1c2d3d5c8b9c9cb9bd92d4a680c189aac58f59ea65530830a7b2e1eae28b4552

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
10/08/2024, 06:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

85170860f84fc5f30f42a6ac3061cc22_JaffaCakes118.exe
Size

716KB
MD5

85170860f84fc5f30f42a6ac3061cc22
SHA1

ff236fa9da080d22df44e03d5977fe8c5ed322de
SHA256

1c2d3d5c8b9c9cb9bd92d4a680c189aac58f59ea65530830a7b2e1eae28b4552
SHA512

21daed2abeefe6211c6cb151c6e1ab82474933606eb7ecf388c7c87e6ccd6f643eb6d913822ade1db55156efc6f974dfab3282ac3aa20e792ea36ee861f27cbc
SSDEEP

12288:UXuDT8+rNVj0NbYTuJsZZRB2phVlQDao1hk1E9OPUcnAaBlwXewGar:UXuDT8+ZVANaw4ZrUA//WPXnCew

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	85170860f84fc5f30f42a6ac3061cc22_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\85170860f84fc5f30f42a6ac3061cc22_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\85170860f84fc5f30f42a6ac3061cc22_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2936

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads