0647b2d9ac2bfb9ae2295277ec30c7b9a232fb8806e943e3664381a251e22848

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
11-09-2024 22:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

db5393f6f301e7c29b327f17512ded28_JaffaCakes118.exe
Size

664KB
MD5

db5393f6f301e7c29b327f17512ded28
SHA1

502a56d14ea47d36372698b2b02134d772582caa
SHA256

0647b2d9ac2bfb9ae2295277ec30c7b9a232fb8806e943e3664381a251e22848
SHA512

7bb5fbb6a05e063b8e8a77ad5229654bbb5170879f06d50fe66bb7271f18b74f94ce692b2aa33ddb9e3f30356734b9dbb4af0b4f114d6c516eb11d23c0da8e0e
SSDEEP

12288:0tAl+5h74BeJCZpQcXrRxE4MeN7eLc9tnl1EINSDsgBIJTDKn/uA3cI:QAl+5KbQWVMvA9tlpUQguAn/uA37

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	db5393f6f301e7c29b327f17512ded28_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\db5393f6f301e7c29b327f17512ded28_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\db5393f6f301e7c29b327f17512ded28_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:3044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads