Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
765c661785dabc5692bf2560b5ddb7a8_JaffaCakes118.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
765c661785dabc5692bf2560b5ddb7a8_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
765c661785dabc5692bf2560b5ddb7a8_JaffaCakes118
-
Size
133KB
-
MD5
765c661785dabc5692bf2560b5ddb7a8
-
SHA1
bdfdeacb530e31171c33c93c4d5338d18bfdde61
-
SHA256
099abdd3556d9f39ee963c663479fb2aa74af294ddadae6ef83ba71b7d035564
-
SHA512
2a7964535c1e5bc3c2f12478dc21e089fac2850ca9f452f92303c807a2d5bd2c2443497600474510c4ba578cd18f866831b1c054a51d67fccac360aa5392bff8
-
SSDEEP
3072:PegF2jRYn8cdwdA/lVhWsf0sbbHB5FeXDRLumUggT:mgF2p3A/rAsf0sXDFqRKu6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 765c661785dabc5692bf2560b5ddb7a8_JaffaCakes118
Files
-
765c661785dabc5692bf2560b5ddb7a8_JaffaCakes118.exe windows:4 windows x86 arch:x86
632a8128f2a4ac5fbb9c84edf35fdfb6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
shell32
SHChangeNotify
SHGetFolderPathW
SHCreateDirectoryExA
SHGetSpecialFolderPathA
SHCreateDirectoryExW
SHGetSpecialFolderPathW
shlwapi
PathFindFileNameA
PathIsDirectoryEmptyA
PathFileExistsW
StrStrW
PathAppendW
PathAddExtensionW
PathRemoveBackslashW
PathFindExtensionW
PathRemoveFileSpecA
PathCanonicalizeA
PathAddBackslashW
PathFindExtensionA
PathFileExistsA
PathIsDirectoryA
StrStrA
PathAppendA
PathFindFileNameW
PathIsDirectoryW
PathRemoveFileSpecW
PathCanonicalizeW
PathIsDirectoryEmptyW
kernel32
Sleep
LocalFree
GetStringTypeW
GlobalDeleteAtom
HeapFree
OutputDebugStringA
ReadFile
DeleteFileW
MultiByteToWideChar
TlsGetValue
FormatMessageW
IsBadWritePtr
VirtualProtect
SetUnhandledExceptionFilter
VirtualQuery
GlobalReAlloc
GetVersion
MoveFileA
GlobalAddAtomW
lstrlenW
GetLocaleInfoW
HeapSize
QueryPerformanceCounter
LoadResource
GetCurrentProcessId
GetModuleHandleW
GlobalUnlock
GetStdHandle
GlobalAlloc
FindResourceW
WriteFile
RaiseException
GetStringTypeA
FindClose
LocalReAlloc
GetFullPathNameA
FlushFileBuffers
GetACP
OutputDebugStringW
GetProcAddress
EnumSystemLocalesW
lstrcatW
FreeEnvironmentStringsW
GetStartupInfoA
GetUserDefaultLangID
SetHandleCount
GetTempPathW
GetSystemInfo
SetFileAttributesW
lstrcmpW
LockResource
GetCPInfo
ProcessIdToSessionId
GetUserDefaultUILanguage
FreeEnvironmentStringsA
VirtualFree
DeleteFileA
IsBadReadPtr
EnumResourceLanguagesA
CopyFileW
SetStdHandle
GetTickCount
lstrcpynW
GetEnvironmentStringsW
GetEnvironmentStrings
HeapReAlloc
FindFirstFileExA
GetFileType
GetThreadLocale
FindNextFileW
GlobalFlags
TlsGetValue
InterlockedIncrement
TlsSetValue
CreateDirectoryW
LCMapStringA
GetCurrentProcess
SetFilePointer
InterlockedExchange
GetCurrentThreadId
LoadLibraryA
GetVersionExW
TerminateProcess
HeapDestroy
UnhandledExceptionFilter
RtlUnwind
GetShortPathNameA
FindNextFileA
VirtualAlloc
GlobalFindAtomW
HeapAlloc
GetSystemDefaultLangID
GetSystemTimeAsFileTime
GetCommandLineW
GetFullPathNameW
GetModuleHandleA
SetFileAttributesA
SetLastError
EnumUILanguagesW
lstrlenA
InterlockedDecrement
ExitProcess
GetLastError
GetLocaleInfoA
FindFirstFileExW
GetStartupInfoW
WideCharToMultiByte
GlobalFree
ExitProcess
EnterCriticalSection
IsBadCodePtr
TlsAlloc
LocalAlloc
GetShortPathNameW
CloseHandle
GlobalLock
MoveFileW
lstrcpyW
GetModuleFileNameW
CreateFileMappingW
TlsFree
CopyFileA
RemoveDirectoryW
HeapCreate
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SizeofResource
GlobalHandle
GetCommandLineA
GetVersionExA
FreeLibrary
GetModuleFileNameA
LCMapStringW
GetOEMCP
CreateDirectoryA
RemoveDirectoryA
advapi32
RegCreateKeyExA
RegQueryValueExW
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExA
RegQueryValueExA
RegSetValueExW
RegCloseKey
ole32
CoCreateInstance
CoInitialize
CoUninitialize
gdi32
RectVisible
TextOutW
SetViewportOrgEx
SetMapMode
SetWindowExtEx
DeleteDC
SaveDC
SetBkColor
DeleteObject
RestoreDC
PtVisible
ScaleViewportExtEx
SetTextColor
OffsetViewportOrgEx
GetDeviceCaps
Escape
SelectObject
ScaleWindowExtEx
ExtTextOutW
CreateBitmap
GetStockObject
GetClipBox
SetViewportExtEx
user32
ModifyMenuW
GetLastActivePopup
GetDlgItem
RemovePropW
ClientToScreen
IsIconic
GetSystemMetrics
SystemParametersInfoA
GetClassInfoW
SendMessageW
SetPropW
EnableMenuItem
GetClientRect
CopyRect
GetFocus
GetMenu
UnregisterClassW
SetWindowTextW
GetMenuState
GetDlgCtrlID
GetDC
GrayStringW
GetSubMenu
AdjustWindowRectEx
GetClassInfoExW
CallNextHookEx
GetSysColorBrush
GetClassNameW
SetWindowsHookExW
ValidateRect
LoadBitmapW
UnhookWindowsHookEx
GetWindowTextW
CallWindowProcW
DrawTextExW
GetForegroundWindow
LoadIconW
DestroyMenu
GetSysColor
TabbedTextOutW
CreateWindowExW
PostQuitMessage
EnableWindow
GetWindowLongW
GetParent
DispatchMessageW
GetTopWindow
LoadCursorW
DestroyWindow
MapWindowPoints
PostMessageW
SetWindowPos
CheckMenuItem
RegisterClassW
GetWindowPlacement
GetWindow
GetKeyState
WinHelpW
GetMessageTime
ReleaseDC
DrawTextW
SetMenuItemBitmaps
PeekMessageW
SetWindowLongW
GetMenuItemID
GetMessagePos
SetForegroundWindow
MessageBoxW
PtInRect
GetWindowRect
IsWindowEnabled
GetPropW
GetMenuCheckMarkDimensions
DefWindowProcW
GetMenuItemCount
GetClassLongW
GetCapture
RegisterWindowMessageW
winspool.drv
OpenPrinterW
ClosePrinter
DocumentPropertiesW
oleacc
CreateStdAccessibleObject
LresultFromObject
Sections
.text Size: 105KB - Virtual size: 105KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 328KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ