
rand
_vsnprintf
wcspbrk
_stricmp
qsort
wcschr
srand
wcstoul
_ultow
wcsncmp
fclose
_memicmp
wcstok
time
_snwprintf
tolower
memcmp
strlen
memcpy
memset
wcscpy
abort
_itow
wcstol
towlower
exit
wcstombs
iswalnum
_wtoi64
atoi
strcpy
_itoa
abs
strchr
isspace
toupper
_CIexp
longjmp
_setjmp3
strncmp
wcsftime
localtime
wcstod
ldexp
rpcrt4
NdrDllGetClassObject
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrStubCall2
NdrStubForwardingFunction
NdrClientCall2
UuidCreate
NdrDllCanUnloadNow
kernel32
RemoveDirectoryW
GetPrivateProfileStringA
GetPrivateProfileStringW
WritePrivateProfileStringA
WritePrivateProfileStringW
LoadLibraryExA
LoadLibraryExW
IsValidLocale
GetVolumeInformationW
IsBadWritePtr
GlobalMemoryStatus
GetACP
lstrcmpA
GetExitCodeProcess
GlobalDeleteAtom
CreateProcessA
GetVersion
OpenProcess
DeviceIoControl
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
GetWindowsDirectoryA
CompareStringA
CreateSemaphoreA
CreateSemaphoreW
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindResourceW
FormatMessageA
FormatMessageW
GetFileAttributesExA
GetFileAttributesExW
GetVolumeInformationA
GlobalAddAtomA
GlobalAddAtomW
lstrcatW
lstrcmpiA
lstrcmpiW
lstrcmpW
lstrcpyW
SetFileAttributesA
SetFileAttributesW
GetWindowsDirectoryW
CompareStringW
CreateProcessW
EnumResourceNamesA
EnumResourceNamesW
FindResourceExA
FindResourceExW
GetDateFormatA
GetDateFormatW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetNumberFormatA
GetNumberFormatW
GetProfileStringA
GetProfileStringW
GetSystemDirectoryA
GetSystemDirectoryW
GetTimeFormatA
GetTimeFormatW
OpenEventA
OpenEventW
QueryDosDeviceA
QueryDosDeviceW
WriteProfileStringA
WriteProfileStringW
FindAtomW
RemoveDirectoryA
GetCurrentDirectoryW
GetCurrentDirectoryA
CreateDirectoryW
CreateDirectoryA
GetVersionExW
GetModuleHandleW
GetModuleHandleA
FindFirstFileW
FindFirstFileA
GetShortPathNameW
GetShortPathNameA
GetTempPathW
GetTempPathA
MoveFileW
MoveFileA
CopyFileW
CopyFileA
OutputDebugStringW
OutputDebugStringA
LoadLibraryW
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindNextFileW
FindNextFileA
CreateEventW
GetFileAttributesW
GetFileAttributesA
GetTempFileNameW
GetTempFileNameA
GetDriveTypeW
GetDriveTypeA
DeleteFileW
DeleteFileA
LCMapStringW
LCMapStringA
GetLongPathNameW
GetLongPathNameA
GetFullPathNameW
GetFullPathNameA
CreateFileMappingW
CreateMutexW
CreateMutexA
FlushFileBuffers
SetEndOfFile
GetFileType
GetLocaleInfoA
lstrlenW
ExitProcess
InterlockedExchange
InterlockedCompareExchange
GlobalSize
CopyFileExW
LocalFileTimeToFileTime
GetSystemInfo
CreateEventA
CreateFileMappingA
CreateFileW
CreateFileA
GetVersionExA
LocalAlloc
SetFilePointer
DebugBreak
WaitForMultipleObjects
GetThreadPriority
ReleaseSemaphore
ExitThread
WideCharToMultiByte
Sleep
FreeLibraryAndExitThread
ResetEvent
GetSystemPowerStatus
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
GetLocalTime
IsBadReadPtr
WriteFile
GetFileSize
GetSystemDefaultLCID
GetUserDefaultLCID
GlobalAlloc
GlobalFree
VirtualAlloc
VirtualFree
LoadLibraryA
SetErrorMode
WaitForSingleObjectEx
ReadDirectoryChangesW
CreateThread
GetExitCodeThread
GetUserDefaultLangID
GlobalLock
GlobalUnlock
GetThreadLocale
FindNextChangeNotification
FindClose
FindCloseChangeNotification
RaiseException
lstrcpynW
lstrcpynA
LocalFree
GetCurrentThread
SetThreadPriority
MapViewOfFile
DuplicateHandle
WaitForSingleObject
SetEvent
ReleaseMutex
UnmapViewOfFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetLastError
GetCurrentThreadId
FlushInstructionCache
MulDiv
DisableThreadLibraryCalls
SizeofResource
lstrlenA
ReadFile
CloseHandle
GetSystemTime
SystemTimeToFileTime
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
FreeLibrary
FindResourceA
LoadResource
LockResource
HeapDestroy
GetTimeZoneInformation
GetFileTime
FreeResource
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetLastError
GetCurrentProcess
gdi32
GetTextMetricsW
GetTextMetricsA
GetTextExtentPointW
GetTextExtentPointA
GetTextExtentPoint32W
GetTextExtentPoint32A
GetObjectW
CreateMetaFileW
CreateMetaFileA
CreateICW
CreateICA
CreateFontW
CreateFontA
CreateFontIndirectW
CreateFontIndirectA
CreateDCW
CreateDCA
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
GetSystemPaletteEntries
CreatePalette
GetPaletteEntries
SetPaletteEntries
SelectPalette
RealizePalette
GetTextAlign
GetRegionData
ExtSelectClipRgn
MaskBlt
ExtCreateRegion
GetDIBits
GetObjectA
GetDIBColorTable
CreateDIBSection
SetTextAlign
TextOutW
StretchDIBits
SetDIBitsToDevice
BitBlt
GetObjectType
GetBkColor
GetLayout
IntersectClipRect
PatBlt
PtInRegion
GetRgnBox
SetRectRgn
StretchBlt
SetTextCharacterExtra
DPtoLP
SetBkColor
ExtTextOutW
SetROP2
Polygon
CreateSolidBrush
CreatePenIndirect
SelectClipRgn
OffsetWindowOrgEx
CreateBrushIndirect
Rectangle
OffsetRgn
CombineRgn
CreateRectRgn
CreateCompatibleBitmap
GetClipBox
OffsetViewportOrgEx
CreateRectRgnIndirect
ExcludeClipRect
CreatePen
MoveToEx
LineTo
RectVisible
SetLayout
SetStretchBltMode
CreateCompatibleDC
SetBkMode
SetTextColor
GetStockObject
SelectObject
DeleteObject
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
user32
MessageBoxA
MessageBoxW
CharNextA
MonitorFromRect
InflateRect
DrawFocusRect
GetMessagePos
GetMessageTime
GetScrollInfo
WindowFromDC
CallNextHookEx
UnhookWindowsHookEx
GetWindowDC
GetNextDlgTabItem
DrawEdge
IsMenu
CopyImage
NotifyWinEvent
EnumWindows
SetMenu
GetDlgItemInt
RegisterWindowMessageA
CheckRadioButton
ShowCursor
BringWindowToTop
SetMenuInfo
LoadCursorA
TranslateAcceleratorA
GetAncestor
SendMessageA
AppendMenuA
AppendMenuW
CallWindowProcA
CallWindowProcW
CharLowerW
CreateDialogParamA
CreateDialogParamW
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DialogBoxParamA
DialogBoxParamW
DispatchMessageA
DrawTextA
DrawTextW
FindWindowA
FindWindowW
GetClassInfoA
GetClassInfoW
GetClassInfoExA
GetClassInfoExW
GetClassLongA
GetClassLongW
SetClassLongA
SetClassLongW
GetClassNameA
GetClassNameW
GetDlgItemTextA
GetDlgItemTextW
GetMessageW
GetPropA
GetPropW
GetWindowLongA
GetWindowLongW
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextA
GetWindowTextW
InsertMenuA
InsertMenuW
IsDialogMessageA
IsDialogMessageW
LoadAcceleratorsA
LoadAcceleratorsW
LoadCursorW
GetMessageA
LoadIconW
LoadMenuA
LoadMenuW
LoadStringW
ModifyMenuA
ModifyMenuW
LoadImageA
LoadImageW
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostThreadMessageW
RegisterClassA
RegisterClassW
RegisterClassExA
RegisterClassExW
UnregisterClassA
UnregisterClassW
RegisterClipboardFormatA
RegisterClipboardFormatW
RegisterWindowMessageW
SendMessageW
SendMessageTimeoutW
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
SetPropA
SetPropW
SetMenuItemInfoA
SetMenuItemInfoW
SetWindowLongA
SetWindowLongW
SetWindowsHookExA
SetWindowsHookExW
SetWindowTextA
SetWindowTextW
TranslateAcceleratorW
VkKeyScanA
VkKeyScanW
WinHelpA
WinHelpW
wvsprintfW
GetMonitorInfoA
GetMonitorInfoW
SystemParametersInfoA
SystemParametersInfoW
CharNextW
CharUpperBuffW
CopyAcceleratorTableA
CopyAcceleratorTableW
FindWindowExA
FindWindowExW
GetMenuItemInfoA
GetMenuItemInfoW
InsertMenuItemA
InsertMenuItemW
GetMenuStringA
GetMenuStringW
MonitorFromPoint
EndDialog
SetForegroundWindow
CloseWindow
GetWindowThreadProcessId
GetWindowRgn
GetTopWindow
GetWindow
RedrawWindow
SetWindowPlacement
GetWindowPlacement
IsIconic
GetMenu
GetMenuItemID
IsWindowEnabled
GetIconInfo
GetSysColorBrush
DrawIconEx
DestroyIcon
CheckMenuItem
EnableMenuItem
DeleteMenu
CheckMenuRadioItem
CreateMenu
SetActiveWindow
GetParent
InvalidateRgn
DestroyAcceleratorTable
DispatchMessageW
PostThreadMessageA
CopyIcon
WaitMessage
SendMessageTimeoutA
DestroyCursor
SetParent
GetDesktopWindow
MonitorFromWindow
GetDoubleClickTime
SetDlgItemInt
MsgWaitForMultipleObjects
EnumChildWindows
ClipCursor
GetAsyncKeyState
GetSysColor
ScrollWindowEx
SetScrollInfo
DrawAnimatedRects
CheckDlgButton
GetDlgCtrlID
AdjustWindowRectEx
GetUpdateRect
LoadIconA
ValidateRect
GetKeyState
GetCursorPos
GetForegroundWindow
GetCapture
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
UnionRect
GetSubMenu
IsRectEmpty
ScreenToClient
GetSystemMetrics
GetActiveWindow
ReleaseCapture
SetCapture
TrackPopupMenu
IsWindowUnicode
EnableWindow
SetRectEmpty
FrameRect
MapWindowPoints
CopyRect
SetRect
FillRect
SetCursor
KillTimer
SetTimer
InvalidateRect
UpdateWindow
RemoveMenu
PtInRect
CreatePopupMenu
GetMenuItemCount
DestroyMenu
MessageBeep
GetQueueStatus
ClientToScreen
TrackPopupMenuEx
SetWindowPos
LoadStringA
IsWindowVisible
SetFocus
PostQuitMessage
TranslateMessage
wsprintfW
GetDialogBaseUnits
GetWindowRect
IsWindow
DestroyWindow
GetDlgItem
MoveWindow
ShowWindow
GetFocus
IsChild
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
SetScrollPos
IsDlgButtonChecked
advapi32
RegNotifyChangeKeyValue
RegQueryValueExA
RegOpenKeyExA
CryptGenRandom
CryptAcquireContextW
GetFileSecurityW
SetFileSecurityW
RegCreateKeyExA
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegEnumKeyExA
RegEnumKeyExW
RegEnumValueA
RegEnumValueW
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
AllocateAndInitializeSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AccessCheck
FreeSid
OpenThreadToken
OpenProcessToken
DuplicateTokenEx
RegCloseKey
LogonUserW
RegDeleteValueW
RegDeleteValueA
RegSetValueExW
RegSetValueExA
RegSetValueW
RegSetValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyW
RegCreateKeyA
ole32
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromCLSID
OleRegGetUserType
HWND_UserFree
CoGetTreatAsClass
OleLoadFromStream
PropVariantClear
CoGetClassObject
WriteClassStm
CreateDataAdviseHolder
CLSIDFromProgID
IsAccelerator
DoDragDrop
StringFromIID
CoCreateInstance
CoReleaseMarshalData
CoUnmarshalInterface
CoMarshalInterface
CoGetMalloc
CoCreateFreeThreadedMarshaler
OleSaveToStream
GetHGlobalFromStream
PropVariantCopy
CoFileTimeNow
CoInitializeEx
StringFromGUID2
CoCreateGuid
CreateStreamOnHGlobal
CoDisconnectObject
GetRunningObjectTable
CoMarshalInterThreadInterfaceInStream
CoInitialize
CoGetInterfaceAndReleaseStream
CoUninitialize
CoFreeUnusedLibraries
CLSIDFromString
ReleaseStgMedium
RevokeDragDrop
CoRegisterClassObject
RegisterDragDrop
CoRevokeClassObject
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegEnumVerbs
HMENU_UserSize
HMENU_UserMarshal
HMENU_UserUnmarshal
HMENU_UserFree
HBITMAP_UserSize
HBITMAP_UserMarshal
HBITMAP_UserUnmarshal
HBITMAP_UserFree
HWND_UserSize
HWND_UserMarshal
HWND_UserUnmarshal
oleaut32
LoadTypeLi
RegisterTypeLi
VariantClear
LoadRegTypeLi
SysStringLen
SysAllocStringLen
VARIANT_UserFree
VARIANT_UserUnmarshal
VARIANT_UserMarshal
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserFree
BSTR_UserSize
BSTR_UserMarshal
BSTR_UserUnmarshal
VarUI4FromStr
SysFreeString
SysAllocString
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
VariantCopy
VariantChangeType
VariantInit
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
SystemTimeToVariantTime
SysStringByteLen
VariantTimeToSystemTime
VarCmp
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreateVectorEx
VariantChangeTypeEx
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayGetElemsize
SafeArrayGetDim
OleLoadPicture
SysAllocStringByteLen
SafeArrayCreate
SafeArrayGetElement
BSTR_UserFree
VARIANT_UserSize
version
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
msvfw32
ICInfo
ICInstall
Sections
.text Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 2KB - Virtual size: 13B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: 2KB - Virtual size: 430B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ik Size: 2KB - Virtual size: 106B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ocode Size: 2KB - Virtual size: 146B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.kpack0 Size: 196KB - Virtual size: 195KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gddg8 Size: 2KB - Virtual size: 356B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.iaoq Size: 2KB - Virtual size: 60B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.oxcodex Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.0x0x1 Size: 2KB - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.0x0x2 Size: 2KB - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.0x0x Size: 198KB - Virtual size: 197KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.0x0x3 Size: 2KB - Virtual size: 160B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.0x0x4 Size: 2KB - Virtual size: 160B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.CRT Size: 2KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 426B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ