L:\pcTf\AwuacMut\tVmIRsv\npkkiw\uxnxxktp.pdb
Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
e2c610a8dc66be4914ef40cc90fd26c1_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
e2c610a8dc66be4914ef40cc90fd26c1_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
e2c610a8dc66be4914ef40cc90fd26c1_JaffaCakes118
-
Size
127KB
-
MD5
e2c610a8dc66be4914ef40cc90fd26c1
-
SHA1
4ff62851b7e7b101c7e63e5fd63312f7a4baba23
-
SHA256
c065e85103fef84d4c006b7c564871c4b998d87e3e3a5537eb3fd3de1ebdd9cc
-
SHA512
bab0fcebd69387a4a50d07747e8f3d4e2e3e438eb89d428c6aaef1eaa4b9ad148279bab1483d89cfde3887da287bf90b260895c604da54f0acb5d9c6114cd8ff
-
SSDEEP
3072:U09K6zz00dhADwdZxn7z1itdQ8GyzBcIG274bZhzQmeCrg34bfkg:xBdP/As8GyzBT4Zhjecg3UM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e2c610a8dc66be4914ef40cc90fd26c1_JaffaCakes118
Files
-
e2c610a8dc66be4914ef40cc90fd26c1_JaffaCakes118.exe windows:5 windows x86 arch:x86
5c659d3a9fa632d1279a24a1bdc6def2
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
gdi32
GetDIBits
IntersectClipRect
PolyBezier
StretchBlt
CreateDCW
GetDeviceCaps
CreatePalette
ScaleViewportExtEx
user32
wsprintfW
TranslateAcceleratorW
RemoveMenu
SetForegroundWindow
IsCharAlphaA
DeleteMenu
DialogBoxParamW
GetWindowTextW
GetShellWindow
GetTopWindow
HideCaret
GetKeyState
GetMenuItemCount
kernel32
LocalReAlloc
lstrlenW
SetThreadPriority
FlushViewOfFile
GetComputerNameExA
lstrcatW
SetFilePointer
GlobalMemoryStatusEx
AddAtomA
GetVersionExW
GetWindowsDirectoryW
LocalAlloc
GetTickCount
comdlg32
PrintDlgW
ReplaceTextW
GetSaveFileNameW
GetSaveFileNameA
Exports
Exports
?nvmEsEqZMrGdPGqdgbV@@YGXDD@Z
?OOhbkMMhdEjLuKdvchvj@@YGXPAJ@Z
?kMDyGRrwjx@@YGDPAF@Z
?plygyRovVyPxcffNLzqk@@YGMI@Z
?VLhxfxapo@@YGKPAE@Z
Sections
.text Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 276KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ