7d1e487ffba88ba120aacc25fdfd8cf0d062595575aeceb5ed2dd98a1024cab6

Analysis

max time kernel
148s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
25-08-2024 20:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c18b035a5e6369f56bccab359960de47_JaffaCakes118.exe
Size

310KB
MD5

c18b035a5e6369f56bccab359960de47
SHA1

159ee1aceba5ffd769d1836e22448faa6e37e825
SHA256

7d1e487ffba88ba120aacc25fdfd8cf0d062595575aeceb5ed2dd98a1024cab6
SHA512

309fbdbfde797d1a2650302e78d633cb766ef5debf5a80ebf521fc8089c713b98323bf942c58457795c0481f82813b1366d4f99b7f1e244ca58a60777e5be2e8
SSDEEP

6144:v8Cble3G1TETUQx5EgF9jwt4AVxiw2+UNNUsgKujr8DNJl5zUrEPrkJKq:Jble3G1T2UQ5D9jwtRi/+mNUnKujGJlo

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	c18b035a5e6369f56bccab359960de47_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\c18b035a5e6369f56bccab359960de47_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\c18b035a5e6369f56bccab359960de47_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:396

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\FE68BC.tmp

Filesize
1020B

MD5
5878302875b8c79941aff51fb25ce50e

SHA1
266a99389c7125a6a00ffe25b476c42a9ab1b502

SHA256
40d67185a3c98120dae0052a1570206db4bbf81f6ebc95efb6f52633f36740f6

SHA512
be13b4bc9c593fb98aa26cc2feb073e7da78560f7ba98b4e86525d274eb24b23a97e6ec08a83bfd067df4edee234fe3fb88b1a14e6b3a174541984b7e74c6028

Download Submit