Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
76437e3cf950c5d9310987b3fc105b3b_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
76437e3cf950c5d9310987b3fc105b3b_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
76437e3cf950c5d9310987b3fc105b3b_JaffaCakes118
-
Size
815KB
-
MD5
76437e3cf950c5d9310987b3fc105b3b
-
SHA1
1b1b0c0fc378ee6fba8a6532b2795925b1a543b2
-
SHA256
b8096f632310bfa6874258f6feac5846ee1d54a3ed1bd66eef084b9017c9a82e
-
SHA512
57c176f17fc39c1708065f3aacbfb83e6171c5c774dd0676196f40404c8889ab0583c77c5fbab4921da2dfd893b9eb9a5121d2a283259d810bcabba611ae1d14
-
SSDEEP
24576:5vchN+vmdA7/zpoSNjO0jefOS+y2wrG/4bl:lCemdMoSIf92wTp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 76437e3cf950c5d9310987b3fc105b3b_JaffaCakes118
Files
-
76437e3cf950c5d9310987b3fc105b3b_JaffaCakes118.exe windows:4 windows x86 arch:x86
cc5fd425970903e4c8537ce6736dfad7
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateMutexA
LoadLibraryExW
GetACP
GetLastError
FreeConsole
TlsGetValue
GlobalUnlock
FindClose
HeapCreate
GetModuleHandleA
CreateFileA
LocalFree
SetLastError
FreeEnvironmentStringsA
HeapDestroy
UnmapViewOfFile
SetVolumeMountPointA
ExitProcess
MapViewOfFile
IsBadCodePtr
user32
DispatchMessageA
CopyRect
DefWindowProcW
GetIconInfo
GetDlgItem
DrawEdge
IsWindow
CheckRadioButton
GetDC
DrawMenuBar
CallWindowProcA
GetFocus
FillRect
MessageBoxA
uxtheme
DrawThemeText
GetThemeRect
DrawThemeIcon
DrawThemeEdge
GetThemeSysInt
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1024B - Virtual size: 522B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ