971934f8f26d7064ebc1f2049d5caa56a17f1b085ab5215cfeafc37bd5dfc2db

Analysis

max time kernel
140s
max time network
121s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
26/07/2024, 17:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

750ea677d93a039d5c4d122571a033e8_JaffaCakes118.exe
Size

538KB
MD5

750ea677d93a039d5c4d122571a033e8
SHA1

5b18c60ac65e80b361c6ff95ac1c78acc086acc2
SHA256

971934f8f26d7064ebc1f2049d5caa56a17f1b085ab5215cfeafc37bd5dfc2db
SHA512

3e99b8b162e217ea715d067bfeecdfa995d50608afd742b49e44de28c405853372c16da302b299d16e563608a6a11ee4439324d4e0093b34fa1883896656b8cb
SSDEEP

12288:qDMJHc/tHv4rWrljlTISu1c2obY7LD0vySKrKF7w1xe:Wv4rW7aocrw/KrKF7we

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	750ea677d93a039d5c4d122571a033e8_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\750ea677d93a039d5c4d122571a033e8_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\750ea677d93a039d5c4d122571a033e8_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:332

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/332-1-0x0000000000290000-0x00000000002E0000-memory.dmp

Filesize
320KB

Download
memory/332-0-0x0000000000400000-0x0000000000501000-memory.dmp

Filesize
1.0MB

Download
memory/332-7-0x00000000003B0000-0x00000000003B1000-memory.dmp

Filesize
4KB

Download
memory/332-9-0x0000000002AE0000-0x0000000002AE1000-memory.dmp

Filesize
4KB

Download
memory/332-8-0x0000000000380000-0x0000000000381000-memory.dmp

Filesize
4KB

Download
memory/332-6-0x0000000000370000-0x0000000000371000-memory.dmp

Filesize
4KB

Download
memory/332-5-0x00000000002E0000-0x00000000002E1000-memory.dmp

Filesize
4KB

Download
memory/332-4-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/332-3-0x0000000000250000-0x0000000000251000-memory.dmp

Filesize
4KB

Download
memory/332-2-0x00000000003A0000-0x00000000003A1000-memory.dmp

Filesize
4KB

Download
memory/332-14-0x00000000003E0000-0x00000000003E1000-memory.dmp

Filesize
4KB

Download
memory/332-15-0x00000000003D0000-0x00000000003D1000-memory.dmp

Filesize
4KB

Download
memory/332-13-0x0000000000560000-0x0000000000561000-memory.dmp

Filesize
4KB

Download
memory/332-12-0x0000000002AD0000-0x0000000002AD2000-memory.dmp

Filesize
8KB

Download
memory/332-11-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/332-10-0x0000000002AE0000-0x0000000002AE1000-memory.dmp

Filesize
4KB

Download
memory/332-20-0x00000000003F0000-0x00000000003F1000-memory.dmp

Filesize
4KB

Download
memory/332-19-0x0000000000540000-0x0000000000541000-memory.dmp

Filesize
4KB

Download
memory/332-18-0x00000000005B0000-0x00000000005B1000-memory.dmp

Filesize
4KB

Download
memory/332-17-0x0000000000530000-0x0000000000531000-memory.dmp

Filesize
4KB

Download
memory/332-16-0x0000000000520000-0x0000000000521000-memory.dmp

Filesize
4KB

Download
memory/332-29-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/332-28-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/332-27-0x0000000002AC0000-0x0000000002AC2000-memory.dmp

Filesize
8KB

Download
memory/332-26-0x0000000000600000-0x0000000000601000-memory.dmp

Filesize
4KB

Download
memory/332-25-0x0000000000640000-0x0000000000641000-memory.dmp

Filesize
4KB

Download
memory/332-24-0x0000000000630000-0x0000000000631000-memory.dmp

Filesize
4KB

Download
memory/332-23-0x0000000000620000-0x0000000000621000-memory.dmp

Filesize
4KB

Download
memory/332-22-0x00000000005D0000-0x00000000005D1000-memory.dmp

Filesize
4KB

Download
memory/332-21-0x00000000005E0000-0x00000000005E1000-memory.dmp

Filesize
4KB

Download
memory/332-30-0x0000000000400000-0x0000000000501000-memory.dmp

Filesize
1.0MB

Download
memory/332-31-0x0000000000290000-0x00000000002E0000-memory.dmp

Filesize
320KB

Download