813be18272e72c752c0bef558ef2130e5b2798390eff52e1040f3164515ec06a

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
12/09/2024, 17:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

dcbd263c7c7f7732bb79dd14115b302a_JaffaCakes118.exe
Size

36KB
MD5

dcbd263c7c7f7732bb79dd14115b302a
SHA1

453ad47029748ed5c38f89abd927d2eb0bbda104
SHA256

813be18272e72c752c0bef558ef2130e5b2798390eff52e1040f3164515ec06a
SHA512

9f5947ac655397e3890b3404908fd84ae5a05e52082633aa488f83bbbc704ab170880c50dc4d806d471a630ed978e7fc60b3ded5391210f3870b9b93156eed66
SSDEEP

384:smgOOfCW5plhNqHlwgShj/lDo3N7xYrWu7lAkx2Gs2/97fuG6pEvCNDZSnVH:/OfCW5FjfZMd7xYreCF7fKpEa9YV

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dcbd263c7c7f7732bb79dd14115b302a_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2516	dcbd263c7c7f7732bb79dd14115b302a_JaffaCakes118.exe
2516	dcbd263c7c7f7732bb79dd14115b302a_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\dcbd263c7c7f7732bb79dd14115b302a_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\dcbd263c7c7f7732bb79dd14115b302a_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2516

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads