233e108c60b9c194af101d4c0a469d790e750967133e16f3fd649d65c63df03c

Analysis

max time kernel
138s
max time network
123s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10/08/2024, 15:01

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

868607045e6dd1bf6688a8a2cc172272_JaffaCakes118.exe
Size

92KB
MD5

868607045e6dd1bf6688a8a2cc172272
SHA1

f46677c497f0981944e7f0f9f5ea32d150139b8a
SHA256

233e108c60b9c194af101d4c0a469d790e750967133e16f3fd649d65c63df03c
SHA512

269d3f4819a1eca1fbeae3fcaae818a048e78640c5fc9a763a44862ccacdbcbf0ea57c8c89bb17155f18f06c49a3c5d71781cfa9b4ebe72d492853b188d4e32b
SSDEEP

768:eIarGrdrLSMudKr4aY5S7I1luCQKcW77aA13ix6vE0wxn2pHQazTnQf7UIhTZDY+:eFSBq7K4aYw7oQlWaA1nEjMVQxFqGnD

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	868607045e6dd1bf6688a8a2cc172272_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\868607045e6dd1bf6688a8a2cc172272_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\868607045e6dd1bf6688a8a2cc172272_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:1776

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads