09caf8a175c32a914a00f129c0fe2f27d16db67dd8ef75975307102ca6991a55

Analysis

max time kernel
119s
max time network
119s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
15/09/2024, 03:51

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

e1a5d7a26caed1ac5e7d448f111ff5a2_JaffaCakes118.exe
Size

205KB
MD5

e1a5d7a26caed1ac5e7d448f111ff5a2
SHA1

8052c5b22a1ce688e68fde263c8d65b434819d14
SHA256

09caf8a175c32a914a00f129c0fe2f27d16db67dd8ef75975307102ca6991a55
SHA512

1124df211d93503638dfd4732b37c45ea93e0f85a97361cc21675b6dfe383be0d0c29280cd1c96d297ee53a8b8dd87d609fd50ca42e9ae535dce2b4444dec071
SSDEEP

6144:D3nqe7J7lTNuGTeIYZNML4vQYqr9ah1XffaHl1lRKC3tXMztm5:DXqe7vTNuGTeU42r9ah1XffafMzM5

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	e1a5d7a26caed1ac5e7d448f111ff5a2_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\e1a5d7a26caed1ac5e7d448f111ff5a2_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\e1a5d7a26caed1ac5e7d448f111ff5a2_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2976

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads