d5bec7f0fa7cd706628eb3c476ab9cf130628de148733574dc91427df0a5cd81

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
11/09/2024, 20:53

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

db32ce7fe7441dff28653bf65952b116_JaffaCakes118.exe
Size

76KB
MD5

db32ce7fe7441dff28653bf65952b116
SHA1

0d79b757999549b7bd9de71475e4cbc4cc6778eb
SHA256

d5bec7f0fa7cd706628eb3c476ab9cf130628de148733574dc91427df0a5cd81
SHA512

c4657806fb1e8d2aeae800e3a88f486e3b6430efe39ddab348790f02aba5355cd462796647787c7827963e528e6d10bc37fa0761d941b962d7614cf9f8fa92dc
SSDEEP

1536:+0qgVbX/GBy7b9fcnpdTrx1Z/jy+6IEoUz:+swg/unJjJ6IEoUz

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	db32ce7fe7441dff28653bf65952b116_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\db32ce7fe7441dff28653bf65952b116_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\db32ce7fe7441dff28653bf65952b116_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:1880

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads