b4466e236530e0b8a02ec81ba83d20b1b59cab03a87df145d2dfad243a04bc8c

Analysis

max time kernel
136s
max time network
122s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10/08/2024, 23:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

881d3ee1a98901e8890ffc8bcc505915_JaffaCakes118.exe
Size

88KB
MD5

881d3ee1a98901e8890ffc8bcc505915
SHA1

2a3677bc4896f6abceefa4ca5b3ec40bc12ec648
SHA256

b4466e236530e0b8a02ec81ba83d20b1b59cab03a87df145d2dfad243a04bc8c
SHA512

23b9d87e3d70488c6da7813ad2f8d419c4b7f4af68b8957569342b536b26e4d30454a76aef12c9de69426c01c358faaa1f177945dcd69d4eccf0b60a12645ff8
SSDEEP

1536:b9TkQrZilb+qpx7KJ4cWPNHyLZlMdNYt/U:QR8JOY9GdOt/U

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	881d3ee1a98901e8890ffc8bcc505915_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\881d3ee1a98901e8890ffc8bcc505915_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\881d3ee1a98901e8890ffc8bcc505915_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:4992

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads