IternalJob
SetPath
Behavioral task
behavioral1
Sample
JaffaCakes118_7fb70df5d535857b5c229254ec8274550cc3fe4ddbc0a78cdd98f3332c2629d8.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_7fb70df5d535857b5c229254ec8274550cc3fe4ddbc0a78cdd98f3332c2629d8.dll
Resource
win10v2004-20241007-en
Target
JaffaCakes118_7fb70df5d535857b5c229254ec8274550cc3fe4ddbc0a78cdd98f3332c2629d8
Size
2.3MB
MD5
993578523d3c64d02a4af460694f7cf0
SHA1
edecc2ef0c7a4ec9ed8d31c2cabb08631c91d081
SHA256
7fb70df5d535857b5c229254ec8274550cc3fe4ddbc0a78cdd98f3332c2629d8
SHA512
39ae0d968d9839bd66450bc01a6ae8d29345190f108f4e4172bd2138eca098494a175b22d9549f3947d3bf93552f8a86f607c02f15596df30720be8818f95e94
SSDEEP
49152:2te5uI3Oe4DiBqcWeyh7p4JumqBq7CdJywzqPGmTLBx:253YumB7Ch1mnB
bumblebee
VPS1
45.147.229.23:443
Checks for missing Authenticode signature.
resource |
---|
JaffaCakes118_7fb70df5d535857b5c229254ec8274550cc3fe4ddbc0a78cdd98f3332c2629d8 |
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
GetLocalTime
GetProcAddress
SystemTimeToFileTime
GetModuleHandleW
GetCurrentProcess
Thread32Next
Thread32First
GetModuleHandleA
OpenProcess
LoadLibraryA
VirtualProtectEx
OpenThread
GetStdHandle
GetFileType
WriteFile
MultiByteToWideChar
SwitchToFiber
DeleteFiber
CreateFiber
WideCharToMultiByte
ConvertFiberToThread
ConvertThreadToFiber
QueryPerformanceCounter
GetTickCount
GlobalMemoryStatus
GetEnvironmentVariableW
GetConsoleMode
ReadConsoleA
ReadConsoleW
SetConsoleMode
GetSystemTime
ReadFile
GetModuleFileNameW
SetFilePointer
lstrlenA
CreateFileW
lstrcmpA
VirtualAlloc
HeapFree
CreateFileA
HeapReAlloc
HeapAlloc
GetFileSize
GetProcessHeap
VirtualQuery
lstrcpyA
Wow64DisableWow64FsRedirection
ExpandEnvironmentStringsW
Wow64RevertWow64FsRedirection
GetWindowsDirectoryW
LocalFree
GlobalMemoryStatusEx
VerifyVersionInfoW
GetFileAttributesW
LoadLibraryW
Process32FirstW
GetFullPathNameW
GetCurrentDirectoryW
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
FindFirstFileW
SetEndOfFile
HeapSize
CreateIoCompletionPort
TlsFree
GetSystemTimeAsFileTime
TlsGetValue
SleepEx
VerSetConditionMask
DeleteCriticalSection
CreateWaitableTimerA
QueueUserAPC
TlsAlloc
TerminateThread
CreateEventW
PostQueuedCompletionStatus
GetQueuedCompletionStatus
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
EnterCriticalSection
SetLastError
VerifyVersionInfoA
TlsSetValue
SetWaitableTimer
CreateEventA
GetCurrentProcessId
ExitProcess
SetEvent
GetLastError
GetModuleHandleExA
Sleep
lstrcatA
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
FindNextFileW
FindNextFileA
FindFirstFileExA
FindClose
GetTimeZoneInformation
GetOEMCP
IsValidCodePage
OutputDebugStringW
SetStdHandle
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
FileTimeToSystemTime
GetACP
WriteConsoleW
SetConsoleCtrlHandler
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
FreeLibrary
RtlUnwindEx
RaiseException
RtlPcToFileHeader
InterlockedFlushSList
FormatMessageA
InitializeSListHead
GetCurrentThreadId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
CreateDirectoryA
GetFileAttributesA
GetModuleFileNameA
CloseHandle
CreateToolhelp32Snapshot
WaitForSingleObject
Process32NextW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
DecodePointer
EncodePointer
FindWindowW
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
wsprintfW
EnumServicesStatusExW
LookupPrivilegeValueA
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CloseServiceHandle
OpenSCManagerW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptGenRandom
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
GetUserNameW
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
CoCreateInstance
CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoInitializeSecurity
VariantClear
SysAllocString
SysFreeString
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayGetUBound
VariantInit
WNetGetProviderNameW
GetAdaptersInfo
ioctlsocket
freeaddrinfo
getsockopt
WSARecv
connect
setsockopt
getaddrinfo
WSASocketW
send
WSASetLastError
select
WSASend
recv
WSAStartup
WSAGetLastError
closesocket
WSACleanup
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertCloseStore
CertOpenStore
StrStrIW
StrCmpIW
PathCombineW
StrToIntA
StrChrA
IternalJob
SetPath
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ