82b6b40195211d8a25a2fb11fa24f4141cce1208889d8c814e819a86d57060f7

Analysis

max time kernel
121s
max time network
121s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
07-09-2024 09:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d1a1bc1b4adee0ead02152afa3fec1dd_JaffaCakes118.exe
Size

9KB
MD5

d1a1bc1b4adee0ead02152afa3fec1dd
SHA1

1297dcefd3c9a98b8d76da9cd89bb29519cd3209
SHA256

82b6b40195211d8a25a2fb11fa24f4141cce1208889d8c814e819a86d57060f7
SHA512

bd4d5172a7a2dbb6d11086a8ac5d325b843e999bdeb0f9db8ddb1066594a957e7b6c80235f5764ad5d147ed07803e4fe51d764be4ea20cb04f43bcd1f6551f45
SSDEEP

24:cfPB5bfO4BPcIXlJMs/nHHNs2wsM4zjsEpfRBIzsnNA7guVldvSc4KKsosbv4JbV:o/bpxpnyWH0YBIzsqSNK1j4NvsZNe

Score

3^/10

discovery

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	d1a1bc1b4adee0ead02152afa3fec1dd_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\d1a1bc1b4adee0ead02152afa3fec1dd_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\d1a1bc1b4adee0ead02152afa3fec1dd_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:632

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\18þÿÿj

Filesize
4.0MB

MD5
e5ce2dea38c4c916d7f2d5505374e0b2

SHA1
5d2c9a4af7c1adb40ad9fa5ad1643b0e260e0601

SHA256
de5b53091553d1200164f1c947ffa6e3fdfda4fdbf12f9a81b159b0478c6b9cd

SHA512
ea4b3b29263d5593791e120046fa6d16a066605328b0d7e877a9208c1d11b5328c990b6e80139437ee9db6333703024e786f371262e51d0a87b5389ba3ba1af7

Download Submit