shlwapi.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
JaffaCakes118_07fd27c6fb75e536791b2ed198731580.dll
Resource
win7-20241010-en
windows7-x64
13 signatures
150 seconds
General
-
Target
JaffaCakes118_07fd27c6fb75e536791b2ed198731580
-
Size
518KB
-
MD5
07fd27c6fb75e536791b2ed198731580
-
SHA1
af8364513906b738a40be70c15b2d20d7407b53c
-
SHA256
b76c839e5d5e62af94fb460ed05241699d19f60a3ec55dbf8b36e9728fd7322f
-
SHA512
d4290bc52a59d6a7326a33ee5c5f18abf54cacea0e847709eeabab45d4cab378be44de0d3e8a051c51eb58e5b3861a5d711df4b81de036a592be3b45a13d94eb
-
SSDEEP
12288:g5nLZdcEFsC9xj7FC98/NbEDHHvKCyeFNRV7XNxNxftOoeBYR7YrbqFv:g5LZd9FsC9xj7898tEDHPKCyeFNRPxND
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_07fd27c6fb75e536791b2ed198731580
Files
-
JaffaCakes118_07fd27c6fb75e536791b2ed198731580.dll windows:5 windows x86 arch:x86
7fdca807e3500a6a8bf9fb27f842ae9b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
advapi32
RegCloseKey
GetCurrentHwProfileA
OpenThreadToken
RegEnumValueW
RegSetValueExW
RegSetValueW
RegSetValueA
RegQueryValueExW
RegQueryValueW
RegQueryValueA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyW
RegOpenKeyA
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumValueA
RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryValueExA
GetTokenInformation
OpenProcessToken
GetAce
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessDeniedAce
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
GetUserNameA
GetUserNameW
RegCreateKeyA
RegCreateKeyW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegOpenKeyExA
gdi32
CreateICW
EnumFontFamiliesA
EnumFontFamiliesW
EnumFontFamiliesExA
EnumFontFamiliesExW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextFaceA
GetTextFaceW
GetCharacterPlacementA
GetCharacterPlacementW
CreateFontA
CreateFontW
CreateMetaFileA
CreateMetaFileW
StartDocA
StartDocW
GetTextExtentPointW
ExtTextOutA
GetDIBits
CreatePalette
GetSystemPaletteEntries
CreateCompatibleDC
DeleteObject
GetPaletteEntries
CreateHalftonePalette
GetStockObject
GetDeviceCaps
CreateBitmap
CreateCompatibleBitmap
SelectObject
GetTextExtentPointA
CreateFontIndirectA
CreateFontIndirectW
GetObjectA
GetObjectW
GetTextMetricsA
GetTextMetricsW
SetTextColor
SetBkMode
ExtTextOutW
SetBkColor
GetCharWidthA
GetCharWidth32W
CreateColorSpaceA
CreateColorSpaceW
CreateDCA
CreateDCW
DeleteDC
CreateICA
kernel32
DebugBreak
GetWindowsDirectoryA
SetLastError
LeaveCriticalSection
FlushFileBuffers
WriteFile
SetFilePointer
CreateFileA
EnterCriticalSection
GetSystemTime
GetCurrentThreadId
GetTickCount
IsDBCSLeadByte
GetCPInfo
lstrcmpA
GetThreadLocale
CompareStringA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ExpandEnvironmentStringsA
GetFileAttributesA
SetErrorMode
GetFullPathNameA
SearchPathA
GetSystemDirectoryA
SetFileAttributesA
LCMapStringA
FindClose
FindNextFileA
FindFirstFileA
SetFileTime
GetEnvironmentVariableA
CreateEventW
EnumResourceNamesA
EnumResourceNamesW
FindNextFileW
SizeofResource
LockResource
LoadResource
FindResourceA
IsBadReadPtr
IsBadStringPtrW
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
CreateDirectoryA
CreateDirectoryW
CreateFileW
DeleteFileA
DeleteFileW
QueryPerformanceFrequency
FindResourceW
FormatMessageA
FormatMessageW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetFileAttributesW
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameW
GetSystemDirectoryW
SearchPathW
GetModuleHandleA
GetModuleHandleW
SetFileAttributesW
GetNumberFormatA
GetNumberFormatW
GetFullPathNameW
GetShortPathNameA
GetShortPathNameW
GetStringTypeExA
GetStringTypeExW
QueryPerformanceCounter
GetPrivateProfileIntW
GetProfileStringA
GetProfileStringW
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetWindowsDirectoryW
GetEnvironmentVariableW
LoadLibraryExA
LoadLibraryExW
CompareStringW
CopyFileA
CopyFileW
MoveFileA
MoveFileW
OpenEventA
OpenEventW
OutputDebugStringA
OutputDebugStringW
RemoveDirectoryA
RemoveDirectoryW
SetCurrentDirectoryA
SetCurrentDirectoryW
CreateMutexA
CreateMutexW
ExpandEnvironmentStringsW
CreateSemaphoreA
CreateSemaphoreW
LoadLibraryW
GetTimeFormatA
GetTimeFormatW
GetDateFormatA
GetDateFormatW
WritePrivateProfileStringA
WritePrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileStringW
WritePrivateProfileStructA
WritePrivateProfileStructW
GetPrivateProfileStructA
GetPrivateProfileStructW
CreateProcessA
CreateProcessW
GlobalAddAtomA
GlobalAddAtomW
GlobalFindAtomA
GlobalFindAtomW
lstrcpyA
FreeLibrary
LCMapStringW
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
FileTimeToLocalFileTime
InterlockedIncrement
InterlockedDecrement
CompareFileTime
ReadFile
GetFileSize
TlsSetValue
TlsGetValue
GlobalMemoryStatus
GlobalDeleteAtom
GetProcessVersion
GetComputerNameW
GetCurrentThread
FreeLibraryAndExitThread
CreateThread
VirtualQuery
GetACP
GetUserDefaultLCID
IsBadWritePtr
InterlockedExchange
SetEndOfFile
GetFileInformationByHandle
LocalSize
SleepEx
QueueUserAPC
ExitThread
GetVersionExA
InterlockedCompareExchange
WaitForSingleObject
ReleaseSemaphore
OpenSemaphoreA
HeapDestroy
HeapAlloc
HeapCreate
DeviceIoControl
GetSystemPowerStatus
RaiseException
GetFileAttributesExW
GetPrivateProfileSectionW
WaitForMultipleObjectsEx
GetFileTime
lstrcmpW
lstrcpynA
LoadLibraryA
GetProcAddress
CreateEventA
SetEvent
GetModuleFileNameA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetCurrentProcessId
OpenProcess
GetCurrentProcess
CloseHandle
DuplicateHandle
lstrcmpiA
lstrlenA
lstrlenW
GetLastError
WideCharToMultiByte
MultiByteToWideChar
LocalReAlloc
LocalAlloc
LocalFree
DisableThreadLibraryCalls
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
TlsFree
GetPrivateProfileIntA
FindFirstFileW
Sleep
msvcrt
_adjust_fdiv
malloc
_initterm
free
_strlwr
_wtol
iswalpha
_except_handler3
wcslen
memmove
_vsnwprintf
_vsnprintf
user32
CreateAcceleratorTableA
CreateAcceleratorTableW
CreateDialogIndirectParamA
CreateDialogIndirectParamW
CreateDialogParamA
CreateDialogParamW
DefWindowProcA
DefWindowProcW
DialogBoxIndirectParamA
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DispatchMessageA
DispatchMessageW
GetClassLongW
GetMessageA
GetMessageW
GetWindowLongA
GetWindowLongW
GetWindowTextLengthA
GetWindowTextLengthW
IsDialogMessageA
IsDialogMessageW
LoadAcceleratorsA
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
CreateIconFromResource
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
LoadImageA
DeleteMenu
DestroyMenu
SystemParametersInfoA
DrawTextA
CopyRect
OffsetRect
GetSysColor
GetWindowThreadProcessId
IsWindow
TrackPopupMenu
TrackPopupMenuEx
LoadStringW
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostThreadMessageA
PostThreadMessageW
SetWindowLongA
SetWindowLongW
SetWindowsHookExA
SetWindowsHookExW
TranslateAcceleratorA
TranslateAcceleratorW
wvsprintfW
GetMenuItemInfoW
InsertMenuItemA
InsertMenuItemW
DdeInitializeA
DdeInitializeW
CharLowerW
CharToOemA
CharToOemW
CharUpperW
CreateWindowExA
CreateWindowExW
DrawTextW
FindWindowExA
FindWindowExW
GetClassInfoA
GetClassInfoW
GetClassNameW
GetClipboardFormatNameA
GetClipboardFormatNameW
MessageBoxA
MessageBoxW
GetPropA
GetPropW
GetWindowTextW
LoadImageW
CreateMenu
SetMenuContextHelpId
LoadMenuA
LoadMenuW
GetMenuStringA
GetMenuStringW
InsertMenuA
InsertMenuW
MessageBoxIndirectA
MessageBoxIndirectW
ModifyMenuA
ModifyMenuW
OemToCharA
OemToCharW
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterClipboardFormatW
RegisterWindowMessageA
RegisterWindowMessageW
RemovePropA
RemovePropW
SendMessageTimeoutA
SendMessageW
SetPropA
SetPropW
SetWindowTextW
SystemParametersInfoW
UnregisterClassA
UnregisterClassW
VkKeyScanA
VkKeyScanW
WinHelpW
DrawTextExA
DrawTextExW
SetMenuItemInfoA
SetMenuItemInfoW
RegisterClassExA
RegisterClassExW
GetClassInfoExA
GetClassInfoExW
DdeCreateStringHandleA
DdeCreateStringHandleW
DdeQueryStringA
DdeQueryStringW
FindWindowW
SendDlgItemMessageW
SendMessageTimeoutW
DestroyAcceleratorTable
GetKeyState
SetParent
GetParent
RemoveMenu
GetSubMenu
EnumChildWindows
IsWindowUnicode
EnableMenuItem
CheckMenuItem
DeferWindowPos
MapWindowPoints
SendDlgItemMessageA
SetWindowPos
GetWindowRect
EndDeferWindowPos
BeginDeferWindowPos
EnableWindow
ShowWindow
SetFocus
IsDlgButtonChecked
EndDialog
MsgWaitForMultipleObjects
IsChild
GetMenuDefaultItem
CreatePopupMenu
SetCursor
FindWindowA
EnumWindows
TranslateMessage
UpdateWindow
InvalidateRect
EndPaint
BeginPaint
DrawFocusRect
GetFocus
ValidateRect
EqualRect
GetUpdateRect
GetDesktopWindow
BroadcastSystemMessage
CharNextW
CopyAcceleratorTableW
CopyAcceleratorTableA
CharUpperBuffW
CharLowerBuffW
CallMsgFilterW
CallMsgFilterA
CallWindowProcW
CallWindowProcA
GetDlgItem
GetClientRect
SendMessageA
SetWindowTextA
CharUpperA
CharPrevA
GetDC
GetIconInfo
DrawIconEx
CreateIconIndirect
ReleaseDC
DestroyIcon
CharNextA
GetClassLongA
SetTimer
KillTimer
GetWindowTextA
GetClassNameA
GetSystemMetrics
GetMenuItemCount
GetMenuItemInfoA
WinHelpA
LoadStringA
Exports
Exports
AssocCreate
AssocGetPerceivedType
AssocIsDangerous
AssocQueryKeyA
AssocQueryKeyW
AssocQueryStringA
AssocQueryStringByKeyA
AssocQueryStringByKeyW
AssocQueryStringW
ChrCmpIA
ChrCmpIW
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
DelayLoadFailureHook
DllGetVersion
GetAcceptLanguagesA
GetAcceptLanguagesW
GetMenuPosFromID
HashData
IntlStrEqWorkerA
IntlStrEqWorkerW
IsCharSpaceA
IsCharSpaceW
PathAddBackslashA
PathAddBackslashW
PathAddExtensionA
PathAddExtensionW
PathAppendA
PathAppendW
PathBuildRootA
PathBuildRootW
PathCanonicalizeA
PathCanonicalizeW
PathCombineA
PathCombineW
PathCommonPrefixA
PathCommonPrefixW
PathCompactPathA
PathCompactPathExA
PathCompactPathExW
PathCompactPathW
PathCreateFromUrlA
PathCreateFromUrlW
PathFileExistsA
PathFileExistsW
PathFindExtensionA
PathFindExtensionW
PathFindFileNameA
PathFindFileNameW
PathFindNextComponentA
PathFindNextComponentW
PathFindOnPathA
PathFindOnPathW
PathFindSuffixArrayA
PathFindSuffixArrayW
PathGetArgsA
PathGetArgsW
PathGetCharTypeA
PathGetCharTypeW
PathGetDriveNumberA
PathGetDriveNumberW
PathIsContentTypeA
PathIsContentTypeW
PathIsDirectoryA
PathIsDirectoryEmptyA
PathIsDirectoryEmptyW
PathIsDirectoryW
PathIsFileSpecA
PathIsFileSpecW
PathIsLFNFileSpecA
PathIsLFNFileSpecW
PathIsNetworkPathA
PathIsNetworkPathW
PathIsPrefixA
PathIsPrefixW
PathIsRelativeA
PathIsRelativeW
PathIsRootA
PathIsRootW
PathIsSameRootA
PathIsSameRootW
PathIsSystemFolderA
PathIsSystemFolderW
PathIsUNCA
PathIsUNCServerA
PathIsUNCServerShareA
PathIsUNCServerShareW
PathIsUNCServerW
PathIsUNCW
PathIsURLA
PathIsURLW
PathMakePrettyA
PathMakePrettyW
PathMakeSystemFolderA
PathMakeSystemFolderW
PathMatchSpecA
PathMatchSpecW
PathParseIconLocationA
PathParseIconLocationW
PathQuoteSpacesA
PathQuoteSpacesW
PathRelativePathToA
PathRelativePathToW
PathRemoveArgsA
PathRemoveArgsW
PathRemoveBackslashA
PathRemoveBackslashW
PathRemoveBlanksA
PathRemoveBlanksW
PathRemoveExtensionA
PathRemoveExtensionW
PathRemoveFileSpecA
PathRemoveFileSpecW
PathRenameExtensionA
PathRenameExtensionW
PathSearchAndQualifyA
PathSearchAndQualifyW
PathSetDlgItemPathA
PathSetDlgItemPathW
PathSkipRootA
PathSkipRootW
PathStripPathA
PathStripPathW
PathStripToRootA
PathStripToRootW
PathUnExpandEnvStringsA
PathUnExpandEnvStringsW
PathUndecorateA
PathUndecorateW
PathUnmakeSystemFolderA
PathUnmakeSystemFolderW
PathUnquoteSpacesA
PathUnquoteSpacesW
SHAllocShared
SHAutoComplete
SHCopyKeyA
SHCopyKeyW
SHCreateShellPalette
SHCreateStreamOnFileA
SHCreateStreamOnFileEx
SHCreateStreamOnFileW
SHCreateStreamWrapper
SHCreateThread
SHCreateThreadRef
SHDeleteEmptyKeyA
SHDeleteEmptyKeyW
SHDeleteKeyA
SHDeleteKeyW
SHDeleteOrphanKeyA
SHDeleteOrphanKeyW
SHDeleteValueA
SHDeleteValueW
SHEnumKeyExA
SHEnumKeyExW
SHEnumValueA
SHEnumValueW
SHFreeShared
SHGetInverseCMAP
SHGetThreadRef
SHGetValueA
SHGetValueW
SHGetViewStatePropertyBag
SHIsLowMemoryMachine
SHLoadIndirectString
SHLockShared
SHOpenRegStream2A
SHOpenRegStream2W
SHOpenRegStreamA
SHOpenRegStreamW
SHQueryInfoKeyA
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegCloseUSKey
SHRegCreateUSKeyA
SHRegCreateUSKeyW
SHRegDeleteEmptyUSKeyA
SHRegDeleteEmptyUSKeyW
SHRegDeleteUSValueA
SHRegDeleteUSValueW
SHRegDuplicateHKey
SHRegEnumUSKeyA
SHRegEnumUSKeyW
SHRegEnumUSValueA
SHRegEnumUSValueW
SHRegGetBoolUSValueA
SHRegGetBoolUSValueW
SHRegGetPathA
SHRegGetPathW
SHRegGetUSValueA
SHRegGetUSValueW
SHRegGetValueA
SHRegGetValueW
SHRegOpenUSKeyA
SHRegOpenUSKeyW
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegQueryUSValueW
SHRegSetPathA
SHRegSetPathW
SHRegSetUSValueA
SHRegSetUSValueW
SHRegWriteUSValueA
SHRegWriteUSValueW
SHRegisterValidateTemplate
SHReleaseThreadRef
SHSetThreadRef
SHSetValueA
SHSetValueW
SHSkipJunction
SHStrDupA
SHStrDupW
SHUnlockShared
StrCSpnA
StrCSpnIA
StrCSpnIW
StrCSpnW
StrCatBuffA
StrCatBuffW
StrCatChainW
StrCatW
StrChrA
StrChrIA
StrChrIW
StrChrNIW
StrChrNW
StrChrW
StrCmpCA
StrCmpCW
StrCmpICA
StrCmpICW
StrCmpIW
StrCmpLogicalW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrCmpW
StrCpyNW
StrCpyW
StrDupA
StrDupW
StrFormatByteSize64A
StrFormatByteSizeA
StrFormatByteSizeW
StrFormatKBSizeA
StrFormatKBSizeW
StrFromTimeIntervalA
StrFromTimeIntervalW
StrIsIntlEqualA
StrIsIntlEqualW
StrNCatA
StrNCatW
StrPBrkA
StrPBrkW
StrRChrA
StrRChrIA
StrRChrIW
StrRChrW
StrRStrIA
StrRStrIW
StrRetToBSTR
StrRetToBufA
StrRetToBufW
StrRetToStrA
StrRetToStrW
StrSpnA
StrSpnW
StrStrA
StrStrIA
StrStrIW
StrStrNIW
StrStrNW
StrStrW
StrToInt64ExA
StrToInt64ExW
StrToIntA
StrToIntExA
StrToIntExW
StrToIntW
StrTrimA
StrTrimW
UrlApplySchemeA
UrlApplySchemeW
UrlCanonicalizeA
UrlCanonicalizeW
UrlCombineA
UrlCombineW
UrlCompareA
UrlCompareW
UrlCreateFromPathA
UrlCreateFromPathW
UrlEscapeA
UrlEscapeW
UrlGetLocationA
UrlGetLocationW
UrlGetPartA
UrlGetPartW
UrlHashA
UrlHashW
UrlIsA
UrlIsNoHistoryA
UrlIsNoHistoryW
UrlIsOpaqueA
UrlIsOpaqueW
UrlIsW
UrlUnescapeA
UrlUnescapeW
wnsprintfA
wnsprintfW
wvnsprintfA
wvnsprintfW
Sections
.text Size: 431KB - Virtual size: 430KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rmnet Size: 56KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE