f6fb6e02d07037db1c7a3ff178632116a42ab253ee7936a583b763506cce7108

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
04/10/2024, 07:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

126fb95280bbf8eb5fd2f8a8a314439c_JaffaCakes118.exe
Size

2.0MB
MD5

126fb95280bbf8eb5fd2f8a8a314439c
SHA1

0e4cf3fb2eadd5a2bab599cad03adfbd18ded3b6
SHA256

f6fb6e02d07037db1c7a3ff178632116a42ab253ee7936a583b763506cce7108
SHA512

6680be4cff997cc1cafd1d5f9fa6ebff22536f8b2eb0dd55d174c3c347e257b8bbb7c7ae72b85a7e2e737189fbfe1196b31acc785def37286ab346f29cb9674a
SSDEEP

49152:hD9huwDetY3zT+oZ9/2Zc9x1Q9ts/MqHL0+LIQYj8ANfwcIr:p9IwDetYuK9OkQU/Rr0o8IafwRr

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	126fb95280bbf8eb5fd2f8a8a314439c_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\126fb95280bbf8eb5fd2f8a8a314439c_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\126fb95280bbf8eb5fd2f8a8a314439c_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:1364

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads