7de56330daba4f939bec9aef42906356e455f6bbc43e1c5cb4140f1b19136b0f

Analysis

max time kernel
13s
max time network
19s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
08-09-2024 02:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d3538e2b4c5e51d79f07c31144c6e903_JaffaCakes118.exe
Size

52KB
MD5

d3538e2b4c5e51d79f07c31144c6e903
SHA1

c6f6f86d7a4d66a7f5f2d46b457d2539f10365d1
SHA256

7de56330daba4f939bec9aef42906356e455f6bbc43e1c5cb4140f1b19136b0f
SHA512

2179c5fd26e96e50131c868e85d0234c5783a4aef48d967d198249209b92f291b9c46510644c29796c8a3164b2fad30431064562ea95c8ca9265b4471321e208
SSDEEP

768:/9yXrc1EbUzyu52vAMyI/hCWJVBd5Sfs:/Qo1Cu55yAVZWVdH

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	d3538e2b4c5e51d79f07c31144c6e903_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
984	d3538e2b4c5e51d79f07c31144c6e903_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\d3538e2b4c5e51d79f07c31144c6e903_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\d3538e2b4c5e51d79f07c31144c6e903_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:984

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\CloneF_4.exe

Filesize
52KB

MD5
b40b73ba425ea8a1d56fe1655845ce98

SHA1
c695ccae537bf776916798b377735632e14e2a7b

SHA256
772da7a4233c9a84f354744f078d36567a36a5a03cb5484c1db80950f5c347a2

SHA512
0dee12b2786540e9a0156a024ae99871bc16973b7d8fc2df48e42eb62b4d8a9ae66f92e7774b50e70ddc7d840072cdc91514f27047ad0cee3798643230de8e08

Download Submit