a4a1044a5e39d02fac171cb3d620592df838853b7999d4ab2be4517d359c9a88

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
23/08/2024, 09:23

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

bb29f574767d19785542f2fe9ccfad87_JaffaCakes118.exe
Size

40KB
MD5

bb29f574767d19785542f2fe9ccfad87
SHA1

4fc01d524f1b9ab881491c07820e423c7abff682
SHA256

a4a1044a5e39d02fac171cb3d620592df838853b7999d4ab2be4517d359c9a88
SHA512

8a041dcc5ac818e49fca46bacfd6b46584b31d800e9cfd57f627debb7a124dc6e5aaf24bc73092dd6e9667d3c1eb6199b67e70f9131c9b078301fbbae976bfe3
SSDEEP

768:qPyOSE/Q18ztttZZk7w4UyyN0HKwurChbyutGKwurFehgictwdPNSCRI/mNZ9CjY:JV1OtttZZyw4UlNzwurChmunwurFeDdX

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	bb29f574767d19785542f2fe9ccfad87_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\bb29f574767d19785542f2fe9ccfad87_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\bb29f574767d19785542f2fe9ccfad87_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:3008

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads