Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
e3990bdc213c9277e5da5974df16db18_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e3990bdc213c9277e5da5974df16db18_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
e3990bdc213c9277e5da5974df16db18_JaffaCakes118
-
Size
20KB
-
MD5
e3990bdc213c9277e5da5974df16db18
-
SHA1
71e78e640fd2deb40c22ddca091ad43b7cc6a645
-
SHA256
26cddaeeb7e6a597a38114e27a0cc287e6c8b060dbfd3bad9a97f7661b58a6f8
-
SHA512
eb96295b173cb2bf798654d7608e33e0a9250513747180387ae4ccc9b5adb386e3d5e4d36c35bb39b752d911135d49a6f121eba42103628bc52735be929b7381
-
SSDEEP
384:e6NIZA7hW1fqguR1+jZEt8sNrrfeK017uSlI9dATJApQ4GulmCCK:RCy7cqglaJNrrfumfQ4GuECCK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e3990bdc213c9277e5da5974df16db18_JaffaCakes118
Files
-
e3990bdc213c9277e5da5974df16db18_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.text Size: - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.mmmym Size: 46B - Virtual size: 46B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE