15b4059ac7d28bb60a025350d88aba10e8a630375ca4d6b0eca2e3e16abdab3e

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
19/08/2024, 14:00

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ab4d8d321b135bcd4f0a1aa7b099b253_JaffaCakes118.exe
Size

60KB
MD5

ab4d8d321b135bcd4f0a1aa7b099b253
SHA1

fae25077939f1b95b0b34d6a2f6de263ef5983c9
SHA256

15b4059ac7d28bb60a025350d88aba10e8a630375ca4d6b0eca2e3e16abdab3e
SHA512

6f5f5994ffd44ad5697b7f2542a30b5ff2288a0875b0babdae24450f2b67297167496d63cc96e0e5967a3bdac9967b77fe1c37a81b1979096a43f3f0051dac60
SSDEEP

384:iVIKp+wgrbz9TaavtvNs+D+msC8Ed1qHRK1RbIGtIyFTYlbbbXj7aK7pUU8jTN:iVIkO5tOgsC8E/2RKrIaIPb7amnoJ

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ab4d8d321b135bcd4f0a1aa7b099b253_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\ab4d8d321b135bcd4f0a1aa7b099b253_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\ab4d8d321b135bcd4f0a1aa7b099b253_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:1656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads