Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

12f79286e3...18.exe

windows7-x64

5

12f79286e3...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    141s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    04/10/2024, 10:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    12f79286e304ea052446af10a0e8bd26_JaffaCakes118.exe

  • Size

    644KB

  • MD5

    12f79286e304ea052446af10a0e8bd26

  • SHA1

    a30c764b3aaa6369be196f8ad554c0f540c6863d

  • SHA256

    7c4789acd258367e7e45b223845873d7d6c910f6dd6a7f88cab9ab36f969eeb5

  • SHA512

    36225f2a34e951931d89641c1fe6ef6e491c08dadf5c351286bb5a2dadf57abe326a8e33716b06bc47b03a56d9c7356575f5ca335eff3a84b2e2bb1f4bd171e6

  • SSDEEP

    12288:T5TbKPtqJudx1+Bsgth0L27/Pqrgf/WPUsSMPXsWS:9/eqJi+BhPiqqrWuPUJMPXJS

Score
5/10
discovery

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\12f79286e304ea052446af10a0e8bd26_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\12f79286e304ea052446af10a0e8bd26_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2396
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://4.bp.blogspot.com/-jss3pfHUEn0/Tnto6jrZcuI/AAAAAAAAFSU/vT2QZqFDxWU/selma.jpg
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:888
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:888 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1420

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc42a68e3c51070ffc260165e5326a88

    SHA1

    3ccd338e119298379ffc08fae1fcbc51418716db

    SHA256

    a81173fa90fe37fd0e7ecbfde0291979905d653bb55cf06e8add3a9365e43862

    SHA512

    4af5b503e8e9578d503220b435164ecb3cb20f8240ec73c2efd0989eada869816a42aef51676f499bf7dae3ba56a1d8516a6cb0c7768b314bb36944659a082ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aaac2cbab3a90f3fee35ec81e17beeed

    SHA1

    7ead83e8092906c860a544a7f401a4a265ab9622

    SHA256

    23987c86a06846b8307e59b8df7b41570330f5d61ab4831f3b8788645e74a800

    SHA512

    a6db2e3597464d4da34ebed69499e5833baa6fd128b1cff57ced03071aaff7a9ca3d4eb029eeab8932baebfece9902ea2b648a73b5129539d051ead49ae0122c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ff282df523117476f7746968422a238

    SHA1

    a4049c9f83e51f572305b999ed6b6912546a118d

    SHA256

    66d2eeaadb6a1e2ad12dba4f02ed76dbe8ddb04a5ff47fe6680e501623a427c8

    SHA512

    1f758b7c0022fdfebad9187ec6b44c96395b4ed79ceae4f69829c8978e96369f76ac024706955183a5969b279f5130847376af8942b2f44616b2c01290ab95b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b217824d086bb1489dcfb9f08307daf8

    SHA1

    3f4a98f731f47d5e1a2a4c26bf2a8c8afc0709aa

    SHA256

    f9e854a72bf86f75e58cf3c5b652306a308e67692489eaf1f8b62ab1a59629ef

    SHA512

    e765a22e77fe5c52d801f125b0e253b2bc8fb3e3c56a37bf7ee3bc29db920fca601df3888f0b81a55a84ebcb3c5b96226a3b73c1fc152527a23e126d5c082af7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5784d72124506aea13ac9e0beeef7da9

    SHA1

    e462dc6f51f82f9d0887c93838828837a5286f92

    SHA256

    35c3fdfb95ec1d5e52ced55138c9d09af89e5dbb1a28ed6057058bc48c88ae0d

    SHA512

    aa8c07fcc2096d1efe9a6204b8f02cfdf1900ac7711fbd89adcb6a4f215c53c791df58daba351fe37f6e856f3a16aac3ac5a379ba1aa6f4d5d39b2659348baec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c4a047377009a2c90054bd4ea9650cf

    SHA1

    b14c002a97bf136cb36f2d85ac9320a1ffcc3f54

    SHA256

    9fca7da97247f5ac27b23d040e08a235d59e184456c2760d54c50650a9ccace6

    SHA512

    b547b6101a69abace788b310bf8749247cb490115674e368dc1ef6817189419aab9997fffdaf56666e519522f8e44d205211bec78396d0aae1ebec7cd5381a8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d10f537ff85e066f2333f9e78f85a72

    SHA1

    8226332315f3aca5d585301c2a7f74697d7e0a94

    SHA256

    6f9fc2aaff62b2cf51065f9a51f412189d7a614e5d53dfd3a895f56e24d2904b

    SHA512

    b9a0efddb959c57f14d680a8f24cb67a82f7dca8cabf5b8e360367e9941c8519330865838fa8a7d7bef26d443558493fe08fa4c84a93de87a1df9ac01f25b42b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bbf3b96c61801232bde4168f3782a3e

    SHA1

    fb6b687d5d963279c23278914ed92e821879b427

    SHA256

    2448a9f614d54773871b8cc0344f6051423adefb205c7662ed683d3176884a9d

    SHA512

    08a8c21d4cb7176ca20cbb6b12964cb5ede79b68b35a95ce70e6a701579dc09d6f15b46420ab2ac06397cbcfe64425a51120c9c81c09ea63251fcd99aaafe196

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d8d66f696115d0be8c8b497d8a54fba

    SHA1

    8922bec7e3bbf1ebb42ec5d6a20586badf3e4ec4

    SHA256

    404b64554a2cb5aa202c9a68f11212e25eae3561e106f41766c58e871b1232c5

    SHA512

    60011437c7a3ffcfcf9281f5b6a6c3598ced1a562ced40fde4451caeb8930708af066ed09fd068f37ff08361bb8c1a61cf694d573bf12826c2ccfd7b8fd0d808

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bad997d5050d27ffe3314381d2ea8e4b

    SHA1

    198c764c060d81c8159bbf1e5c47f9b47a22c9f5

    SHA256

    f526e168c8dfabcdec37f9fa4d115dfc8ae67b4ba747a436522dc18de7bbe3f3

    SHA512

    fa036181fdc923312f58a6f9bcf217d4de7f66e924f7ea42b3ede7e76164dcc5a0c2b3887e7b4d070da4e9d6c335012dca789a0d8c23fdd73f19ac29fd06f116

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2cba1f6e9356cae7a8650956c4671c3

    SHA1

    a739dddf89d01a9f453430b47e895ec6a47230d0

    SHA256

    0c5c11904d34b372a5252b3abd5df04b9274f531e6800829da2177da110e535f

    SHA512

    2fede61762b0d74866a500f64842b59f53daa1da310928404736f56999f5d8acb060688ed02ab31fb7136117254ccb35ed8c779a5f0a5a37694ce90fd6a7cca8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb0c16b648428e88225abf3876491ef5

    SHA1

    81a767ecb8af5f875e4ad97cadfdd0d4e913f0de

    SHA256

    fe60d16870ca645f72824e3b4f2be1cfc1c0ccef7cf8da842fa3c71054dc0cc9

    SHA512

    bae48054fdc4e27b35d4c298ac4b03e364978b518b467c4b887992b1a164c5419cd517174dd6b9f0e8a2092e3359b7d1798661a0d8d01026f01698bac4e5c3a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e88eea4e39a0ea8739e4117e4efe489e

    SHA1

    540c22edcfb450b1727c08e98f9a75150e911246

    SHA256

    aad5cdfbee50cbf8d5611515c3767b902ac9d119aec8e2b813ec972787393264

    SHA512

    a882ccfc91d58c9df78c94813277420dceb9e0aa7d8c6645c3d49c398bf8896e724814d58424f66adfb447f116d431770759cd89bd294904c2f8ee0400535486

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68313af32533bf2a56d92d927fb59f1d

    SHA1

    dc4c4c9e83d82b09ee433f00f9b4d481c7ecd672

    SHA256

    45ea98e7a34e0e4ab0c9a66b9778c5fc4f9294687160737ffa2b77398d7b2082

    SHA512

    bcd9ced1aa2d52b9e788aed336425315f65ca6bdce7ceacc34a381d710ca0451d3c7a12947b82973a046307c4f265f6c63d0544ff7ea24daa0b2e99b765521f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14d59462cedd62141c95d3eabfa42419

    SHA1

    7b7f05ed1d2ccd60ac16a85f05a4b21ccf22b8ff

    SHA256

    3ec1b9e3bd6fca33807e72a55c6410ab1b29cc286eb1af9d1a5884ff013e2ca0

    SHA512

    2c7c2ca953ba35420de37c8dd749aa621987490e56b0e0ddc6ce85b5b78c19903d57c046282b22dea7891307b0b007cd4a5e0c456fe5541169627665e4ce0c8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d845a6aa3d21b2a2cd441f8afa593f94

    SHA1

    c706d84f462c6f9a147d9cb5296eb03f42f251e6

    SHA256

    3c349cccf21cfd11b92fdb577d828c448077a85ccdf1fe3c3eaab2d140b25de8

    SHA512

    241e127af6f6a7c22cc4d32fe3ac2a2ece60023ab36a06756873d9ee59536590593c414a68ea79bb2ad4952d22e87d2a5598fd16a5a2908e6482d4a6b24a8cff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba98433f56fb08e81456be83e226cfaf

    SHA1

    13f5a6071383647ec6000ed3e8e59edf391350fe

    SHA256

    21b669739d4ce3931a9bd241215c92cd75b5c71a33af601fc8f4a4f97b67f1d2

    SHA512

    86462d22a807623f2facd1eed961a25e6a6b7e3194932508b80098c2b2dd6e0ed6475774d448fd466ec1730d51d0751d3170cfcb0473534e7cab003ab5f56509

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20f6c622b0b302f538c1af1b244093b9

    SHA1

    1fda103338cd2c8fa5f7c152e37e0ac6e631ddb9

    SHA256

    3a434a2306598bbcf3fcb77dd5c2cbfefdabbe44f5d07c74431fe9eb0604dfa6

    SHA512

    b54fc9e6da1d34066ccc38c286b67d78b2da69599ea40d0cf0fe2bb7621df20d86ef60516fc4a777364e54131df3dbfbf67fef5e443ed7171bd10ae1083ae1c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d747654f2960335492055d6efde23e8a

    SHA1

    25fc9aa79e87ad1a7b4ea2ede1ab7e6bdbf1176e

    SHA256

    ff8bfbaade9a2fe83b0b1b08e8158bd739229159c9e2cf207b353efc4b34e7e2

    SHA512

    b11f167582c4f8c776a3c5e60349ecbd07a15820c1eea8c0bf116045a61e72f6eecdc2c3c9a10f1adb7ab5a2ef3b792190b1eb55d468bfb5a5e5b22c81195299

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\85y7ywt\imagestore.dat
    Filesize

    436B

    MD5

    5a8448cf246a74975896443c1b9b4905

    SHA1

    bdd1dc3d71f52fc7b5b9e532999708a160456e38

    SHA256

    adf100d6f3412d93df8afe16cb7b9ebba6868f1cb93c2220d08f28897aa6c201

    SHA512

    a04796dd828a86868892b17857f258aae5248a3665c8a67e77756e2d2bc57273d384decad3e6d6ca5cce82df8222aed17c1c770b7e230fa848a542464d552b81

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\84EXSCRK\favicon[1].ico
    Filesize

    318B

    MD5

    0d0d44ecfa8f2d183fcdb79bc7115553

    SHA1

    b312b71dcb6ced6cea971c7be08fec970a8c7e15

    SHA256

    5ed1c7a9bc03f5e700dce906abc6b9beee1be97e6cf4628da8f4f06fb097e548

    SHA512

    ef59bce052acec71bfead50990050982043758b04c5c0272a22cc41db5eaf5c6257fec7d672d7f84ad49e0d495ae333df37f69cddc0a39b3c22ddfd38158b9ab

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE0B1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE160.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2396-0-0x00000000003B0000-0x00000000003B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-442-0x0000000000400000-0x00000000004A7000-memory.dmp

    Filesize

    668KB

    Download

  • memory/2396-414-0x0000000000400000-0x00000000004A7000-memory.dmp

    Filesize

    668KB

    Download