Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_8c98eb666a6d89d604e514fc75bba87f.exe
Resource
win7-20240729-en
General
-
Target
JaffaCakes118_8c98eb666a6d89d604e514fc75bba87f
-
Size
976KB
-
MD5
8c98eb666a6d89d604e514fc75bba87f
-
SHA1
089c24d6910fc10b03bc04a67657a8fcfd8ec1ae
-
SHA256
7eabb3c686efcf9fb94cb294cf762df34a1c1cfa9c561e2b805f0e3e3c82d397
-
SHA512
7de1225c30a36e0120246dd014b1e6262475ae120301325d20e44999ceb1991cb5a64639d5dff90aa99d01d1e17554c434fde994939e4d0f9558f857ecf9e34b
-
SSDEEP
6144:P5fRY89rex6LS4ujzcaxqVddXVmVpgE+kbDh8K7NZsskNMxua1fyH6sCNkoHELWq:RJAP+kb18Kn/xuYyasx4XTOCv7HDPAg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_8c98eb666a6d89d604e514fc75bba87f
Files
-
JaffaCakes118_8c98eb666a6d89d604e514fc75bba87f.exe windows:4 windows x86 arch:x86
4586d8f94d68fb08d775efeb07c22b43
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
RtlMoveMemory
msvbvm60
MethCallEngine
ord516
ord631
EVENT_SINK_AddRef
ord527
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ProcCallEngine
ord537
ord644
ord100
ord616
Sections
.text Size: 668KB - Virtual size: 666KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 121KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 304KB - Virtual size: 300KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ