35803ae768328bd785a2ac4c55bae22e0b73e4fa462fc03585859d831d2e1c5d

Analysis

max time kernel
133s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
22/08/2024, 22:10

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b94f5aa59f3a20599a3eb87e4af543b6_JaffaCakes118.exe
Size

77KB
MD5

b94f5aa59f3a20599a3eb87e4af543b6
SHA1

efdbb44446a2f560ca73713f61ca7bbd49df40d7
SHA256

35803ae768328bd785a2ac4c55bae22e0b73e4fa462fc03585859d831d2e1c5d
SHA512

3c614a313331ad4b2530f40a5f3a4c65586463ef5bf3de61ffd969bc0a018734d062f6ea271e11c62940694fba8c0d7e496da1372af2e04d81c1b2b1318cbad8
SSDEEP

1536:nrx5jII1vtjSI1ogLJOsKtdMlbTTx2ORFK7ULAD:rx5kI1RtOqlN2ORFGULY

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	b94f5aa59f3a20599a3eb87e4af543b6_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\b94f5aa59f3a20599a3eb87e4af543b6_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\b94f5aa59f3a20599a3eb87e4af543b6_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:3084

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads