Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
0adee9ee23d78ff4ea559063e4ec5d7e_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0adee9ee23d78ff4ea559063e4ec5d7e_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
0adee9ee23d78ff4ea559063e4ec5d7e_JaffaCakes118
-
Size
188KB
-
MD5
0adee9ee23d78ff4ea559063e4ec5d7e
-
SHA1
c0cbead36c2e00db05308c4c1cc602ad2afc97c6
-
SHA256
8ad98ac46fce6ff5e59cb7a4d3e381c46f3841fe8a88144dccf11521e40aa6c9
-
SHA512
72f10b14dd50a922f679b95ec54581214aae3addcb86173af6d0d5630cc6cd7cdc8c7d65dff88e41fed1fbc3a55531fa84cf3b7c040604a37ab76bbda2c7befe
-
SSDEEP
3072:8J7tDo5aQ4Jm9vlReraQZVUZ89PyHL+ch1VTnIJYgcJnuY1P:M7G5aQX9XHQTUZ2yrZhHIJYgcJnuY1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0adee9ee23d78ff4ea559063e4ec5d7e_JaffaCakes118
Files
-
0adee9ee23d78ff4ea559063e4ec5d7e_JaffaCakes118.exe windows:4 windows x86 arch:x86
5f6834d681770ca0eb470d4dbd818094
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
msvcrt
strcmp
_itoa
strlen
free
malloc
_stricmp
_strlwr
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
strstr
strncpy
_CxxThrowException
__CxxFrameHandler
_except_handler3
memset
strchr
strncat
strcat
??2@YAPAXI@Z
memcpy
??3@YAXPAX@Z
tolower
toupper
_ftol
srand
rand
strcpy
_strnicmp
sfc
SfcIsFileProtected
user32
wsprintfA
CharNextA
shlwapi
SHDeleteKeyA
kernel32
DeleteFileA
LoadLibraryA
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
GetStartupInfoA
WideCharToMultiByte
GetCommandLineA
SetUnhandledExceptionFilter
OpenEventA
ExpandEnvironmentStringsA
GetShortPathNameA
CreateEventA
WaitForSingleObject
Sleep
GetModuleFileNameA
lstrcmpiA
FindFirstFileA
FindNextFileA
CreateFileA
WriteFile
SetFilePointer
GetFileTime
SetFileTime
MoveFileA
GetTempPathA
SetEnvironmentVariableA
ExitProcess
GetProcessHeap
HeapAlloc
GetModuleHandleA
GetProcAddress
HeapFree
GetWindowsDirectoryA
MultiByteToWideChar
GetSystemDirectoryA
lstrcatA
GetTickCount
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
Process32Next
CloseHandle
SetFileAttributesA
lstrlenA
GetLastError
CreateDirectoryA
GetFileAttributesA
lstrcpyA
netapi32
NetUserGetLocalGroups
NetApiBufferFree
Sections
.text Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 160KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ