Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
765a8df6e5b8f73ee1ed3fdf017b6ff9_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
765a8df6e5b8f73ee1ed3fdf017b6ff9_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
765a8df6e5b8f73ee1ed3fdf017b6ff9_JaffaCakes118
-
Size
185KB
-
MD5
765a8df6e5b8f73ee1ed3fdf017b6ff9
-
SHA1
07cc73dfde48b5fcf241462b1d42d3b64553e883
-
SHA256
65e87e21a627624e05521d071894d8041bae2f904fdf480d5133d17d672d55eb
-
SHA512
beef79f3cbc197af1fc80d18ba8fe7bf4acb36f556d994763363c2cbc6e8d05e1904f09173fd1498e4ea3385569412258d61199e7d4fa5254f5bb93666498e56
-
SSDEEP
3072:kLHECeIdBbtve6obdue87pXuLEupwb4DNyWRPNVKNnd5gSzXx9D2W1plcnV2SCU:ELVneJUpUx6biLPNYNn/zxZzplcnhC5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 765a8df6e5b8f73ee1ed3fdf017b6ff9_JaffaCakes118
Files
-
765a8df6e5b8f73ee1ed3fdf017b6ff9_JaffaCakes118.exe windows:4 windows x86 arch:x86
15670510d200222eb8ba783615317c04
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
shell32
SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW
user32
GetClassLongA
MessageBoxW
rpcrt4
UuidCreate
ole32
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
StringFromGUID2
CoSetProxyBlanket
kernel32
HeapCreate
HeapFree
GetThreadPriority
TlsFree
GetCurrentProcess
GetStringTypeA
GetCurrentDirectoryW
DeleteCriticalSection
SetUnhandledExceptionFilter
FlushFileBuffers
WriteConsoleA
GetConsoleMode
GetProcAddress
GetConsoleCP
InterlockedDecrement
WriteFile
WriteConsoleW
WideCharToMultiByte
TlsAlloc
GetStartupInfoA
TlsGetValue
CloseHandle
SetFilePointer
CreateFileA
GetLastError
SetCommTimeouts
GetModuleFileNameA
GetLocaleInfoA
LeaveCriticalSection
GetEnvironmentStringsW
SetHandleCount
GetSystemTimeAsFileTime
EnumSystemLocalesA
IsValidCodePage
GetLocaleInfoW
LCMapStringW
GetFullPathNameW
GlobalAlloc
GetProcessHeap
GetConsoleOutputCP
VirtualAlloc
GetTickCount
IsValidLocale
FreeEnvironmentStringsA
InterlockedIncrement
EnumResourceNamesA
GetVersionExA
GetCPInfo
TlsSetValue
EnterCriticalSection
RaiseException
VirtualFree
MultiByteToWideChar
UnhandledExceptionFilter
ExitProcess
GetStringTypeW
HeapAlloc
QueryPerformanceCounter
GetCurrentThreadId
LoadLibraryA
GetACP
HeapDestroy
GetModuleFileNameW
RtlUnwind
SetStdHandle
ReadFile
InitializeCriticalSection
TerminateProcess
FreeEnvironmentStringsW
SetEndOfFile
GetStdHandle
LCMapStringA
IsDebuggerPresent
GetModuleHandleA
HeapReAlloc
SetLastError
GetOEMCP
GetCurrentProcessId
ExitProcess
HeapSize
Sleep
GetUserDefaultLCID
GetCommandLineA
GetFileType
GetEnvironmentStrings
GetFullPathNameA
advapi32
RegCreateKeyExW
RegCloseKey
RegSetValueExW
shlwapi
SHDeleteKeyW
Sections
.text Size: 161KB - Virtual size: 160KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.crt Size: 512B - Virtual size: 216KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ