??������?��?��?_??��yD��
init
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
3332d48869a748ea708b00706277e400_JaffaCakes118.dll
Resource
win7-20240221-en
Target
3332d48869a748ea708b00706277e400_JaffaCakes118
Size
3.2MB
MD5
3332d48869a748ea708b00706277e400
SHA1
add4d2914a06aef97385f212e75994430d92aeb5
SHA256
8027f64cfb0177e7dbd26c5e0c5b2f850903d3a3747bec6a1831c3ebeb4e4892
SHA512
52f098f37cc434a3fbf46771f9f545a2f9853ac4e0844f8042ef900bc61e153f559b8b83970619a7081f3f20a174829bd6939d7c8383d8e8a1dc4e448fbb7372
SSDEEP
49152:SIfC8oGD3PzkRGN1yQMGfsdlg4J37YICsr4U0FXMXSo2YSBSK+Y/uX6w6Vg0liS2:SIq854UlM2s04l7Yvel0C4NzBGuVnk
| resource | yara_rule |
|---|---|
| sample | vmprotect |
Checks for missing Authenticode signature.
| resource |
|---|
| 3332d48869a748ea708b00706277e400_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
LCMapStringA
GetCommandLineA
GetCurrentDirectoryA
GetDiskFreeSpaceA
MulDiv
GetUserDefaultLCID
SetEndOfFile
SetFilePointer
GetLocalTime
RemoveDirectoryA
GetStartupInfoA
SetFileAttributesA
WriteFile
FindClose
FindFirstFileA
FindNextFileA
GetFileSize
Sleep
GetModuleFileNameA
IsBadReadPtr
HeapFree
HeapReAlloc
ExitProcess
GetTempPathA
IsWow64Process
GetVersionExA
SetWaitableTimer
CreateWaitableTimerA
InterlockedExchange
InterlockedExchangeAdd
GlobalFree
GlobalSize
GlobalUnlock
GlobalLock
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
DeleteFileA
DeviceIoControl
GetCurrentThread
WriteProcessMemory
lstrlenW
GetComputerNameA
RemoveVectoredExceptionHandler
SetProcessWorkingSetSize
Module32Next
SetThreadPriority
SetThreadContext
ResumeThread
AddVectoredExceptionHandler
VirtualQueryEx
VirtualFreeEx
DuplicateHandle
GetQueuedCompletionStatus
SetEvent
CreateThread
CreateIoCompletionPort
QueryDepthSList
InitializeSListHead
HeapCreate
VirtualFree
HeapDestroy
PostQueuedCompletionStatus
InterlockedCompareExchange
WaitForSingleObject
LocalSize
LocalFree
VirtualAlloc
LocalAlloc
GetSystemInfo
TerminateProcess
lstrcpynA
CreateEventA
OpenEventA
ExitThread
Module32First
MoveFileExA
SuspendThread
GetDriveTypeA
CreateFileA
InterlockedPushEntrySList
GetLastError
InterlockedDecrement
InterlockedIncrement
RtlZeroMemory
InterlockedPopEntrySList
VirtualQuery
HeapAlloc
GetProcessHeap
GetTickCount
GlobalMemoryStatusEx
Process32Next
Process32First
OpenProcess
lstrcpyn
QueryDosDeviceA
GetLogicalDriveStringsA
FreeLibrary
VirtualProtect
GetProcAddress
LoadLibraryA
TerminateThread
OpenThread
WaitForSingleObjectEx
GetExitCodeProcess
ReadFile
PeekNamedPipe
CloseHandle
CreateProcessA
CreatePipe
DebugActiveProcessStop
ContinueDebugEvent
WaitForDebugEvent
DebugActiveProcess
ReadProcessMemory
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
GetSystemDirectoryA
GetTempFileNameA
VirtualAllocEx
CopyFileA
CreateRemoteThread
RtlMoveMemory
GetModuleHandleA
GetCurrentProcess
GetCurrentProcessId
OutputDebugStringA
Thread32Next
SetEnvironmentVariableA
CompareStringW
CompareStringA
Thread32First
CreateToolhelp32Snapshot
IsBadCodePtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
LCMapStringW
IsBadWritePtr
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStdHandle
SetHandleCount
GetFileType
SetStdHandle
HeapSize
GetACP
GetSystemTime
RaiseException
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GetStringTypeExA
FlushFileBuffers
DeleteCriticalSection
lstrlenA
GetWindowsDirectoryA
GetTimeZoneInformation
SetLastError
lstrcpyA
lstrcatA
LockResource
LoadResource
FindResourceA
GetVersion
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
GetWindowLongA
PtInRect
PostQuitMessage
PostMessageA
SetCursor
GetLastActivePopup
ValidateRect
GetKeyState
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
RegisterClipboardFormatA
ClientToScreen
TabbedTextOutA
DrawTextA
GrayStringA
UnhookWindowsHookEx
DestroyWindow
CreateDialogIndirectParamA
EndDialog
UnregisterClassA
GetMenuItemCount
SendDlgItemMessageA
IsDialogMessageA
SetWindowPos
SetFocus
GetWindowPlacement
IsIconic
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
SetWindowLongA
GetDlgItem
UpdateWindow
SystemParametersInfoA
FindWindowA
DispatchMessageA
SetWindowTextA
GetDesktopWindow
GetWindow
GetClassNameA
SendMessageA
SendMessageTimeoutA
GetWindowRect
GetSystemMetrics
SetForegroundWindow
SetActiveWindow
GetActiveWindow
IsWindowEnabled
GetWindowThreadProcessId
ScreenToClient
GetWindowInfo
GetParent
SetWindowsHookExA
CallNextHookEx
MessageBoxA
MessageBoxTimeoutA
ShowWindow
EnumDisplaySettingsA
IsWindow
IsWindowVisible
GetWindowTextA
BlockInput
ClipCursor
GetDC
GetForegroundWindow
EnumChildWindows
RegisterShellHookWindow
GetClientRect
GetWindowTextLengthA
EnumWindows
GetCursorPos
ReleaseDC
EnableWindow
MsgWaitForMultipleObjects
PostThreadMessageA
TranslateMessage
GetMessageA
PeekMessageA
GetDlgCtrlID
AdjustWindowRectEx
WindowFromDC
RegisterWindowMessageA
wsprintfA
CryptGetHashParam
RegOpenKeyExA
RegDeleteValueA
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash
RegCreateKeyExA
RegEnumValueA
RegEnumKeyA
RegCloseKey
OpenSCManagerA
GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
CloseServiceHandle
CreateServiceA
OpenServiceA
StartServiceA
ControlService
DeleteService
QueryServiceStatusEx
GetServiceDisplayNameA
GetServiceKeyNameA
EnumServicesStatusExA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegDeleteKeyA
OleInitialize
CLSIDFromString
CreateStreamOnHGlobal
GetHGlobalFromStream
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
TextOutA
DeleteDC
DeleteObject
GdiFlush
BitBlt
SelectObject
CreateDIBSection
CreateCompatibleDC
SetViewportExtEx
ScaleViewportExtEx
CreateBitmap
ScaleWindowExtEx
GetClipBox
CreateCompatibleBitmap
StretchBlt
GetCurrentObject
GetObjectA
GetBitmapBits
SetDIBits
GetObjectType
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
GetStockObject
GetPixel
SetWindowExtEx
Escape
ExtTextOutA
RectVisible
PtVisible
WSACleanup
WSAStartup
closesocket
ioctlsocket
bind
gethostbyname
inet_addr
ntohs
gethostname
socket
htons
connect
send
recv
select
listen
accept
__WSAFDIsSet
getpeername
htonl
recvfrom
sendto
getsockname
InternetConnectA
InternetOpenA
InternetSetOptionA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetCanonicalizeUrlA
InternetCrackUrlA
WSARecv
WSCEnumProtocols
WSAIoctl
WSASend
WSASocketA
IcmpCreateFile
PathUnExpandEnvStringsA
PathIsDirectoryA
PathFindFileNameA
PathFileExistsA
DnsFlushResolverCache
GetMappedFileNameA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiClassGuidsFromNameA
NetApiBufferFree
NetServerEnum
GdipCreateBitmapFromStream
GdiplusStartup
GdipSaveImageToStream
GdipDisposeImage
ord42
ord8
SHGetSpecialFolderPathA
RasGetEntryDialParamsA
RasEnumEntriesA
RasHangUpA
RasGetConnectStatusA
DocumentPropertiesA
OpenPrinterA
ClosePrinter
ord17
??������?��?��?_??��yD��
init
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ