0d1e69541207bfb895832a005963c0f134e8c92031bc1d5869c0d18a8cb04922

Analysis

max time kernel
142s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19/08/2024, 13:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ab36e092eb442a00df230a19d6e1133f_JaffaCakes118.exe
Size

76KB
MD5

ab36e092eb442a00df230a19d6e1133f
SHA1

053c4f45f8d56802e001a1aad442b2b537d05274
SHA256

0d1e69541207bfb895832a005963c0f134e8c92031bc1d5869c0d18a8cb04922
SHA512

e8fc1c05bca10f1acdd5c3524742553f5054046cef4ffdb32698d0327f5eb4cf5f5c52f2d61753a15363ff34b3e8be23bc38d24e7d5e0aabff253b4744e40924
SSDEEP

1536:my+uPToL14B9xxfi7vCyz09hUac7aSWBpdkitbFbQ:my+XiRdi7vCyz09hUac7GtbFE

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ab36e092eb442a00df230a19d6e1133f_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\ab36e092eb442a00df230a19d6e1133f_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\ab36e092eb442a00df230a19d6e1133f_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:3304

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads