Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
cc3e22a2991382a1900d1b0d021e605a_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cc3e22a2991382a1900d1b0d021e605a_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
cc3e22a2991382a1900d1b0d021e605a_JaffaCakes118
-
Size
1.2MB
-
MD5
cc3e22a2991382a1900d1b0d021e605a
-
SHA1
590acf8cba029f42219b9f3ed763ac1182521414
-
SHA256
0a95a5da73e828965c77a0e9690585a8ca5932032fec60fda6e2d1d168809444
-
SHA512
48c4f7ab503823c6f1c98e6cb2976538214e566d33a1c3a85d0f03161a2fe0446eb9ad4068d9c62d0c13496caf1d4519824e1941110a2e154ab667bef8703cbc
-
SSDEEP
24576:8/podeTPuBoor1h8aRMSfBBsHq4qEUQoGCP07QeU1zbt9Fbx0fc:8/bTPuDr1vRMQLsHOJN0K5J9r0E
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cc3e22a2991382a1900d1b0d021e605a_JaffaCakes118
Files
-
cc3e22a2991382a1900d1b0d021e605a_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.Aspack Size: 512B - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.misswe Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE