Static task
static1
Behavioral task
behavioral1
Sample
dc7e96dc007019f24ee7c179f77319d4_JaffaCakes118.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral2
Sample
dc7e96dc007019f24ee7c179f77319d4_JaffaCakes118.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
General
-
Target
dc7e96dc007019f24ee7c179f77319d4_JaffaCakes118
-
Size
158KB
-
MD5
dc7e96dc007019f24ee7c179f77319d4
-
SHA1
600b80fc50dc9e88c55e1e3a91d80a54498c20ea
-
SHA256
d90bdeeca4341ceb66501df60ca2720c11e436796addc5a31a58aa5a08d6831d
-
SHA512
c3cd206912c02673303fdbd6dd4c7c6436bf7e9eac4374c3cbc1ba1e07ada54e264eadda4fa467e4ebab4d205e0492b88f4147eb76ad3b62520990992216c78b
-
SSDEEP
3072:CEleevsl0ucj8mY3BISh3gPsbRDNYgj1ikrrkgL9x5omD7x+wgZMYFc:CS2F+RSWSCmDNYZkrR9x5ojv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dc7e96dc007019f24ee7c179f77319d4_JaffaCakes118
Files
-
dc7e96dc007019f24ee7c179f77319d4_JaffaCakes118.exe windows:4 windows x86 arch:x86
727e9b6e5b599beb2582ada6995acf67
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
GetObjectW
DPtoLP
SetBkMode
RestoreDC
CreateDCA
SetTextCharacterExtra
GetDeviceCaps
SetTextAlign
PtInRegion
SetDIBitsToDevice
GetClipBox
RectVisible
GetPaletteEntries
OffsetViewportOrgEx
SetWindowOrgEx
CreateDCW
StretchBlt
SelectObject
SetViewportOrgEx
SetStretchBltMode
CreateDIBSection
RealizePalette
CombineRgn
SetROP2
ExtCreateRegion
ExtTextOutW
CreateMetaFileA
SaveDC
GetBkColor
SetPaletteEntries
CreatePen
BitBlt
GetTextMetricsA
CreateFontW
CreatePalette
MaskBlt
SelectPalette
LineTo
OffsetWindowOrgEx
CreateRectRgn
SetWindowExtEx
PatBlt
CreateMetaFileW
ExcludeClipRect
Polygon
CreateCompatibleBitmap
GetStockObject
CreateFontA
GetDIBits
IntersectClipRect
TextOutW
SetMapMode
GetLayout
CreateFontIndirectA
SetRectRgn
GetDIBColorTable
GetSystemPaletteEntries
GetTextExtentPointA
OffsetRgn
CreateFontIndirectW
GetTextAlign
GetRegionData
GetRgnBox
DeleteObject
GetTextMetricsW
LPtoDP
SelectClipRgn
MoveToEx
CreateBrushIndirect
CreateRectRgnIndirect
CreateICW
SetLayout
ExtSelectClipRgn
GetTextExtentPoint32A
CreateICA
CreatePenIndirect
GetObjectType
DeleteMetaFile
CreateSolidBrush
GetTextExtentPoint32W
CreateCompatibleDC
GetTextExtentPointW
Rectangle
SetTextColor
GetObjectA
CloseMetaFile
StretchDIBits
DeleteDC
SetBkColor
ole32
StringFromGUID2
CreateDataAdviseHolder
HBITMAP_UserUnmarshal
PropVariantClear
HMENU_UserFree
CoCreateFreeThreadedMarshaler
CoGetTreatAsClass
DoDragDrop
HWND_UserUnmarshal
CoGetClassObject
CoUninitialize
CoInitialize
CoGetInterfaceAndReleaseStream
CoTaskMemFree
CreateOleAdviseHolder
RevokeDragDrop
StringFromCLSID
CoReleaseMarshalData
CoGetMalloc
OleRegGetMiscStatus
StringFromIID
CLSIDFromProgID
CoRevokeClassObject
GetHGlobalFromStream
CoCreateInstance
ReleaseStgMedium
HBITMAP_UserFree
CoTaskMemAlloc
OleSaveToStream
HWND_UserMarshal
CreateStreamOnHGlobal
CoUnmarshalInterface
OleRegGetUserType
GetRunningObjectTable
HMENU_UserUnmarshal
HWND_UserFree
CoFreeUnusedLibraries
RegisterDragDrop
CoFileTimeNow
HBITMAP_UserMarshal
CoRegisterClassObject
CoMarshalInterThreadInterfaceInStream
CoDisconnectObject
CoTaskMemRealloc
CoCreateGuid
CLSIDFromString
HMENU_UserSize
OleLoadFromStream
HMENU_UserMarshal
CoMarshalInterface
PropVariantCopy
HBITMAP_UserSize
WriteClassStm
IsAccelerator
CoInitializeEx
OleRegEnumVerbs
HWND_UserSize
kernel32
WriteProfileStringW
GetSystemDirectoryA
OpenEventW
HeapDestroy
FindFirstChangeNotificationW
lstrcmpiW
GetFullPathNameW
GetCurrentProcessId
GetNumberFormatW
GetTempFileNameW
GetLogicalDriveStringsA
GetDiskFreeSpaceA
GetVersion
SetFileAttributesA
GlobalSize
SetFileAttributesW
GetTempPathA
CompareStringW
lstrcmpiA
LoadLibraryW
FormatMessageW
GetLastError
GetFileAttributesA
LeaveCriticalSection
LoadResource
GetModuleFileNameW
GetCurrentThread
GetProfileStringW
FindNextChangeNotification
GetLocaleInfoW
FreeLibraryAndExitThread
GetUserDefaultLCID
GetLongPathNameW
FreeEnvironmentStringsW
GlobalMemoryStatus
RemoveDirectoryW
GetThreadLocale
GetFileTime
GetVolumeInformationA
FindResourceExW
HeapAlloc
lstrcpynW
QueryPerformanceCounter
GetDriveTypeW
GetPrivateProfileStringW
FormatMessageA
FindCloseChangeNotification
FindNextFileW
CreateMutexA
SetThreadPriority
MulDiv
CloseHandle
WritePrivateProfileStringW
FlushFileBuffers
GetThreadPriority
GetCurrentDirectoryA
FlushInstructionCache
GlobalAlloc
SetLastError
GetSystemDefaultLCID
CreateFileA
CreateMutexW
GetLocalTime
GetTempFileNameA
GetEnvironmentStrings
InitializeCriticalSection
GetVolumeInformationW
FindNextFileA
GetSystemInfo
GetFileAttributesExA
DeleteFileW
DeleteFileA
VirtualFree
GetSystemTimeAsFileTime
lstrcmpW
MapViewOfFile
ReadDirectoryChangesW
SetUnhandledExceptionFilter
CompareStringA
GetProfileStringA
GetPrivateProfileStringA
GetCurrentProcess
GetExitCodeProcess
QueryDosDeviceW
GetWindowsDirectoryA
OpenEventA
lstrcmpA
CopyFileExW
FindFirstFileW
lstrlenW
FindAtomW
LockResource
FileTimeToSystemTime
GetSystemPowerStatus
RaiseException
DeleteCriticalSection
GlobalLock
CreateEventW
CreateThread
GetShortPathNameA
GetFileAttributesExW
GlobalFree
InterlockedExchange
WaitForSingleObject
lstrcpyW
MultiByteToWideChar
ResetEvent
SetEndOfFile
DuplicateHandle
lstrlenA
IsValidLocale
ExpandEnvironmentStringsW
GlobalAddAtomW
LocalAlloc
SetErrorMode
RemoveDirectoryA
LCMapStringA
GetLongPathNameA
HeapFree
GetModuleHandleW
EnterCriticalSection
QueryDosDeviceA
GetDateFormatW
OutputDebugStringA
FindResourceW
CreateDirectoryA
GetVersionExW
CreateFileMappingW
GetSystemDirectoryW
UnmapViewOfFile
InterlockedDecrement
LocalFileTimeToFileTime
lstrcpynA
GetDateFormatA
WriteFile
LocalFree
SystemTimeToFileTime
GetVersionExA
WritePrivateProfileStringA
GetShortPathNameW
GetLogicalDriveStringsW
OpenProcess
EnumResourceNamesW
LCMapStringW
ExpandEnvironmentStringsA
CreateDirectoryW
FileTimeToLocalFileTime
CreateEventA
GetTimeFormatA
FreeResource
FreeLibrary
WaitForSingleObjectEx
IsBadWritePtr
GlobalDeleteAtom
GetTimeZoneInformation
GetWindowsDirectoryW
FindClose
GlobalUnlock
CreateFileW
GetSystemTime
OutputDebugStringW
GetExitCodeThread
WaitForMultipleObjects
FreeEnvironmentStringsA
GetDriveTypeA
LoadLibraryExA
InterlockedIncrement
GetTimeFormatW
GetFileSize
ReleaseMutex
EnumResourceNamesA
ReleaseSemaphore
FindResourceA
ReadFile
GetModuleFileNameA
GetFileType
GetFileAttributesW
SetFilePointer
SetEvent
WideCharToMultiByte
GetUserDefaultLangID
SizeofResource
GetProcessHeap
IsBadReadPtr
GetNumberFormatA
lstrcatW
GetCurrentDirectoryW
FindFirstFileA
CreateFileMappingA
GlobalAddAtomA
FindResourceExA
WriteProfileStringA
DeviceIoControl
GetLocaleInfoA
CompareFileTime
GetFullPathNameA
msvcrt
vswprintf
_wtoi64
atoi
swprintf
wcsncpy
_wcsicoll
abort
fopen
fclose
wcslen
time
wcstok
iswdigit
__CxxFrameHandler
wcstombs
bsearch
tolower
_snwprintf
iswspace
wcsncat
isdigit
toupper
difftime
wcstoul
localtime
_wtoi
_ltow
_stricmp
_onexit
_wcsicmp
ldexp
__dllonexit
_ultow
wcspbrk
_wtol
sscanf
towupper
swscanf
wcsrchr
getenv
longjmp
_beginthread
malloc
ceil
realloc
wcscmp
iswalnum
_adjust_fdiv
fflush
_itow
_wfopen
srand
_memicmp
memset
sprintf
qsort
wcscpy
wcschr
_wcsnicmp
_vsnprintf
wcsncmp
free
_CIpow
strlen
memcmp
_except_handler3
_mbslen
isxdigit
iswcntrl
_beginthreadex
_endthread
??2@YAPAXI@Z
strchr
wcsftime
fprintf
_ftol
wcscspn
floor
_CIexp
_strnicmp
memcpy
clock
strcpy
_wcsupr
strncmp
iswascii
rand
_wcslwr
memmove
_ui64tow
wcstol
_setjmp3
towlower
isspace
iswprint
_vsnwprintf
wcsspn
_iob
wcsstr
wcscoll
wcstod
_itoa
abs
fwrite
_initterm
??3@YAXPAX@Z
iswalpha
user32
SetForegroundWindow
GetDesktopWindow
AppendMenuA
WindowFromDC
UnregisterClassA
NotifyWinEvent
SystemParametersInfoA
SetMenuInfo
LoadImageW
PostThreadMessageW
FindWindowExW
SetRectEmpty
GetMenu
SendMessageTimeoutW
GetClientRect
wsprintfW
CallWindowProcA
GetMenuStringA
DialogBoxParamW
GetWindow
EnableWindow
MessageBoxA
LoadAcceleratorsA
DrawIconEx
GetWindowTextLengthW
CharNextW
SetDlgItemTextA
CheckMenuItem
GetSysColorBrush
IntersectRect
FindWindowW
RegisterClassExW
SetWindowPos
UnhookWindowsHookEx
WinHelpA
UnregisterClassW
MoveWindow
GetWindowLongA
GetIconInfo
GetQueueStatus
GetClassLongA
MessageBeep
SetTimer
GetPropW
SetParent
CopyAcceleratorTableW
IsDialogMessageA
LoadIconW
CharNextA
GetClassInfoW
FrameRect
KillTimer
SetWindowPlacement
ClipCursor
ModifyMenuW
PostThreadMessageA
GetDoubleClickTime
GetClassNameA
OffsetRect
RedrawWindow
GetFocus
CheckMenuRadioItem
IsChild
SetCapture
VkKeyScanA
TranslateAcceleratorA
WinHelpW
GetMonitorInfoW
SetRect
CopyRect
SetActiveWindow
PostMessageW
DialogBoxParamA
LoadImageA
GetMessageTime
EndPaint
SetClassLongA
GetWindowThreadProcessId
IsRectEmpty
IsMenu
GetAsyncKeyState
GetWindowPlacement
SetPropW
LoadCursorA
RegisterClassW
GetTopWindow
SetWindowLongW
EnumChildWindows
SystemParametersInfoW
GetClassInfoA
RegisterWindowMessageA
LoadMenuW
ReleaseCapture
BringWindowToTop
GetWindowRect
SetMenuItemInfoA
EndDialog
SendMessageA
SendMessageTimeoutA
DefWindowProcA
GetDlgCtrlID
CreateWindowExA
RegisterWindowMessageW
MsgWaitForMultipleObjects
PostQuitMessage
DrawAnimatedRects
GetParent
MapWindowPoints
LoadCursorW
MessageBoxW
ReleaseDC
ShowWindow
PeekMessageA
PostMessageA
SendDlgItemMessageW
UpdateWindow
SetWindowTextA
LoadAcceleratorsW
GetSystemMetrics
TrackPopupMenuEx
GetUpdateRect
RegisterClassExA
IsWindowUnicode
MonitorFromWindow
ValidateRect
GetNextDlgTabItem
SetWindowRgn
RegisterClipboardFormatA
DeleteMenu
GetClassInfoExA
SetCursor
DestroyCursor
DestroyIcon
InsertMenuItemW
InsertMenuA
wvsprintfW
GetDlgItemTextW
DrawTextW
GetDC
GetMenuItemCount
DestroyMenu
GetWindowTextW
DispatchMessageW
LoadStringA
FillRect
EnableMenuItem
SetMenu
GetScrollInfo
GetMessageA
ShowCursor
GetKeyState
GetCapture
TranslateAcceleratorW
CreateDialogParamW
SetWindowTextW
SetWindowsHookExW
CopyImage
LoadMenuA
GetMenuStringW
InsertMenuW
CreatePopupMenu
UnionRect
GetClassNameW
InvalidateRgn
GetWindowDC
DestroyWindow
IsIconic
GetWindowRgn
AppendMenuW
SetClassLongW
GetActiveWindow
ScreenToClient
GetSubMenu
CheckDlgButton
CloseWindow
MonitorFromRect
GetDialogBaseUnits
SetDlgItemInt
GetClassInfoExW
VkKeyScanW
GetWindowLongW
ScrollWindowEx
LoadStringW
InflateRect
SetWindowLongA
DrawTextA
GetWindowTextLengthA
PtInRect
SetPropA
GetMenuItemInfoA
ClientToScreen
RegisterClassA
GetDlgItem
GetWindowTextA
EnumWindows
CopyAcceleratorTableA
GetDlgItemTextA
SetScrollPos
IsDialogMessageW
DestroyAcceleratorTable
InvalidateRect
GetMonitorInfoA
GetMessagePos
DispatchMessageA
CreateMenu
PeekMessageW
SetWindowsHookExA
GetMenuItemID
SetMenuItemInfoW
TrackPopupMenu
GetSysColor
GetClassLongW
CharLowerW
CopyIcon
CallWindowProcW
InsertMenuItemA
LoadIconA
CreateDialogParamA
ModifyMenuA
FindWindowA
CallNextHookEx
GetPropA
SetScrollInfo
DefWindowProcW
TranslateMessage
SetFocus
BeginPaint
MonitorFromPoint
GetMenuItemInfoW
RegisterClipboardFormatW
RemoveMenu
GetMessageW
AdjustWindowRectEx
DrawFocusRect
GetAncestor
GetForegroundWindow
IsWindowVisible
WaitMessage
SetDlgItemTextW
EqualRect
CharUpperBuffW
GetCursorPos
IsWindowEnabled
IsDlgButtonChecked
SendMessageW
IsWindow
CreateWindowExW
DrawEdge
CheckRadioButton
FindWindowExA
rpcrt4
NdrDllCanUnloadNow
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
UuidCreate
IUnknown_AddRef_Proxy
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerQueryInterface
NdrCStdStubBuffer2_Release
IUnknown_Release_Proxy
NdrOleFree
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Connect
NdrCStdStubBuffer_Release
CStdStubBuffer_DebugServerRelease
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_Invoke
NdrStubForwardingFunction
NdrOleAllocate
NdrClientCall2
CStdStubBuffer_AddRef
CStdStubBuffer_IsIIDSupported
NdrStubCall2
advapi32
RegCreateKeyExW
RegQueryInfoKeyW
SetSecurityDescriptorGroup
RegSetValueA
OpenThreadToken
RegEnumKeyExA
GetFileSecurityW
CryptGenRandom
RegEnumValueA
LogonUserW
AddAccessAllowedAce
CryptAcquireContextW
RegQueryInfoKeyA
RegQueryValueExW
RegCloseKey
FreeSid
RegSetValueExW
RegNotifyChangeKeyValue
AllocateAndInitializeSid
RegCreateKeyExA
SetFileSecurityW
RegOpenKeyExA
RegCreateKeyW
RegSetValueExA
RegQueryValueExA
InitializeSecurityDescriptor
RegEnumValueW
RegDeleteKeyW
SetSecurityDescriptorOwner
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyA
AccessCheck
RegSetValueW
OpenProcessToken
SetSecurityDescriptorDacl
RegDeleteValueA
RegCreateKeyA
GetLengthSid
DuplicateTokenEx
RegEnumKeyExW
InitializeAcl
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
comctl32
ImageList_ReplaceIcon
ImageList_AddMasked
CreatePropertySheetPageA
ImageList_Draw
ImageList_Destroy
ImageList_GetIconSize
CreatePropertySheetPageW
PropertySheetW
ImageList_LoadImageW
ImageList_Add
_TrackMouseEvent
ImageList_LoadImageA
PropertySheetA
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_Create
ImageList_GetImageCount
CreateStatusWindowW
ImageList_Remove
msvfw32
ICInfo
ICInstall
Sections
.text Size: 66KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 41KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ