6be0fe1bc7871d9812ea5fd98d33fa0d58a5a0de29acfbffb50b0326abcde464

Analysis

max time kernel
93s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02-10-2024 04:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

08e4ba5917361f6cae8f378f3ab3020f_JaffaCakes118.exe
Size

17KB
MD5

08e4ba5917361f6cae8f378f3ab3020f
SHA1

3f8e6a546a68f608797ca26b09343e92bb76d96e
SHA256

6be0fe1bc7871d9812ea5fd98d33fa0d58a5a0de29acfbffb50b0326abcde464
SHA512

5384b8bf7a792e10db9771586b2f6f482a0b07309f4f355f1815e147517ad60c0eba576da1328091ec67cf18094cbf8f1743f7f0825900c8967b25495f08c09c
SSDEEP

384:lcEh3HoOO9KOpbA0EICjw7OLy0yUCSJl2Ia9t1LmvUxYowWzZFW9lObtMPPh36:N5IO++e7OLvyUzD2IaAvUxYowTPh

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	08e4ba5917361f6cae8f378f3ab3020f_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\08e4ba5917361f6cae8f378f3ab3020f_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\08e4ba5917361f6cae8f378f3ab3020f_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:4032

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads