7c5f28ad4fcebb9a56f31ee8e19fdf3ee8d2816ed3ea9886cf13481cf2f1b7d9

Analysis

max time kernel
141s
max time network
123s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
25-08-2024 00:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bfc71a5a8bcfb62fb31e8c5e54921942_JaffaCakes118.exe
Size

453KB
MD5

bfc71a5a8bcfb62fb31e8c5e54921942
SHA1

84a855f3426b777dd0a6f007d5bddcbb35d273d0
SHA256

7c5f28ad4fcebb9a56f31ee8e19fdf3ee8d2816ed3ea9886cf13481cf2f1b7d9
SHA512

8a2e40151590017b777ac52bcc71f046480cd988192eb5e8df9b7ab9e2f10e508c28522d574b15102606a538e5df1045b7677dc2ba97bea5b6bf4c164c875c25
SSDEEP

12288:8USKW0BeZMV6Vond0EOcd7WBGkE1ZQ4u7h:8vj/aV/qwd72Ga/

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	bfc71a5a8bcfb62fb31e8c5e54921942_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\bfc71a5a8bcfb62fb31e8c5e54921942_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\bfc71a5a8bcfb62fb31e8c5e54921942_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2064

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2064-0-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/2064-1-0x0000000000400000-0x0000000000478000-memory.dmp

Filesize
480KB

Download
memory/2064-2-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download